Professional Documents
Culture Documents
Contents
Introduction To Cloud Computing ........................................................................................................... 2 Three cloud service models ........................................................................................................................ 6 Cloud deployment models: ......................................................................................................................... 7 CLOUD ENVIRONMENT ROLES ...................................................................................................................... 8 SPECIFIC CHARACTERISTICS / CAPABILITIES OF CLOUDS .............................................................................. 9 Cloud Computing in Larger Businesses ....................................................................................................... 15 Cloud Computing in Small Business ............................................................................................................ 17 Benefits of Cloud Computing ...................................................................................................................... 18 Some Findings -- Cloud Computing ............................................................................................................. 20 TCSs Service Offerings in Cloud Computing ............................................................................................... 25 CLOUD COMPUTING IN HEALTHCARE INDUSTRY .................................................................................... 30 Cloud technology from Microsoft ............................................................................................................... 32 Cloud ERP .................................................................................................................................................... 35 Ramco OnDemand ERP ......................................................................................................................... 35 Business case for cloud computing ............................................................................................................. 38 Threats to Cloud Computing ....................................................................................................................... 40 How Integrated, Web-Based Software Makes Business More Efficient ..................................................... 44 Business Benefits Of Cloud Computing ....................................................................................................... 46 REFERENCES & SOURCES......................................................................................................................... 47
By distributing and replicating data across servers on demand, resource utilisation has been significantly improved. Similarly web server hosts replicate images of relevant customers who requested a certain degree of accessibility across multiple servers and route requests according to traffic load. However, it was only when Amazon published these internal resources and their management mechanisms for use by customers that the term cloud was publicly associated with such elastic infrastructures especially with on demand access to IT resources in mind. In the meantime, many providers have rebranded their infrastructures to clouds, even though this had little consequences on the way they provided their capabilities.
Cloud computing is an Internet-based way of working where users access applications through a web browser rather than hosting software locally on their own PC. The applications can be very simple, such as web-based email, through to more complex business software such as web-based accounting.
2
a 'cloud' is an elastic execution environment of resources involving multiple stakeholders and providing a metered service at multiple granularities for a specified level of quality (of service).
Cloud computing as a delivery model for IT services is defined by the National Institute of Standards and Technology (NIST) as a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g. networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction
a. On-demand self-service involves customers using a web site or similar control panel interface to provision computing resources such as additional computers, network bandwidth or user email accounts, without requiring human interaction between customers and the vendor. b. Broad network access enables customers to access computing resources over networks such as the Internet from a broad range of computing devices such as laptops and smartphones. c. Resource pooling involves vendors using shared computing resources to provide cloud services to multiple customers. Virtualisation and multi-tenancy mechanisms are typically used to both segregate and protect each customer and their data from other customers, and to make it appear to customers that they are the only user of a shared computer or software application. d. Rapid elasticity enables the fast and automatic increase and decrease to the amount of available computer processing, storage and network bandwidth as required by customer demand. e. Pay-per-use measured service involves customers only paying for the computing resources that they actually use, and being able to monitor their usage. This is analogous to household use of utilities such as electricity
Cloud Application
This is the apex of the cloud pyramid, where applications are run and interacted with via a web browser, hosted desktop or remote client. A hallmark of commercial cloud computing applications is that users never need to purchase expensive software licenses themselves. Instead, the cost is incorporated into the subscription fee. A cloud application eliminates the need to install and run the application on the customer's own computer, thus removing the burden of software maintenance, ongoing operation and support.
Cloud Platform
The middle layer of the cloud pyramid, which provides a computing platform or framework as a service. A cloud computing platform dynamically provisions, configures, reconfigures and deprovisions servers as needed to cope with increases or decreases in demand. This in reality is a distributed computing model, where many services pull together to deliver an application or infrastructure request.
Cloud Infrastructure
The foundation of the cloud pyramid is the delivery of IT infrastructure through virtualisation. Virtualisation allows the splitting of a single physical piece of hardware into independent, self governed environments, which can be scaled in terms of CPU, RAM, Disk and other elements. The infrastructure includes servers, networks and other hardware appliances delivered as either Infrastructure Web Services, farms or "cloud centres". These are then interlinked with others for resilience and additional capacity
Platform as a Service (PaaS) involves the vendor providing Infrastructure as a Service plus
operating systems and server applications such as web servers. PaaS enables customers to use the vendors cloud infrastructure to deploy web applications and other software developed by the customer using programming languages supported by the vendor. Typically the vendor controls and maintains the physical computer hardware, operating systems and server applications. Typically the customer only controls and maintains the software applications developed by the customer. Example PaaS vendor services include Google App Engine, Force.com, Amazon Web Services Elastic Beanstalk, and the Microsoft Windows Azure platform.
Software as a Service (SaaS) involves the vendor using their cloud infrastructure and cloud
platforms to provide customers with software applications. Example applications include email and an environment for users to collaboratively develop and share files such as documents and spreadsheets. These end user applications are typically accessed by users via a web browser, eliminating the need for the user to install or maintain additional software. Typically the vendor controls and maintains the physical computer hardware, operating systems and software applications. Typically the customer only controls and maintains limited application configuration settings specific to users such as creating email address distribution lists. . Example SaaS vendor services include Salesforce.com Customer Relationship Management (CRM), Google Docs and Google Gmail.
