Cloud computing

The SSM TWG is a technical work group of the SNIA Technical Committee defining the Swordfish specification that extends the Distributed Management Task Force (DMTF)'s Redfish specification (API) to handle the emanagement of storage equipment and storage services found in modern data centers.

The target market for this interface is Cloud and Web-based IT professionals for scalable storage management and related data services. Within this community, the focus is on usability by non-computing science degree personnel. The interface should be simple to use, accessible, and compatible with the existing tool chains and with modern transports.

The Security TWG provides architectures and frameworks for the establishment of information security capabilities within the storage networking industry, including that of stored information in heterogeneous environments. The focus of the Security Work Group is directed toward long-term security solutions, taking into account any security inherent in underlying transports or technologies.

Human experts in specific IT infrastructure and business domains possess substantial knowledge about prevention, remediation, and optimization of systems. However, there is a significant challenge in capturing, combining, and leveraging this siloed knowledge across domains.
 
SAF is a catalog-based XML collaborative knowledge framework that is designed to address these challenges by automating appropriate responses to changing business conditions and integrating contributions from diverse domains to provide competitive advantage. SAF has applicability in IT and business including cloud computing, service management, governance, security, energy, eGov, financial, emergency management, healthcare, and communications.
 
Cloud computing, in particular, exacerbates the separation between consumer-based business requirements and provider-supplied IT responses. SAF facilitates knowledge sharing across these domains, allowing consumer and provider to work cooperatively together to ensure adequate capacity, maximize quality of service, and reduce cost. The SAF technical committee considers cloud computing to be an area where the value of existing and developing standards could be significantly enhanced using SAF.
 
For more information on SAF, see the TC Charter, the FAQ, and the (working) Symptoms Automation Framework Documents.

The OASIS TOSCA TC works to enhance the portability of cloud applications and services across their entire lifecycle. TOSCA will enable the interoperable description of application and infrastructure cloud services, the relationships between parts of the service, and the operational behavior of these services (e.g., deploy, patch, shutdown)--independent of the supplier creating the service, and any particular cloud provider or hosting technology. TOSCA will also make it possible for higher-level operational behavior to be associated with cloud infrastructure management.
 
By increasing service and application portability in a vendor-neutral ecosystem, TOSCA will enable:

• Portable deployment to any compliant cloud
• Smoother migration of existing applications to the cloud
• Flexible bursting (consumer choice)
• Dynamic, multi-cloud provider applications

Cloud computing can become more valuable if the semi-automatic creation and management of application layer services can be ported across alternative cloud implementation environments so that the services remain interoperable. This core TOSCA specification provides a language to describe service components and their relationships using a service topology, and it provides for describing the management procedures that create or modify services using orchestration processes. The combination of topology and orchestration in a Service Template describes what is needed to be preserved across deployments in different environments to enable interoperable deployment of cloud services and their management throughout the complete lifecycle (e.g. scaling, patching, monitoring, etc.) when the applications are ported over alternative cloud environments.

The mission of the Distributed Tracing is to define standards for interoperability between tracing tools.
Modern cloud-native applications are highly distributed and often span multiple technology and vendor boundaries. The complexity of these applications requires a detailed understanding of how individual requests are executed. This is referred to as "tracing".
Tracing tools for collecting this information have been available for quite some time. However, these tools have not been built with interoperability in mind. This leaves the developer with a number of challenges in getting an end-to-end trace of complex transactions:

• Traces are often broken, because trace context information is lost in a contributing tier or the trace is restarted
• Vendors cannot pass proprietary information across tiers instrumented with a different implementation and therefore lose relevant information (e.g. step count, server information, ...)
• End users don't have the ability to create complete end-to-end traces of application transactions which are monitored by different tools, as there is no defined data format and semantics for trace data

The scope of this working group is the definition of data formats and headers enabling the propagation and correlation of tracing data across different implementations.

The Impact of Cloud Computing on Healthcare was written to help enterprise information technology (IT) and business decision makers of the healthcare industry as they analyze and consider the implications of cloud computing on their business.
 
