Cloud computing

Interoperability and Portability for Cloud Computing: A Guide was written to provide a clear definition of interoperability and portability and how these concepts relate to various aspects of cloud computing and to cloud services.
 
The aim of this guide is to give both cloud service customers and cloud service providers guidance in the provision and selection of cloud services indicating how interoperability and portability affect the cost, security, and risk involved.
 
Version 2.0 is updated to reflect the ISO/IEC 19941 Cloud Computing Interoperability and Portability standard and its facet models of interoperability, data portability, and application portability. Containers and their associated technologies are addressed in the paper, as well as automation in the use of cloud services.

The “Software Defined Perimeter (SDP) protocol,” is designed to provide on-demand, dynamically provisioned, air-gapped networks. Air-gapped networks are trusted networks that are isolated from all unsecured networks and this may allow them to mitigate network-based attacks. The SDP protocol is based on workflows invented by the Department of Defense (DoD) and used by some Federal Agencies. Networks based on these workflows provide a higher level of security, but are thought to be very difficult to use compared to traditional enterprise networks.
 

The Software Defined Perimeter (SDP) has adapted the generalized DoD workflow but has modified it for commercial use and made it compatible with existing enterprise security controls. Where applicable, SDP has followed NIST guidelines on cryptographic protocols. SDP can be used in government applications such as enabling secure access to FedRAMP certified cloud networks as well as enterprise applications such as enabling secure mobile phone access to public clouds.

The Practical Guide to Cloud Service Agreements was written to help enterprise information technology (IT) and business decision makers analyze cloud service agreements (CSAs) from different cloud service providers.
 
CSAs are written to set clear expectations for service between the cloud customer (buyer) and the cloud provider (seller), but should also exist between a customer and other cloud entities, such as the cloud carrier, the cloud broker and even the cloud auditor. This guide focuses primarily on the CSA details between the cloud customer and cloud provider.
 
The “Guide for Evaluating Cloud Service Agreements” section is the heart of the paper. It provides a prescriptive series of steps that cloud customers should take to evaluate CSAs in order to compare multiple cloud providers or to negotiate terms with a selected provider

The Practical Guide to Platform-as-a-Service was written to help enterprise information technology (IT) managers, business decision makers, application architects and application developers understand the Platform-as-a-Service (PaaS) cloud service category and how it can be used to solve business challenges rapidly and cost effectively.
 
This guide contains best practices for using PaaS in terms of architecture, development processes, integration, deployment and operation.
 
Differences between traditional application development and delivery and the appropriate techniques for PaaS platforms are highlighted, since in many cases the biggest gains for the enterprise result from the adoption of newer, more efficient, more rapid and less error-prone techniques for creating, testing and deploying applications.

The Practical Guide to Cloud Computing was written to help enterprise information technology (IT) and business decision makers adopt cloud computing to solve business challenges.
 
This guide will help you evaluate the cloud computing market from the point of view of your organization’s needs and contains information that is helpful in selecting a cloud architecture and an implementation approach through the use of in-house staff, cloud vendor(s) or both.
 
The “Roadmap for Cloud Computing” section is the heart of this guide, outlining 10 steps that should be taken to ensure a successful cloud deployment. The Roadmap covers strategic and tactical activities for decision makers implementing cloud solutions and offers specific guidance to decision makers on the selection of cloud service and deployment models.

The objective of this guide is to define and position the cloud technologies that can be used to deploy cloud-based applications and services, and clarify how they differ in their implementation and use. There are many options available (bare metal, VMs, containers, serverless, and more), and there is no right or wrong choice. Many organizations will need to implement more than one option. Accordingly, selecting the best option to support workloads while controlling complexity can be a daunting task.
 
This practical guide will help developers, architects, and IT leaders make informed decisions and select the best technology for their specific needs. These technologies span storage, network, and compute services – this Practical Guide focuses on compute options.
 

The objective of this Guide is to help cloud adopters put in place the framework, policies, roles and responsibilities required to ensure success.
 
A governance program is necessary in most business and IT initiatives to ensure smooth operations, and is proven to improve results; with cloud computing, the presence of critical external providers makes it even more vital to establish good governance.
 
The Guide is organized in seven steps:

• Understand cloud governance
• Benchmark
• Establish a framework
• Align corporate governance and cloud governance
• Establish a cloud governance program
• Establish governance measures and metrics
• Sustainsuccess

Cloud Customer Architecture for Web Application Hosting describes vendor-neutral best practices for hosting web applications using cloud computing. The architectural elements described in this paper are needed to instantiate a web application hosting environment using private, public, or hybrid cloud deployment models.
&nbso;
Cloud computing and cloud services are often considered for both existing and new web application hosting environments. This is in part driven by the frequency that web applications are required. It also occurs because cloud elasticity and scalability naturally lends itself to the needs of a web application hosting environment.
&nbso;
This reference architecture provides a detailed view of the components, subcomponents and relationships in a cloud-based web application hosting architecture.

Cloud Customer Architecture for Securing Workloads on Cloud Services was written as practical reference to help IT architects and IT security professionals architect, install, and operate the information security components of solutions built using cloud services.
 
Many cloud services are now available covering infrastructure, platform and application capabilities. Building business solutions using these cloud services requires a clear understanding of the available security services, components and options, allied to a clear architecture which provides for the complete lifecycle of the solutions, covering development, deployment and operations.
 
This whitepaper introduces best practices for architecting the security of cloud service solutions.

Cloud Customer Architecture for Mobile describes vendor-neutral best practices for hosting the services and components required to support mobile apps using cloud computing.
 
The architectural elements described in this paper are needed to instantiate mobile hosting environments using a private, a public, or a hybrid cloud deployment model.
 
Cloud capabilities support the lifecycle of mobile applications that are deployed to employee or customer devices and provide managed access to back-end business applications and enterprise data sources. These solutions allow companies to leverage emerging mobile technologies to reinvent relationships by engaging users anywhere and anytime the context is relevant.
 
This guide describes common architectures proven successful in numerous enterprise deployments of mobile apps.

Cloud Customer Architecture for IoT is a reference architecture for supporting the Internet of Things (IoT) using cloud computing.
 
IoT is one of the most exciting and most dynamic areas of IT at the present time. IoT involves the linking of physical entities (“things”) with IT systems that derive information about or from those things which can be used to drive a wide variety of applications and services.
 
The cloud components of the IoT reference architecture are positioned within a three-tier architecture pattern comprising edge, platform, and enterprise tiers. The cloud components, subcomponents, and relationships are discussed in detail. Considerations are discussed for meeting scale, safety, reliability, and privacy requirements.

Cloud Customer Architecture for Hybrid Integration introduces a core reference architecture and key concepts for hybrid integration in the enterprise.
 
IT environments are now fundamentally hybrid in nature – devices, systems, and people are spread across the globe, and at the same time virtualized. Achieving integration across this ever-changing environment is a significant challenge. This paper explores common architecture patterns seen in enterprises tackling this issue.
 
Hybrid integration can be looked at from many perspectives including application, data, and infrastructure. This whitepaper positions hybrid integration from an application perspective, and presents the reference architecture as a seamless integration from cloud to on-premises for events, APIs, and data.