6
Private cloud involves an organisations exclusive use of cloud infrastructure and services
located at the organisations premises or offsite, and managed by the organisation or a vendor. Compared to the public cloud model, the private cloud model has reduced potential cost efficiencies. If the private cloud is properly implemented and operated, it has reduced potential security concerns. A well architected private cloud properly managed by a vendor provides many of the benefits of a public cloud, but with increased control over security. A managed private cloud may enable enterprise customers to more easily negotiate suitable contracts with the vendor, instead of being forced to accept the generic contracts designed for the consumer mass market that are offered by some public cloud vendors.
Community cloud involves a private cloud that is shared by several organisations with similar
security requirements and a need to store or process data of similar sensitivity. This model attempts to obtain most of the security benefits of a private cloud, and most of the economic benefits of a public cloud. An example community cloud is the sharing of a private cloud by several agencies of the same government.
In cloud environments, individual roles can be identified similar to the typical role distribution in Service Oriented Architectures and in particular in (business oriented) Virtual Organisations. As the roles relate strongly to the individual business models it is imperative to have a clear definition of the types of roles involved in order to ensure common understanding. (Cloud) Providers offer clouds to the customer either via dedicated APIs (PaaS), virtual machines and / or direct access to the resources (IaaS). Note that hosts of cloud enhanced services (SaaS) are typically referred to as Service Providers, though there may be ambiguity between the terms Service Provider and Cloud Provider. (Cloud) Resellers or Aggregators aggregate cloud platforms from cloud providers to either provide a larger resource infrastructure to their customers or to provide enhanced features .This relates to community clouds in so far as the cloud aggregators may expose a single interface to a merged cloud infrastructure. They will match the economic benefits of global cloud infrastructures with the understanding of local customer needs by providing highly customized, enhanced offerings to local companies (especially SMEs) and world-class applications in important European industry sectors. Similar to the software and consulting industry, the creation of European cloud partner ecosystems will provide significant economic opportunities in the application domain first, by mapping emerging industry requests into innovative solutions and second by utilizing these innovative solutions by European companies in the global marketplace. (Cloud) Adopters or (Software / Services) Vendors enhance their own services and capabilities by exploiting cloud platforms from cloud providers or cloud resellers. This enables them to e.g. provide services that scale to dynamic demands in particular new business entries who cannot estimate the uptake / demand of their services as yet .The cloud enhanced services thus effectively become software as a service. (Cloud) Consumers or Users make direct use of the cloud capabilities as opposed to cloud resellers and cloud adopters, however, not to improve the services and capabilities they offer, but to make use of the direct results, i.e. either to execute complex computations or to host a flexible data set. Note that this involves in particular larger enterprises which outsource their inhouse infrastructure to reduce cost and efforts.
Economic considerations are one of the key reasons to introduce cloud systems in a business environment in the first instance. The particular interest typically lies in the reduction of cost and effort through outsourcing and / or automation of essential resource management. As has been noted in the first section, relevant aspects thereby to consider relate to the cut-off between loss of control and reduction of effort. With respect to hosting private clouds, the gain through cost reduction has to be carefully balanced with the increased effort to build and run such a system. Obviously, technological challenges implicitly arise from the non-functional and economical aspects, when trying to realize them. As opposed to these aspects, technological challenges typically imply a specific realization even though there may be no standard approach as yet and deviations may hence arise. In addition to these implicit challenges, one can identify additional technological aspects to be addressed by cloud system, partially as a pre-condition to realize some of the high level features, but partially also as they directly relate to specific characteristics of cloud systems.
9
NON-FUNCTIONAL ASPECTS
The most important non-functional aspects are:
Elasticity is an essential core feature of cloud systems and circumscribes the capability of the
underlying infrastructure to adapt to changing, potentially non-functional requirements, for example amount and size of data supported by an application, number of concurrent users etc. One can distinguish between horizontal and vertical scalability, whereby horizontal scalability refers to the amount of instances to satisfy e.g. changing amount of requests, and vertical scalability refers to the size of the instances themselves and thus implicit to the amount of resources required to maintain the size. Cloud scalability involves both (rapid) up- and downscaling. Elasticity goes one step further, tough, and does also allow the dynamic integration and extraction of physical resources to the infrastructure. Whilst from the application perspective, this is identical to scaling, from the middleware management perspective this poses additional requirements, in particular regarding reliability. In general, it is assumed that changes in the resource infrastructure are announced first to the middleware manager, but with large scale systems it is vital that such changes can be maintained automatically.
Reliability is essential for all cloud systems in order to support todays data centre-type
applications in a cloud, reliability is considered one of the main features to exploit cloud capabilities.Reliability denotes the capability to ensure constant operation of the system without disruption, i.e.no loss of data, no code reset during execution etc. Reliability is typically achieved through redundant resource utilisation. Interestingly, many of the reliability aspects move from a hardware to a software-based solution. (Redundancy in the file systems vs. RAID controllers, stateless front end servers vs. UPS, etc.).
Quality of Service support is a relevant capability that is essential in many use cases where
specific requirements have to be met by the outsourced services and / or resources. In business cases, basic QoS metrics like response time, throughput etc. must be guaranteed at least, so as to ensure that the quality guarantees of the cloud user are met.
10
Agility and adaptability are essential features of cloud systems that strongly relate to the
elastic capabilities. It includes on-time reaction to changes in the amount of requests and size of resources, but also adaptation to changes in the environmental conditions that e.g. require different types of resources, different quality or different routes, etc. Implicitly, agility and adaptability require resources (or at least their management) to be autonomic and have to enable them to provide self-capabilities.
