DOCSLIB.ORG

Vendor Lock-In / Lack of Standards – Security and Privacy

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Infrastructure in the Cloud: Getting the Right Deal By Marc Lindsey Agenda • Cloud Computing Overview • Infrastructure, Risks and Responsibilities • Deal Tips • Closing Thoughts • Open Discussion and Questions Overview Defining Cloud Computing • The essential characteristics – Made available to users remotely via an IP- based network – Employs “virtualization” technology – High elasticity and scalability – Automated self-service provisioning tools – Metered usage Defining Cloud Computing “SPI” Service Delivery Framework Obtained via Creative Commons license Defining Cloud Computing • Deployment models – Public – Multi-tenancy with shared resources available over the Web – Private – Data center infrastructure dedicated to a single company that uses virtualization technology, and provisioning/self-service automation – Community – A special purpose private cloud serving multiple organizations. – Public-Private Hybrid • Private cloud used to host business critical applications and sensitive data • Public cloud for non-core applications and generic data Hybrid Cloud Illustration Public Cloud PublicPublic Cloud Cloud Computing Computing Services Services Database Storage Database Storage service service Enterprise IAM Apps Servers Database Storage Public Cloud Drivers • Done right, public cloud computing can yield – Reduced implementation effort and cost – No lump sum licensing fees or equipment purchases – Rapid transition to new technologies and processes – Lower total cost of usage – Better resource elasticity and scalability – Improved availability of applications to mobile/remote workers – More efficient and effective management of technology resources by vendors with specialized skills – Fewer IT management-maintenance-upgrade hassles Enterprise Use Cases • SaaS – CRM & ERP (e.g., Salesforce.com, Netsuite, RightNow) – UC & Collaboration (e.g., Microsoft Office 365, Vz UUCaaS, Cisco WebEx) – Service management (e.g., SecureWorks, RightScale) – Email (e.g., Microsoft and Google) • PaaS (e.g., Force.com, Google App Engine, Microsoft Azure, VMForce) – Organizations develop, test and put into production custom apps • Iasi – Sharing computational workloads during peak usage – Hosting third-party, custom applications and eCommerce sites – On-line storage – Application development and testing Some Leading Infrastructure Providers • Public Iasi – Amazon • Innovator that leads the back • Struggling to win over large enterprises – Verizon / Terremark • Service offerings and processes are evolving rapidly • Demonstrated willingness to make deals to win enterprise business – Rackspace – AT&T (Synaptic Compute) • Long-term experience with enterprise hosting • Telco deal approach is less than nimble and flexible – GoGrid – IBM (Iasi for development and test, mostly) – Savvis/CenturyLink • Private Cloud (too many to list) – VCE – Joynet – CSC (BizCloud) – IBM Public Iasi Risks & Responsibilities Risks • Familiar IT risks apply to services in the cloud • Some risks are heightened – Vendor lock-in / lack of standards – Security and privacy Vendor Lock-In • Three primary concerns – Data portability – Application portability – Infrastructure interoperability Vendor Lock-In • Data portability – Customer controls logical access to the applications, database and storage so data access isn’t a problem – But vendor tools and assistance to extract and transfer data are still desirable • Application portability – Applications are customer-provided, but server VM images may be locked-up or configured uniquely for the vendor’s infrastructure • Infrastructure interoperability – How portable are the server VM images, and how unique is your vendor’s virtualization layer? – Can you bring your own server software and licenses? Information Security • Linking control and responsibility can be challenging – Start with solution/vendor selection and evaluation – Specify obligations and consequences in the contract – Incident monitoring and management – Auditing, validation testing, and process improvements • Three layers to consider – Infrastructure – Application – Data Information Security Primary Threats • Infrastructure – Logical – Host and network intrusion, DDoS, etc. – Physical – Unauthorized access or destruction • Applications – Programming errors, back doors, poor patch management, hackers, viruses • Data – Unauthorized access or disclosure – Loss or corruption – Impaired data lineage (where has it been?) – Concerns about data processing accuracy (provenance) – Data remnants (gone but not forgotten) Information Security Typical Countermeasures • Business continuity and DR processes – Resiliency is implied, but caveat emptor – Continuity processes should satisfy business requirements • Incident avoidance, detection and mitigation tools • Mature service management – Automation orchestration occurs in the cloud – Streamline (but don’t ignore) change