This guide contains guidance and strategies to help decision makers evaluate and compare cloud computing offerings from different providers, taking into account requirements from various actors including medical practices, hospitals, research facilities, insurance companies and governments. The paper covers current market dynamics, challenges and benefits of cloud computing on healthcare IT.
 
Throughout the paper, the role that management and IT standards play to improve the flexibility, interoperability and portability of cloud computing environments is highlighted.
 
Topics covered in detail:

• Key factors influencing cloud computing adoption in the healthcare industry, the barriers to address, and considerations for service and deployment models
• Specific IT trends in the healthcare industry that are addressed most effectively, both technically and economically, by cloud computing as opposed to traditional IT environments
• Cloud computing services for healthcare currently available that provide substantial benefits to healthcare organizations and patients
• The planning process for migrating healthcare IT systems and applications to the cloud
• Recommendations for how best to achieve the benefits of cloud computing while maintaining an acceptable level of risk

Cloud Customer Architecture for Enterprise Social Collaboration describes how to leverage social collaboration tools to harness ideas, exchange information, and increase the speed of innovation across the business.
 
This cloud reference architecture was written for enterprise Information Technology (IT) and business decision makers to assist in understanding the technical capabilities and integration requirements necessary to deliver Enterprise Social Collaboration solutions. It is a vendor-neutral and best practices approach to describe the flows and relationships between business capabilities, functional areas, and architectural components delivered as a cloud solution.
 
This paper discusses how social collaboration solutions can be applied to different industries and aligned with key business initiatives.

Migrating Applications to Public Cloud Services: Roadmap for Success was written to provide a practical reference to help enterprise information technology (IT) and business decision makers analyze and consider application migration to the cloud. This paper details strategic and tactical activities for developing a business plan and detailed migration plan. Guidance is provided on the types of applications that are best suited for migration to the cloud.
 
Key considerations include costs of migration, the potential need for application redesign, longevity, performance and availability, security and privacy requirements, the selection of locations, and other potential regulatory requirements.
 
Version 2.0 takes into account the increasing diversity of approaches used to migrate applications to the cloud. Much of this focuses on the use of containers, virtual machines, and serverless functions, as well as on the increasing use of hybrid cloud solutions. Concerns related to security, privacy, and data residency have also become stronger since the initial version. The guide addresses how to mitigate those issues.

Migrating Applications to the Cloud: Assessing Performance and Response Time Requirements is a supplement to the CSCC paper, Migrating Applications to Public Cloud Services: Roadmap for Success.
 
Assessing applications and workloads for readiness for migration to cloud computing allows organizations to determine which applications and data can (or cannot) be readily moved to a cloud computing environment and which delivery models (public, private, or hybrid) can be supported.
 
Emphasis is placed on mapping business requirements to the underlying technology to improve decisions regarding the suitability of cloud computing for a particular workload. By testing and quantifying performance and response time implications early on, performance issues can be avoided or mitigated.

Public Cloud Service Agreements: What to Expect and What to Negotiate was written to help cloud customers understand and evaluate public cloud service agreements (CSAs) from different providers.
 
The paper describes the current anatomy of a cloud service agreement, covering the customer agreement, acceptable use policies, cloud service level agreements and privacy policies.
 
The heart of the guide is a series of ten steps that cloud service customers should take to evaluate CSAs in order to compare public cloud service providers or negotiate terms with a provider. The recommendations are based on a thorough assessment of publicly available agreements from leading providers

Security for Cloud Computing: 10 Steps to Ensure Success provides a practical reference to help enterprise information technology (IT) and business decision makers analyze the security implications of cloud computing on their business.
 
The guide includes a list of ten steps designed to help decision makers evaluate and compare security and privacy offerings from different cloud providers in key areas, covering:

• Security and privacy challenges pertinent to cloud computing and considerations that organizations should weigh when migrating data, applications, and infrastructure
• Threats, technology risks, and safeguards for cloud computing environments and the insight needed to make informed IT decisions on their treatment
• A Cloud Security Assessment to assess the security capabilities of cloud providers

 
Version 3.0 introduces new and updated security standards, worldwide privacy regulations, and stresses the importance of including security in continuous delivery and deployment approaches, among other things.