Availability of services and data is an essential capability of cloud systems and was actually
one of the core aspects to give rise to clouds in the first instance. It lies in the ability to introduce redundancy for services and data so failures can be masked transparently. Fault tolerance also requires the ability to introduce new redundancy (e.g. previously failed or fresh nodes) in an online manner non-intrusively (without a significant performance penalty). With increasing concurrent access, availability is particularly achieved through replication of data /services and distributing them across different resources to achieve load-balancing. This can be regarded as the original essence of scalability in cloud systems.
ECONOMIC ASPECTS
In order to allow for economic considerations, cloud systems should help in realising the following aspects:
Cost reduction is one of the first concerns to build up a cloud system that can adapt to
changing consumer behaviour and reduce cost for infrastructure maintenance and acquisition. Scalability and Pay per Use are essential aspects of this issue. Notably, setting up a cloud system typically entails additional costs be it by adapting the business logic to the cloud host specific interfaces or by enhancing the local infrastructure to be cloud-ready.
Pay per use The capability to build up cost according to the actual consumption of resources is
a relevant feature of cloud systems. Pay per use strongly relates to quality of service support, where specific requirements to be met by the system and hence to be paid for can be specified. One of the key economic drivers for the current level of interest in cloud computing is the structural change in this domain. By moving from the usual capital upfront investment model to
11
an operational expense, cloud computing promises to enable especially SMEs and entrepreneurs to accelerate the development and adoption of innovative solutions.
Improved time to market is essential in particular for small to medium enterprises that want to
sell their services quickly and easily with little delays caused by acquiring and setting up the infrastructure,in particular in a scope compatible and competitive with larger industries. Larger enterprises need to be able to publish new capabilities with little overhead to remain competitive. Clouds can support this by providing infrastructures, potentially dedicated to specific use cases that take over essential capabilities to support easy provisioning and thus reduce time to market. Return of investment (ROI) is essential for all investors and cannot always be guaranteed in fact some cloud systems currently fail this aspect. Employing a cloud system must ensure that the cost and effort vested into it is outweighed by its benefits to be commercially viable this may entail direct (e.g. more customers) and indirect (e.g. benefits from advertisements) ROI. Outsourcing resources versus increasing the local infrastructure and employing (private) cloud technologies need therefore to be outweighed and critical cut-off points identified. Going Green is relevant not only to reduce additional costs of energy consumption, but also to reduce the carbon footprint. Whilst carbon emission by individual machines can be quite well estimated, this information is actually taken little into consideration when scaling systems up. Clouds principally allow reducing the consumption of unused resources (down-scaling). In addition, up-scaling should be carefully balanced not only with cost, but also carbon emission issues. Note that beyond software stack aspects, plenty of Green IT issues are subject to development on the hardware level.
12
TECHNOLOGICAL ASPECTS
The main technological challenges that can be identified and that are commonly associated with cloud systems are:
Virtualisation is an essential technological characteristic of clouds which hides the technological complexity from the user and enables enhanced flexibility (through aggregation, routing and translation). More concretely, virtualisation supports the following features:
Ease of use: through hiding the complexity of the infrastructure (including management, configuration etc.) virtualisation can make it easier for the user to develop new applications, as well as reduces the overhead for controlling the system. Infrastructure independency: in principle, virtualisation allows for higher interoperability by making the code platform independent. Flexibility and Adaptability: by exposing a virtual execution environment, the underlying infrastructure can change more flexible according to different conditions and requirements (assigning more resources, etc.). Location independence: services can be accessed independent of the physical location of the user and the resource. Multi-tenancy is a highly essential issue in cloud systems, where the location of code and / or data is principally unknown and the same resource may be assigned to multiple users (potentially at the same time). This affects infrastructure resources as well as data / applications / services that are hosted on shared resources but need to be made available in multiple isolated instances. Classically, all information is maintained in separate databases or tables, yet in more complicated cases information may be concurrently altered, even though maintained for isolated tenants. Multitenancy implies a lot of potential issues, ranging from data protection to legislator issues.
Security, Privacy and Compliance is obviously essential in all systems dealing with potentially sensitive data and code.
13
Data Management is an essential aspect in particular for storage clouds, where data is flexibly distributed across multiple resources. Implicitly, data consistency needs to be maintained over a wide distribution of replicated data sources. At the same time, the system always needs to be aware of the data location (when replicating across data centres) taking latencies and particularly workload into consideration. As size of data may change at any time, data management addresses both horizontal and vertical aspects of scalability. Another crucial aspect of data management is the provided consistency guarantees (eventual vs. strong consistency, transactional isolation vs. no isolation, atomic operations over individual data items vs. multiple data times etc.).
APIs and / or Programming Enhancements are essential to exploit the cloud features: common programming models require that the developer takes care of the scalability and autonomic capabilities him- / herself, whilst a cloud environment provides the features in a fashion that allows the user to leave such management to the system.
Metering of any kind of resource and service consumption is essential in order to offer elastic pricing, charging and billing. It is therefore a pre-condition for the elasticity of clouds. Tools are generally necessary to support development, adaptation and usage of cloud services.