management • Secure code design, and periodic code review • Data encryption – but it has limits • Data clearing and sanitizing • Avoid placing sensitive data in public clouds • Solid identity and access management (IdAM) Information Security Infrastructure Responsibilities • Vendor secures from virtualization layer down • Customer is typically responsible for logical host security – Monitoring the O/S and application for intrusions and attacks – Encrypting in-transit and stored data • Some Iasi vendors offer optional security services Information Security Application and Data Responsibilities • Applications – Customer fully owns all aspects of app and database security management – But some vendors offer security management options for common apps – Extra concerns when providers have application-layer access • Data – Customer is primarily responsible for data security, but clearing and sanitizing infrastructure components is a vendor responsibility Information Security User Access and Authentication • Key identity and access management (IdAM) tasks – Identification and authentication – Role based authorization – Monitoring and auditing access • Federated single sign on (SSO) is IAM nirvana • Standards and best practices are emerging, e.g., – SAML and WS Federation for ID and authentication – XACML for access • IdAM as a Service (e.g., Ping Identity, Symplified) • Application management appliances (e.g., VMware’s Horizon App Manager) Privacy and Information Security Compliance • You can assign privacy responsibility to vendors, but you can’t delegate accountability through contracts • Extend the enterprise security / compliance program to the cloud – Identify and classify information assets / data, and risk levels – Identify / develop appropriate key controls – Map controls to vendor (and vendor sub) responsibilities – Key controls are derived from various sources – Monitoring, management and audit – Impose limits on subcontractors (watch out for stealth subs) – Regionalize solutions as required • Don’t let the contract fine print undermine the program Public IaaS Deal Tips Term and Commitments • Term – There is no need to commit to a term, but vendors may try to make a term financially attractive – Anything longer than 1-year should be scrutinized – Renewals at the customer’s option • Revenue or resource minimum commitments – There shouldn't be any, but – Vendors offer better unit pricing in exchange for minimum subscription levels over fixed terms • Commitments may be hidden in termination fees Pricing • Pricing model – Per resource / per hour, day, month – Charges for upgraded support, and perhaps implementation – Subscription levels with “penalties” – Change charges • Standard self-service changes / provisioning incur fixed charges • Non-standard changes are ICB • The difference is often defined in the vendor’s on-line service catalog, which it can change at any time • Expect an uplift for expedites • Should you include a benchmarking clause? Service Levels • Public IaaS cloud deals must include SLAs • Key SLA metrics – System availability/uptime – Management portal/tools availability/uptime – Incident response and resolution times – Resource deployment timeliness – Configuration change timeliness – Back up success rate, and restoration times after a data loss event – Service restoration times in response to disasters Standard Terms of Use • Cloud providers often try to push click-wrap agreements onto individual end users that access the cloud (EULAs) – Who do they bind? – What about subsequent changes to the EULA? • Taking service via click-wrap and a credit card – It is not the value of the services that matters; beware the seduction of the free trial offer – Use enterprise agreements whenever real information assets or consumer data will touch -- or be accessible from -- the cloud Intellectual Property Matters • 3rd party consents for customer-provided software • Infringement indemnifications – Geographic limits on covered claims – Carve-outs for combinations and modifications – Exclusion from limits on liability • Incorporation of third-party licenses for vendor-provided software – Try to avoid entering into direct contracts with the vendor’s suppliers – Vendors will attempt to disclaim responsibility for their third-party licensors Closing Thoughts Cloud Roadmap • Involve cross-disciplinary teams • Identify use cases that are right for your business • Match use cases to delivery / deployment models • Lay out practical milestones • Treat in-house IT resources, managed services, and outsourcing as competitive alternatives • Employ sourcing, service management and security programs tuned for the cloud’s unique challenges Questions? Speaker Information Marc Lindsey Levine, Blaszak, Block & Boothby, LLP (202) 857-2546 [email protected] www.lb3law.com .
Recommended publications
  • Data Sheet Netsuite Integration Tools Achieve Cloud Business Efficiency and Preserve Existing Investments by Integrating with Third-Party Applications

