Posted by Dr. Jerry Smith on Wed, Sep 02, 2009
I was asked by IBM to comment on some of the limitations that I see in Amazon, since we are involved with numerous cloud-base development activities. While Amazon's cloud computing offerings are rich in capability and are evolving regularly, it is important to constantly assess the practicality of operations against the resource constrained abilities of a vender service. Here is an initial set, based on conversations within the industry, that impacts our ability to deliver cloud base solutions (i.e., software, operations, and continuity of operations):
>> Security Transparency – For the cloud, you are as secure as the lease secure application that coexists with your virtual computing ecosystems (e.g., VM security and security best practices). While Amazon says they are secure, they are not will to disclose/publish their security guidelines and audit results. If mission critical data is to me moved into the cloud, vendor security most be made more transparent.
>> Heterogeneous Environments. The ability to run in a heterogeneous cloud computing environment is critical. The performance of cloud compute nodes is not consistent, by any measure to date. For example, if the amount of work needed to execute a query is equally divided amongst N independent cloud compute nodes, then the time to complete the query will be approximately equal to the time for the slowest compute node to complete its assigned task, which is not under the control of the client provisioning process. A system designed to run in a heterogeneous environment would take appropriate measures to prevent this from occurring.
>> Operate on Encrypted Data. Security best practices stipulates that sensitive data should be encrypted before being uploaded to public cloud computing environments. Any application running in the cloud should not have the ability to directly decrypt the data before accessing it. However, sending entire datasets outside of the cloud for decryption is bandwidth intensive, driving the solution cost up and performance down. Hence, there is a need for the ability of the data analysis system to operate directly on encrypted data.
>> Portability/Standards – Cloud computing providers should provide a standard protocol for provisioning and managing cloud computing spaces. Using the cloud is not just allocating assets into the cloud, but requires the development of proprietary code for many operational activities (e.g., provisioning).
Think of this as Cloud Computing XML (CCXml), or language, that would be used for defining cloud based activities, in much the same way that BPEL allows for a common workflow language.
>> Persistent Storage on Virtual Servers – Any persistency must be done through mounting either an ESB or S3. There is no intrinsic ability to persist the state of AMI itself, without directly re-manifesting it to another AMI.
What did I miss? Please email me (jsmith@symphonysv.com).