14
Major companies are increasingly seeking Cloud computing and exploring the development of private Clouds. While obviously mindful of potential pitfalls, anecdotal evidence suggests that many would embrace Cloud computing solutions for data storage and retrieval they could trust. It is fair to say that the Task Force discussed a wide range of large business responses to the emergence of Cloud computing. The rapid development of a wide range of Cloud service providers within Australia certainly implies an escalating demand from both public and private sector users. While some large businesses are moving quickly into the use of Cloud computing, others -- including some of the banks -- are proceeding cautiously at this stage. This is partly a response to the unsettled nature of the market for Cloud computing (including the absence of widely adopted standards), combined with concerns about the potential reputational risks which could arise if something goes wrong with client data in the Cloud. Indeed, several of the major banks have recently been calling for more work on the establishment of Cloud computing standards to ensure that they are able to retain control of any outsourced IT. This is particularly related to the question of vendor lock-in.
Banks operate in a complex regulatory framework regarding their handling of customer data, with the various privacy acts being a major consideration. However, such legislation does not pose the primary barrier - the wider question of customer trust remains the stumbling block. Customers have to trust their financial institution, which in turn should not expose their customers to unnecessary risk. The scope of bank services is far wider than merely financial transactions however, and customer relationship management is an area thought amenable to Cloud computing. It was noted that the Australian Prudential Regulation Authority (APRA) has been counseling caution in the adoption of Cloud computing.
Legal advice offered to one major banking concern regarding the possible use of Cloud computing focused on privacy considerations and the US Governments Patriot Act, and allowed for a range of options including asking customers to opt-in to the scheme. The failure of any Cloud-based arrangements could risk the reputation of the company and questions of confidentiality, reliability and security remain. Domestically-based Clouds are considered more
15
secure than international Clouds, but service providers must build trust with their banking clients, just as banks must earn the trust of their customers regarding the handling of their financial assets.
Unfortunately, contracts with Cloud providers have proved difficult to negotiate with insufficient protections for privacy, data backups and data segregation offered by vendors. The business model of Cloud service providers tends not to intersect with the more conservative framework that banks must adhere to. Vendors tend to offer a promise of 'best endeavours' to maintain services, rather than actually guaranteeing the continuity and security of provision demanded of them. Pitfalls experienced with other much-hyped revolutions in computing and the internet have underlined this tendency towards caution. The use of IT outsourcing raised similar considerations, for instance, and many problems were encountered with its deployment. The colocation of data in Cloud computing solutions also poses new challenges and creates the perception of new risk asymmetries.
16
Small business will embrace Cloud computing to reap the cost savings promised by vendors, but in many instances may be ill prepared to do so in an informed and considered fashion. Government could therefore play a useful role in raising awareness and educating the small business community about the possibilities of Cloud computing, as well as its possible risks. The potential of Cloud computing to solve a firms specific problems could be demonstrated through the generation of practical scenarios which could also examine issues which might arise regarding privacy and security. Public seminars, workshops and concept exercises might also prove useful in helping small and medium enterprises understand Cloud technology. Cloud computing can offer a much wider set of solutions than simply aggregated data services. It facilitates new ways of collaborating and working and can drive increases in productivity as well as saving costs. It allows information and communications capacity to be bought as needed, offering flexibility and innovation to businesses which wish to free themselves of expensive and cumbersome in-house IT solutions. Cloud developments could also encourage employment by reducing IT start-up costs for small businesses.
Secondary brokerage is a growing market, with infrastructure aggregators becoming a major factor in the market. Cloud computing allows identities to be obscured online to an even greater degree than before, with small organisations able to appear much larger than they are, and vice versa. This has obvious risks as well as potential for small players to penetrate larger markets.
17
Depending upon the implementation, Cloud computing promises compelling efficiency, cost and scaling advantages delivering:
Lower upfront costs: When introducing a new application, the cost of hardware and of software licenses are currently a major concern, but Cloud services allow the subscriber to pay the provider for usage alone, avoiding the need for up-front expenditure and allowing costs to be spread over time and managed more closely.
Reduced financial risk: If a Cloud-based application proves unsuccessful for whatever reason, or its use within the business is for a limited time, it can be discontinued without the retention of useless infrastructure. The user also avoids the financial risk of technological obsolescence.
Faster time to market (agility): It typically takes several months to achieve successful implementation of a traditional application, but Cloud applications can be deployed and scaled within days or hours.
No capital expense: Cloud computing allows the user to pay for ICT as a service when consumed, turning capital expenses into operating (variable) costs.
Lower operational expense: Given economies of scale, high levels of automation and selfservice, Cloud providers can usually offer ICT services at a significantly lower cost than individual organisations can deliver themselves.
Clear ICT value for businesses: ICT has always struggled to demonstrate its value to businesses, and there has been a seemingly constant disconnect between ICT spending and the perception of value it delivers. Cloud computing provides a direct connection between ICT spending and value similar to domestic spending on phone bills or electricity.
18
Innovation: Cloud computing can offer an almost infinite ICT sandpit for experimentation and innovation at low risk, low operating cost and with no capital expenditure. Experiments in the Cloud can be rapidly scaled up or abandoned depending on how they turn out.
Access to expanded expertise: Given their economies of scale, Cloud providers can afford to offer more specialised services and deeper expertise in advanced security techniques, application performance optimization, tailored user support and business continuity services than many in house ICT departments.
Sustainability: Most providers of Cloud services are facing pressure from consumers and governments to utilise facilities that consume less energy. There is a growing trend towards locating large data centres in locations where renewable energy is available.