    Data Sheet Netsuite Integration Tools Achieve Cloud Business Efficiency and Preserve Existing Investments by Integrating with Third-Party Applications

    Data Sheet NetSuite Integration Tools Achieve Cloud Business Efficiency and Preserve Existing Investments by Integrating with Third-Party Applications NetSuite provides a complete cloud business management platform to power an entire business— but the reality is many companies may already be running other third-party on-premise or cloud applications for specific business processes, or they may have invested significant resources in an on-premise ERP solution like Oracle or SAP. The SuiteCloud development platform and SuiteCloud Connect integration solutions let you seamlessly integrate NetSuite with your existing systems, preserving your investments and enabling new business efficiency. In particular, a two-tier ERP model is fast emerging as the solution of choice for multinational companies expanding into new lines of business or geographic subsidiaries, or seeking standardization across a distributed environment. With a two-tier ERP model, enterprises are deploying cloud business management across their subsidiaries and synching it to on-premise ERP at headquarters at a fraction of the time and cost required for an in-house ERP deployment. With SuiteCloud integration solutions, NetSuite customers and partners can rapidly extend and integrate NetSuite capabilities for ERP/financials, CRM, ecommerce with other business systems, streamlining processes and speeding business value. SuiteCloud Connect Enterprises deploying NetSuite can use NetSuite’s SuiteCloud Connect solutions for best practices- based integration with Oracle or SAP, as well as Salesforce.com and Google. SuiteCloud Connect is based on the SuiteCloud platform, providing standards-based technology to enable the free flow of financial, supply chain and customer information between NetSuite and other business applications or cloud platforms, or between divisions running NetSuite and on-premise ERP systems at headquarters in a two-tier ERP model.
  • Informatica Intelligent Cloud Services

    Informatica Intelligent Cloud Services

    Informatica® Intelligent Cloud Services Summer 2019 July Data Integration Connections Informatica Intelligent Cloud Services Data Integration Connections Summer 2019 July July 2019 © Copyright Informatica LLC 2006, 2019 This software and documentation are provided only under a separate license agreement containing restrictions on use and disclosure. No part of this document may be reproduced or transmitted in any form, by any means (electronic, photocopying, recording or otherwise) without prior consent of Informatica LLC. U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation is subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License. Informatica, Informatica Cloud, Informatica Intelligent Cloud Services, PowerCenter, PowerExchange, and the Informatica logo are trademarks or registered trademarks of Informatica LLC in the United States and many jurisdictions throughout the world. A current list of Informatica trademarks is available on the web at https:// www.informatica.com/trademarks.html. Other company and product names may be trade names or trademarks of their respective owners. Portions of this software and/or documentation are subject to copyright held by third parties. Required third party notices are included with the product. The information in this documentation is subject to change without notice.
  • Cloud Computing

    Cloud Computing

    Cloud Computing By Dennis Schmidt, Director, Office of Information Systems, UNC School of Medicine, and the GIR Information Security Working Group Cloud computing provides computing resources as an online service, not as a physical product. The user typically has little knowledge of the physical makeup or location of the supporting infrastructure. (Analogy: You buy electrical service instead of generating it yourself.) An entire spectrum of potentially lower cost, easy-to-use services with high reliability and rapid startup times is now available. Researchers and users are demanding access to the capabilities that these services provide, but security officers are reluctant to give them access and academic IT organizations are not typically resourced to provide them locally. This document provides some basic high level information and recommendations that institutions should consider before venturing into the public cloud. Types of Clouds: Security Concerns: Institutional Policies Should: Public cloud: available to the general public or a large industry group and is Access controls (Who has access to your data?) Address processing or storing owned by an organization providing cloud services. Lower cost, higher risk. Data Location (Is it being stored in a foreign country, not sensitive information in the cloud Private cloud: operated solely for one organization. It may be managed by subject to US laws?) Require that proper technical the organization or a third party and may exist on premise or off premise. Encryption (Is the data encrypted?
  • Saas Entrepreneur: the Definitive Guide to Succeeding in Your Cloud Application Business by Merrill R

    Saas Entrepreneur: the Definitive Guide to Succeeding in Your Cloud Application Business by Merrill R

    YOUR COMPLIMENTARY CHAPTER CHAPTER 1: SaaS and the Power of Communities SaaS Entrepreneur: The Definitive Guide to Succeeding in Your Cloud Application Business by Merrill R. Chapman www.progress.com Foreword: An interview with Zach Nelson, CEO of NetSuite Zach Nelson is an accomplished soft ware in- dustry executive and visionary with more than 20 years of leadership experience. He has held a variety of executive positions spanning mar- keting, sales, product development and business strategy with leading companies such as Oracle, Sun Microsystems, and McAfee/Network As- sociates. In 2002 he took the helm of NetSuite and grew the firm exponentially to its current position as one of the industry’s leading SaaS companies, with 2011 revenues of $236.3M, a 22% increase over 2010. NetSuite is a publicly held company, with 1.3K employees and a market cap currently hovering in the range of $3B. Th e company’s principle stockholder is Larry Ellison of Oracle. Both NetSuite and Salesforce.com were founded on investments by Ellison, which is why we find it very funny when various industry pundits proclaim that Oracle does not ‘get’ SaaS. Really. As the primary driver of NetSuite’s vision and market direction, Zach led the company’s successful IPO in December 2007. In early 2008 he provided the keynote presentation at our first SaaS University conference in Atlanta, and once again in 2012 at the session in Austin, TX. Zach holds a patent in the field of application integration, and has several other applications pending approval. He holds B.S. and M.A.
  • Cutter IT Journal

    Cutter IT Journal

    Cutter The Journal of IT Journal Information Technology Management Vol. 26, No. 3 March 2013 “Cloud service providers, the IT industry, professional The Emerging Cloud Ecosystem: and industry associations, governments, and IT pro- Innovative New Services and fessionals all have a role to Business Models play in shaping, fostering, and harnessing the full potential of the emerging cloud ecosystem.” Opening Statement — San Murugesan, by San Murugesan . 3 Guest Editor Merging IaaS with PaaS to Deliver Robust Development Tools by Beth Cohen . 6 Intrusion Detection as a Service (IDaaS) in an Open Source Cloud Infrastructure by John Prakash Veigas and K Chandra Sekaran . 12 Cloud Ecology: Surviving in the Jungle by Claude R. Baudoin . 19 The Promise of a Diverse, Interoperable Cloud Ecosystem — And Recommendations for Realizing It by Kathy L. Grise . 26 NOT FOR DISTRIBUTION For authorized use, contact Cutter Consortium: +1 781 648 8700 [email protected] Cutter IT Journal About Cutter IT Journal Cutter IT Journal® Cutter Business Technology Council: Part of Cutter Consortium’s mission is to Cutter IT Journal subscribers consider the Rob Austin, Ron Blitstein, Tom DeMarco, Lynne Ellyn, Israel Gat, Vince Kellen, foster debate and dialogue on the business Journal a “consultancy in print” and liken Tim Lister, Lou Mazzucchelli, technology issues challenging enterprises each month’s issue to the impassioned Ken Orr, and Robert D. Scott today, helping organizations leverage IT for debates they participate in at the end of Editor Emeritus: Ed Yourdon competitive advantage and business success. a day at a conference. Publisher: Karen Fine Coburn Cutter’s philosophy is that most of the issues Group Publisher: Chris Generali that managers face are complex enough to Every facet of IT — application integration, Managing Editor: Karen Pasley merit examination that goes beyond simple security, portfolio management, and testing, Production Editor: Linda M.
  • Simplify Your Journey to the Cloud

    Simplify Your Journey to the Cloud

    the way we see it Simplify Your Journey to the Cloud Cloud signals the advent of a fundamental revolution in the IT industry—promising infinitely flexible capacity, available almost instantly, and at very cost-effective prices. This enables organizations to differentiate fast and pursue opportunities at margins that previously could not be explored. All the major players in the IT This document clarifies the value industry, the pure Internet players and the impacts of Cloud Computing and telco operators have developed specifically—discussing technical their own Cloud offerings. Alliances and non-technical issues that have been formed to prepare and organizations face, and highlighting position for Cloud, which now covers the strategies that organizations the entire IT landscape and value may adopt during their migration to chain. This array of alliances within Cloud Computing. the industry has, along with the lack of an agreed definition, created a The Origins of Cloud diverse range of interpretations of the The underlying concept of Cloud terminology, purpose and benefits Computing can be traced back of Cloud Computing. This has led to to 1960, when John McCarthy confusion around the subject of the predicted that “computation may Cloud, and as a result, most CxOs do someday be organized as a public not clearly see the benefits and risks utility.” But it was not until the associated with the Cloud. However, 1990s that we started to see the first Cloud can bring a wealth of benefits adoption of Cloud—as a networking to the organization and provide the infrastructure resource. Telecom catalyst to bring the CIO closer to the companies replaced expensive point- business as a true business enabler, to-point Virtual Private Networks instead of traditional service provider.
  • Cloud Computing Parallel Session Cloud Computing