Continuous enhancements: Instead of facing occasional, disruptive and costly upgrades of ICT, the Cloud can deliver incremental improvements and enhancements on a continuous basis.
Decreased downtime and delays (improved resilience): Since Cloud workloads can be spread across many facilities, and even across different Clouds, redundant applications can be used to avoid downtime. In addition, data distribution strategies can help address disaster recovery and business continuity issues. Larger Cloud providers can also afford to build hardened facilities with reserve power supplies and cooling equipment.
Standardisation: Over time, the use of Cloud services is likely to drive standardisation among users which in turn facilitates the simplification and alignment of business processes, yielding further savings and enabling the scaling of processes within an enterprise.
19
Source: EY survey Cloud adoption in India, 2010 The stated preference of enterprises to buy cloud IaaS services from IT service providers or data center service providers could mean that the cloud computing idea becomes central to these service providers portfolios. Equipment vendors should recognize and respond to this possibility. For data center providers, cloud IaaS services may prove to be a more profitable source of revenue as compared to their existing service/product mix. IT service providers looking to leverage the cloud IaaS opportunity should form alliances with third-party data center service providers or invest in building their own infrastructure. Data center service providers and IT system integrators also need to play a pivotal role in bringing the ecosystem together to demonstrate commitment to security, service-level agreement (SLA) adherence and complete support at every layer of the cloud service model.
20
MNC responses to our survey support the evolution model from traditional IT infrastructure provisioning to cloud-based infrastructure services, As shown in above figure 76% of MNCs surveyed rated scalability of capacity and matching capacity to fluctuating demand as the most beneficial attributes of cloud services. Speed of access to such services came in a close third, but all of the major benefits of cloud computing were recognised by the MNC respondents as such. The benefits of cloud in industry-specific contexts were also recognised by our respondents. Finance and insurance firms emphasized scalability of capacity (44%) and improved employee productivity (50%), unsurprising in an industry with such highly valuable employee 'capital'. Retail sector respondents cited scalability and matching capacity to demand (both ranked as major benefits by 50% of respondents) as key draws to cloud - again, unsurprising in a sector with such dramatic peaks and troughs in month-to-month and even day-to-day transactions
21
Across all vertical sectors, 78% of companies rated security and 85% of companies rated data governance significant or major barriers to adoption. Clearly, any cloud-based service provider, or cloud service, must address security first. However, they should also be concerned that so many companies see loss of control, SLAs and potential difficulty in evaluating performance of prospective suppliers all as significant barriers, even if they are not the most important. If MNCs are consistent in bringing traditional concerns and requirements on managed ICT into cloud services, they also appear consistent within their business sectors, as the next figure shows. Banks and insurance companies overwhelmingly rated security their highest concern (75%).
22
23
Data governance was the major concern for the energy & utilities and retail & wholesale industries, where businesses are built on efficient management of huge volumes of customer records (billing, accounts and sales data).
Similarly manufacturing, which includes a number of significant pharmaceuticals companies, was most concerned about data governance, and in fact gave it equal rating to security.
Characteristically, professional services companies, including media, worried most about SLAs, perhaps showing just how much contracts and commercial metrics are in their blood.
24
TCS has been providing a mature IT-as-a-Service component as a part of its Small and Medium Business (SMB) offering, which has built a completely new business model and which leverages the mindset and technologies of the Cloud.
With a lot of information available on Cloud Computing, it is imperative to build a taxonomy which forms the basis for common understanding and focus. TCS has extensively studied this area, and the following taxonomy reflects TCSs insights on Cloud Computing. There are other taxonomies available such as the OpenCrowd Cloud Taxonomy. All these views will be the basis for the standardization efforts that have just started across the industry.
25
The Cloud Taxonomy consists of four layers, eight sub-layers, and a variety of areas to address. Though layers and sublayers are static, TCS foresees that the areas to address will be a growing list. The growing list is denoted by ellipsis in the following figure:-
26
Based on the 4.0 Cloud Services layer in the TCS Cloud Taxonomy, TCS will provide the following five service offerings:
Cloud Advisory Services For Cloud, TCS will help customers define to-be state strategy. The strategy will Honor business and application constraints and requirements Identify appropriate target state for each application Address issues of interoperability, investment protection and lock-in TCSs integrated consulting and IT services capabilities bring continuity and consistency to customers strategic programs. TCS will address a comprehensive set of questions on the what (strategy), when (timelines), and why (business case)
The typical entry point for the customers to the Cloud will be migration of their existing applications to the Cloud,initially as a proof-of-concept and later in production. In addition to the Cloud, TCS has extensive capabilities on application migration with automation assets and agility of building/enhancing tools for customer or engagement specific purposes. TCS has executed vast migration projects in which it has handled large engagements, wide variety of technologies, implemented tool-based approach and end-to-end solution including architecture definition, testing and performance engineering, which will also apply to the migration engagements in Cloud.
27
TCS has built tools and platforms to support rapid application development and deployment, and they are being enhanced to support a Cloud model. TCS InstantApps empowers business analysts to create Web based applications using its WYSIWYG designer. It has built in features to move applications from the Dev environment to the production environment, if the application is also available in the same Cloud. Dev 2.0 Do It Yourself paradigm enables the customers to build simple applications and use it by themselves without TCS being involved. InstantApps will be available as a cloudenabled PaaS.
TCS Model-Driven Development (MDD) toolset (TCS MasterCraft ) provides an integrated environment along with a product or application development lifecycle. This significantly reuses code to speed up the new application development, legacy system integration, and/or making enhancements. With a variety of Cloud platforms available, standardization efforts are still in progress while vendor lock-in could become an issue with the usage of vendor-specific APIs. Besides, there is a need to define programming models, right abstractions, development, design, deployment and evolution architectures for data-intensive business applications in the TM Cloud. TCS will enhance MasterCraft to support application development for the Cloud.
28
seamlessly integrated with leading industry ESM tools such as BMC Patrol, CA Unicenter, and HP Openview, and other monitoring solutions.
While migration, development, and management of applications on a Cloud infrastructure can be considered as an adaptation of existing tools and methodologies of conventional applications, a new offering is emerging in the Cloud arena, which provides tremendous opportunities to the vendors and service providers in providing innovative business models and applications in the Cloud. There are opportunities around innovative licensing and payment terms, which will enable almost any kind of application to be made available in the Cloud.
29
CLOUD COMPUTING IN HEALTHCARE INDUSTRY A high upfront cost has been the main deterrent to health care IT adoption, as India has traditionally always been a cost-sensitive market. However, this trend is gradually changing.
The three key pain points for health care service providers are:
High initial costs The need for human resources to maintain and service systems in-house Accessibility of data 24/7
A good cloud computing provider can resolve such challenges as it can deliver reliable 24/7 data access at reasonable costs. This is the best solution for the Indian health care system, since it reduces upfront investments in software and hardware. However, the concept of cloud computing is yet to prove its worth in health care, with just a few early adopters of this technology with an established presence in this area. The most significant challenge in adopting this technology lies in the uncertainty around
whether hospitals and clinics will trust their data to be stored offsite.
The health care delivery environment in India has distinctive challenges. Inadequate infrastructure and a constrained health care delivery work process further intensify the complexity. Other challenges in integrating IT into the Indian health care system include:
Lack of standards Lack of in-house IT domain knowledge Reluctance of medical, nursing and other staff to adjust to change Apprehensions around technology failures (paper systems appear more reliable) Lack of proper vendor support
30
The health care sector is now increasingly automated and highly dependent on information technology in the daily functioning of their businesses. They use health care management and information systems (HMIS), picture archiving and communications systems (PACS), electronic medical/health records (EMR/EHR) and point of care systems and generate significant clinical data. The key users of IT, apart from hospitals are also diagnostic centers, clinics or medical centers and R&D within drug companies. Correspondingly, these networks are complex and face constraints such as the availability of these services in remote locations, business continuity requirements, data security and integrity. The awareness and interest for cloud computing in the health care segment is at a nascent stage. Currently, hospitals spend a significant portion of their budget on non core resource costs. Cloud services extend to health care provide the promise of reduced IT costs in the face of continued margin pressures and the critical need to generate and store large amounts of health data or information. For the small and medium business (SMB) health care providers, cloud IaaS services lower the barriers to market growth by minimizing technology costs and upfront investments. For hospitals, besides keeping costs low, cloud helps in meeting compliance requirements of maintaining EHRs.
Store pathology and other reports(x-ray, etc.) Maintain and store patient records/billing/claimns. Host third party or in house applications (HMIS,etc) Connect on a community level between doctors/hospitals, diagnostics companies and patients.
31
As one of the largest, hosted services providers in the world, Microsoft offers a solid track record as an online solution provider. Long established in the cloud, Microsoft continues to invest heavilyU.S.$9.5 billion per yearin research and development to help drive the technology further. Uptime Microsoft guarantees 99.9 percent uptime at its data centers, which are outfitted to operate during power outages and after natural disasters. Microsoft replicates data from its primary data centers to secondary data centers for redundancy, without storing any data offsite Government IT is not one size fits alland neither is the cloud. Thats why our approach to cloud computing is developed on providing you with choices and flexibility. Government IT will continue to run applications within its own environment while adding new applications and services that run in the cloud. Our focus is making solutions for the real world of hybrid IT environments by providing cost-effective software and services that support your efforts to boost economic growth, create opportunities, and address societal challenges. And our extensive community of partners is available to work with you to deliver innovative solutions on premises or in the cloud.
32
fingerprint access control and data access limited to U.S. citizen personnel who have cleared background checks. Microsoft Exchange Hosted Services offers online tools to help your organization protect itself from spam and malicious software, satisfy retention requirements for e-discovery and compliance, encrypt data to preserve confidentiality, and more. Microsoft Forefront Online Protection for Exchange helps protect e-mail from spam, viruses, phishing scams, and e-mail policy violations. Microsoft Dynamics CRM Online streamlines customer relationship management, and delivers results through your browser and within your everyday productivity applications. Microsoft Office Web Apps (coming soon) let you access documents from virtually anywhere, and provides online access to your work and a core set of Microsoft Office functionality over the Web.
Platform and infrastructure services from Microsoft Azure Services Platform supports applications, data, and infrastructure in the cloud, giving you the flexibility to run applicationsor just store code or datain the cloud, on premise, or with a combination of both. Azure Services Platform is an on-demand operating environment for hosting, managing, and creating application services in the cloud, making it the choice of many Microsoft partners who are using it to build their own public and private cloud services and data centers.