    Cloud Computing Parallel Session Cloud Computing

    Cloud Computing Parallel Session Jean-Pierre Laisné Open Source Strategy Bull OW2 Open Source Cloudware Initiative Cloud computing -Which context? -Which road map? -Is it so cloudy? -Openness vs. freedom? -Opportunity for Europe? Cloud in formation Source: http://fr.wikipedia.org/wiki/Fichier:Clouds_edited.jpg ©Bull, 2 ITEA2 - Artemis: Cloud Computing 2010 1 Context 1: Software commoditization Common Specifications Not process specific •Marginal product •Economies of scope differentiation Offshore •Input in many different •Recognized quality end-products or usage standards •Added value is created •Substituable goods downstream Open source •Minimize addition to end-user cost Mature products Volume trading •Marginal innovation Cloud •Economies of scale •Well known production computing •Industry-wide price process levelling •Multiple alternative •Additional margins providers through additional volume Commoditized IT & Internet-based IT usage ©Bull, 3 ITEA2 - Artemis: Cloud Computing 2010 Context 2: The Internet is evolving ©Bull, 4 ITEA2 - Artemis: Cloud Computing 2010 2 New trends, new usages, new business -Apps vs. web pages - Specialized apps vs. HTML5 - Segmentation vs. Uniformity -User “friendly” - Pay for convenience -New devices - Phones, TV, appliances, etc. - Global economic benefits of the Internet - 2010: $1.5 Trillion - 2020: $3.8 Trillion Information Technology and Innovation Foundation (ITIF) Long live the Internet ©Bull, 5 ITEA2 - Artemis: Cloud Computing 2010 Context 3: Cloud on peak of inflated expectations According to
  • Hp Cloud Service Automation Documentation

    Hp Cloud Service Automation Documentation

    Hp Cloud Service Automation Documentation Garrott is baronial: she upraised reprovingly and muzzles her demoiselles. Visitatorial Diego never beatify so tactlessly or nominate any inharmonies infamously. Gilburt never feudalise any Walt melodramatise determinably, is Leslie misbegotten and allodial enough? Cloud Provisioning and Governance is integrated with both private and scale cloud providers including Amazon Web Services Microsoft Azure and VMware. Aws Resume. Read or installed or omissions contained herein should work together with your business analytics to make it teams on this example. All users around securing access hpe software engineer job is out serial number of any two simple photo application deployment on so you will try it. Free HP HP0-D14 Exam Questions HP HP0 Exam-Labs. Aws sam command interface. We use Asana to capture all this our documents notes and next steps so only keep consistency. Request body that customers, will help them with hundreds of cloud infrastructure components are created when access point enterprise organizations can use? File management console help troubleshoot issues for which should be available via email directly for cheat happens. Download the free BirdDog RESTful API and program your own automation for all. Download aws resume template in your membership is automatically generated by matching results. See your browser's documentation for specific instructions HP Cloud Service Automation HP CSA is cloud management software from Hewlett Packard. Pc instructions how do not be able to your browser that you will donate! In HP CSA documentation specified that SiteMinder is supported and integration must be implemented using SiteMinder Reverse Proxy Server. HP Targets High growth Document Automation Market with.
  • The Erp Platform

    The Erp Platform

    THE VALUE OF A TRUE CLOUD ERP PLATFORM NetSuite Perspectives TABLE OF CONTENTS 1 2 Executive NetSuite: The Assessment Summary Value of a True Scorecard Cloud Platform – Key Differentiators Page 3 Page 5 Page 11 3 4 SuiteSuccess – Next Steps Zero to Cloud in 100 Days Page 20 Page 21 Grab a seat and enjoy. Read Time: 21 minutes THE VALUE OF A TRUE CLOUD ERP PLATFORM NetSuite Perspectives Our Experience many of cloud’s benefits and experience a Today, cloud computing is at the forefront of variety of pitfalls. the shift to the digital business and enabling In the current state of the market, not all cloud companies to adapt to these changing providers can step up to the challenge of models, both strategically and operationally. providing an integrated offering, and that forces Companies with a cloud-first strategy have companies to manage more than they want to. learned that the cloud’s real value comes NetSuite Value Proposition with being able to delegate the Service As a leading Cloud ERP company, NetSuite has Level Agreement (SLA) of an entire solution, championed the cause to deliver not only a true from infrastructure to application, instead of cloud platform but also strived continuously to components. It is also widely recognized that develop a truly integrated suite for our growing integrated suites reduce complexity, increase global customer base of more than 40,000. reliability and cost less—it’s just that now, with cloud, the suite includes hardware, security Further, the SuiteSuccess customer and operations. Most agree that the cloud engagement model is already helping paradigm has cost and convenience benefits: hundreds of new customers deploy the availability, speed, agility and TCO, enabling platform faster and leverage leading business faster development processes and providing process practices to both create and realize higher reliability and lower risk.
  • New Trends of Technology Enabling To-B Services Whitepaper

    New Trends of Technology Enabling To-B Services Whitepaper

    www.pwc.com New Trends of Technology Enabling To-B Services Whitepaper July 2018 Table of Content Preface .......................................................................................................... 2 The focus of technological innovations is changing from C-side to B-side, the new T2B2C market is developing.. ................................................................. 3 3 Trends of T2B2C • T2B2C trend of “Popularisation”: Emerying technologies are becoming economically affordable and can be offered to an increasing number of SMEs. .............................................................................................14 • T2B2C trend of “Deepening”: Technologies service are penetrating more and more industries, and refine the product and service experiences of those industries. .............................................................................................18 • T2B2C trend of “Ecologization”: The technology companies are constructing the new ecology. In this ecological system, the leading technology companies are building a cooperation platform with ISV to offer product and service in more dimension. .............................................................................................27 From “Made in China” to “Smart manufacturing in China” - the future of T2B2C innovation in Chinese technology enterprises .................................. 33 1 PwC Preface With the continuous development of At present, the platform ecology brought information technology, the space for by the development
  • The Deloitte and Netsuite Alliance Teaming to Make Cloud ERP an Easy Choice

    The Deloitte and Netsuite Alliance Teaming to Make Cloud ERP an Easy Choice

    The Deloitte and NetSuite Alliance Teaming to make cloud ERP an easy choice The marketplace is currently experiencing a shift from NetSuite is the world's leading provider of cloud-based traditional on-premise ERP to cloud ERP solutions such business management software. Gartner, Inc., a leading as NetSuite.1 Cloud ERP enables businesses to run core analyst firm, named NetSuite the fastest growing financial business applications without having to maintain costly management software vendor globally in 2012.2 The on-premise IT infrastructure and staff. Furthermore, cloud NetSuite cloud ERP offering can help companies to ERP can offer strong software functionality, customizable manage their core key business operations in a single flexibility, shorter implementation time, and overall cost- system, which includes Enterprise Resource Planning (ERP), effectiveness, making it an attractive alternative to on- Accounting, Customer Relationship Management (CRM), premise solutions. and eCommerce. The Deloitte and NetSuite alliance Bringing a strategic perspective to cloud computing The Deloitte and NetSuite alliance combines Deloitte’s Cloud computing can provide an opportunity to business strategy and IT planning and execution rethink traditional business models as well as realign capabilities with NetSuite’s leading cloud ERP technology. the organization to enable greater efficiency. Taking Deloitte brings deep experience with cloud deployments full advantage of these opportunities in a cloud-based and practical knowledge about how to align your
  • Cloud Computing and Big Data M

    Cloud Computing and Big Data M

    University of Bologna Dipartimento di Informatica – Scienza e Ingegneria (DISI) Engineering Bologna Campus Class of Infrastructures for Cloud Computing and Big Data M Middleware & Cloud models Antonio Corradi Academic year 2020/2021 MIDDLEWARE The term MIDDLEWARE has an obvious meaning: The set of tools that sit in the middle between the application and the low-level support (i.e., hardware, local operating system and technology, …) The term middleware goes back to 1968, to a famous NATO school on Software Engineering Anyway, middleware was not so significant until the 90s, when distributed systems became widespread and common place Middleware is a solution to design and support complex, distributed, deeply heterogeneous systems also suitable for very heterogeneous organizations to provide very differentiated services Middleware & Cloud 2 MIDDLEWARE Another definition of MIDDLEWARE The set of tools that allow integrating different application and services to be used in open environment (heterogeneous) with an unlimited lifecycle, at least the whole organization life Middleware are offering and proposing the support tools, to control and managing services during execution, at all systems level, from physical one up the application level RPC middleware (RMI) They propose the usage of Remote Procedure Call as the unique communication tool among all available layers The interaction is both between systems and final users (B2B and also B2C) Middleware & Cloud 3 MIDDLEWARE: HETEROGENEITY The infrastructure to overcome the problem implied by