Featuring Windows Azure for running Windows applications and storing data in the cloud, Azure Services Platform also includes Microsoft SQL Azure Database, a cloud-based, relational database service built on Microsoft SQL Server that offers highly available, scalable, multitenant database services. Software developers can use Windows Azure Tools for Microsoft Visual Studio to create, configure, build, debug, and run Web applications and services on Windows Azure. Windows Azure platform AppFabric, formerly known as .NET Services, makes it simpler for them to connect cloud services and on-premise applications. For more information, see our Windows Azure platform white papers.
33
Microsoft Code-Name Dallas makes it easy to find, purchase, and manage premium data subscriptions in the Windows Azure platform, and you can consume the data from any platform, application, or business workflow. Dynamic Data Center Toolkit for Enterprise is a free, partner-extensible toolkit that provides a framework for creating virtualized IT infrastructures. IT teams can use the toolkit with Windows Server 2008 R2 Hyper-V and Microsoft System Center Virtual Machine Manager 2008, along with partner extensions, to plan, operate, and deliver the foundation for a private cloud. System Center Online Desktop Manager lets you easily secure, update, monitor, configure, and troubleshoot computers from a single Web-based consolewithout the overhead associated with installing and maintaining an on-premise management infrastructure.
34
Cloud ERP
ERP software that is deployed into a cloud environment becomes "Cloud ERP Software". Most (if not all) Cloud environments are built using virtualization and load balancing technology that allows applications to be deployed across multiple servers and database resources. Ramco OnDemand ERP Ramco OnDemand ERP is a Software as a Service (SaaS) ERP delivered on the cloud
Ramco OnDemand ERP is the right solution for all your enterprise needs, because it takes the full power of ERP and places it on the cloud. Our ERP solution enables you to run the required solution on the Internet. Since it is a delivery of application (ERP) via Internet, you do not require any investment on new hardware, training, or additional IT staff. Also, you need not worry about the maintenance & upgrades, as all these happens automatically. Moreover, Ramco OnDemand ERP is so simple to install and can be implemented in weeks, and is definitely cost effective. Ramco OnDemand ERP is completely modular; you can choose the functions you need to achieve the perfect fit for your business. As the solution is available on the subscription model, you can scale up or down as per your requirements and save costs.
Ramco OnDemand ERP is a solution from Ramco Systems, a global software solution company in India, which has invested heavily in the state-of-the-industry service delivery, security technologies, and certification programs
35
Human Capital Management Cost Planning and Control Supply Chain Management Discrete Production Process Production Tool Management Maintenance Customer Relationship Management Financial Management Service Management
Business Analytics
Ramco Business Analytics solution empowers organizations to 'Measure, Monitor and Manage' their business goals and growth. This solution comprises the facility to conduct a simple yet comprehensive analysis of data and processes, on a real-time basis, and this eases decision making. With this solution, you can analyze, measure, and control organizational processes, and this provides a framework for planning ahead.
Extension Tools
Ramco's extension tools are an integral part of Ramco OnDemand ERP. They encompass the methodology, configuration settings, and documentation, which enable you to quickly evaluate, implement, and deploy best business practices for both industry-specific and general activities. These tools include the Extension Development Kit (EDK), which is pivotal in the effective functioning of a successful ERP application.
Ramco EDK allows organizations to build their own unique set of extended features to their existing functionalities. Ramco's EDK does this, without modifying the base product source code. As a result, migration to the next version is not compromised. Ramco EDK is also useful for making in-house changes after the solution goes live.
36
Technology Platform
Ramco OnDemand ERP
TM
is
based
Platform.
The Ramco VirtualWorks is a new breed of enterprise software, which allows organizations to assemble global-class applications rather than engineer them.
37
Efficiency and cost control. Companies depend on being able to provide consistent, reliable access to internal applications, external websites, and customer portals. In a traditional computing environment, this creates the need to build and maintain redundant systems, which can be expensive and difficult to manage. In cloud computing, this function is moved to the cloud, where service providers can leverage economies of scale to provide a highly reliable platform with greater cost and management efficiency. For many organizations, the most appealing feature of cloud computing is the flexible capacity it offers. Access to large amounts of scalable computing power gives organizations the freedom to adjust capacity up and down with the natural cycles of business. Resources can be added, turned off, or reassigned whenever necessary. The cloud eliminates the need for over-provisioning and the unnecessary hardware, software, maintenance, and electricity costs it incurs.
Better business support. The advantages of cloud computing are especially clear when looked at from a business perspective. By reducing the time and effort required to launch new applications, cloud computing helps IT become more responsive to the pace and dynamic nature of business. For IT, deploying a new business application is a major undertaking. Without sufficient time to assemble the necessary resources (human and financial), IT becomes a bottleneck to projects that could benefit the business. Applications supported by the cloud dont require the deployment of a large infrastructure at the customers location, which dramatically reduces the upfront
38
commitment of resources. New applications can be approved and deployed more quickly, making it easier to satisfy the needs of business managers throughout the organization.
Better financial management. With cloud computing, the financials are dramatically altered. Cloud computing eliminates the need for large capital outlays to launch new applications, moving the decision out of the investment realm and into the operational.
Transitioning from a capital expense model to an operational expense model reduces financial risk to monthly increments and provides a higher degree of flexibility to manage expenses over time. If the market slows, organizations arent locked into expenses their budgets can no longer support. If applications produce disappointing results, an enterprise can walk away or pursue a different direction without having to abandon an expensive on-premises infrastructure.
Stronger IT focus.
Cloud computing creates an opportunity for IT departments to change their focus from deploying and supporting applications to managing the services that those applications provide. By transferring the responsibility for monitoring and maintenance activities to a third party, the IT department can focus more on high-value activities that align with and support the business goals of the enterprise. Instead of being primarily reactive and operations-focused, the chief information officer (CIO) can function more as a technology strategist, working with business units to understand their business needs and advising them on how best to use technology to accomplish their objectives.
39
Examples IaaS offerings have hosted the Zeus botnet, InfoStealer trojan horses, and downloads for Microsoft Office and Adobe PDF exploits. Additionally, botnets have used IaaS servers for command and control functions. Spam continues to be a problem as a defensive measure, entire blocks of IaaS network addresses have been publicly blacklist.
cloud services is dependent upon the security of these basic APIs. From authentication and access control to encryption and activity monitoring, these interfaces must be designed to protect against both accidental and malicious attempts to circumvent policy. Furthermore, organizations and third parties often build upon these interfaces to offer value-added services to their customers. This introduces the complexity of the new layered API; it also increases risk, as organizations may be required to relinquish their credentials to third parties in order to enable their agency. Examples Anonymous access and/or reusable tokens or passwords, clear-text authentication or transmission of content, inflexible access controls or improper authorizations, limited monitoring and logging capabilities,unknown service or API dependencies.
Malicious Insiders
The threat of a malicious insider is well-known to most organizations. This threat is amplified for consumers of cloud services by the convergence of IT services and customers under a single management domain, combined with a general lack of transparency into provider process and procedure. For example, a provider may not reveal how it grants employees access to physical and virtual assets, how it monitors these employees, or how it analyzes and reports on policy compliance. To complicate matters, there is often little or no visibility into the hiring standards and practices for cloud employees. This kind of situation clearly creates an attractive opportunity for an adversary ranging from the hobbyist hacker, to organized crime, to corporate espionage, or even nation-state sponsored intrusion. The level of access granted could enable such an adversary to harvest confidential data or gain complete control over the cloud services with little or no risk of detection. Impact:- The impact that malicious insiders can have on an organization is considerable, given their level of access and ability to infiltrate organizations and assets. Brand damage, financial impact, and productivity losses are just some of the ways a malicious insider can affect an operation. As organizations adopt cloud services, the human element takes on an even more
41
profound importance. It is critical therefore that consumers of cloud services understand what providers are doing to detect and defend against the malicious insider threat.
Insufficient authentication, authorization, and audit (AAA) controls; inconsistent use of encryption and software keys; operational failures; persistence and remanence challenges: disposal challenges; risk of association; jurisdiction and political issues; data center reliability; and disaster recovery.
result in unknown exposures. It may also impair the in-depth analysis required highly controlled or regulated operational areas. Examples IRS asked Amazon EC2 to perform a C&A; Amazon refused.
If your business has been running for a while, then youll have a load of contacts, leads, customers and suppliers, as well as a bookkeeping system to make sure that youre tracking money properly. Maybe youve also got a website thats capturing new leads and sending you an email each time. If you sell products, then you might be running a stock control system, maybe only on Excel, but its a system nonetheless. As the business grows, youll be taking on more staff that will need to get to grips with the information management systems that youre using. Getting the information out of the owners head and into a system is a crucial step in the life of any business, and the sooner you start being organised, then faster youll grow. Not to mention the fact that using an intuitive, powerful piece of software means that you can spend less time on training staff and more time on selling! If youve got different software applications for each part of your business, then its going to take more time to get things done. Re-keying data takes time, and also opens up room for human error. You need to know where the most up to date information is when a contact is in your accounting system as well as your invoicing or CRM package, which one is right?
Integrated software brings all your essential tools into the same application, which means that you can move quickly efficiently and also gives you brilliant reporting capabilities without spending hours in spreadsheets. Having this integrated system online as a web based application
44
extends this power so that you can access the same, live data as the rest of your team, from wherever you all happen to be working.
Online CRM (Customer Relationship Management) software can be set up to create contacts automatically from your website, sending an automated response to keep customers engaged until you are ready to follow up. From here, they progress through various steps as you start to narrow down deals and make sales. Sending quotes and invoices straight out by email from a web based application is easy, and the client can approve or pay online by card. When invoices are raised and payments made, everything happens in the same system, which means that you can track the entire relationship from beginning to end without needing to bounce between different pieces of software. No re-keying of data. Everything is online, accessible from home, office or on the road, by multiple users, all at the same time.
45
Flexibility in working
Cloud Services are accessed securely through a web browser giving you and your staff access to vital business information anywhere, anytime, from any computer (MAC or PC). This makes implementing a flexible, mobile working system much more simple.
All the data you enter into a Cloud application will be looked after by the service provider, so you dont need to worry about having to back-up the data on your computer in case it is lost, damaged or stolen. Service Providers will store your data in specialist data centres, where there is very low risk of it being damaged, and it is available for you to access whenever you need it.
IDC Cloud Computing 2010 - An IDC Update, Frank Gens, Robert P Mahowald, Richard L Villars, Sep 2009 - Doc # TB20090929, 2009
Technical
aspects
of
Cloud
computing,
Lus
Ferreira
Pires,University
of
Twente,Meeting of the NVvIR, 17 June 2010 Ranganathan V (2010), Privacy Issues with Cloud Applications, IS Channel, Vol. 5, No. 1, pp. 16-20. Top Threats To Cloud Computing V1.0 Prepared by the Cloud Security Alliance, March 2010
47
48