practice
Doi: 10.1145/1743546.1743565
Article development led by
queue.acm.org
Elastic computing has great potential,
but many security challenges remain.
BY Dustin o Wens
securing
elasticity in
the cloud
As soMe WhAT of a technology-hype curmudgeon,
I was until very recently in the camp that believed
cloud computing was not much more than the
latest marketing-driven hysteria for an idea that has
been around for years. Outsourced IT infrastructure
services, aka Infrastructure as a Service (IaaS), has
been around since at least the 1980s, delivered by
the telecommunication companies and major IT
outsourcers. Hosted applications, aka Platform as a
Service (PaaS) and Software as a Service (SaaS), were in
vogue in the 1990s in the form of application service
providers (ASPs).
Looking at cloud computing through this
perspective had me predicting how many more
months it would be before the industry came up with
another “exciting” technology with which to generate
mass confusion and buzz. However, I have recently
been enlightened as to the true potential of cloud
computing and have become very excited
about it, to say the least. This concept,
which has generated the most industry
hype in years—and which has executives clamoring for availability because
of promises of substantial IT cost savings and innovation possibilities—has
finally won me over.
So, what did I discover about cloud
computing that has made a convert
out of someone who was so adamantly
convinced that it was nothing more
than the latest industry topic du jour?
First let me explain that it was no
small feat. It took a lot of work to sort
through the amazing amount of confusion concerning the definition of cloud
computing, let alone find a nugget of
real potential. Definitions abound, and
with my curmudgeon hat still solidly
in place I was beginning to see a lot of
hair-splitting and “me too” definitions
that just seemed to exacerbate the
problem. I finally settled on the definition provided by the National Institute
of Standards and Technology (NIST)
because of the simplicity the framework provides (see the accompanying
sidebar). Still, it wasn’t until a good
friend who had already discovered the
true potential hidden in all this madness provided me with some real-world
use cases for elasticity that the light began shining very brightly.
Elasticity, in my very humble opinion, is the true golden nugget of cloud
computing and what makes the entire
concept extraordinarily evolutionary, if
not revolutionary. NIST’s definition of
elasticity ( http://csrc.nist.gov/groups/
SNS/cloud-computing/) is as follows:
“Capabilities can be rapidly and elastically provisioned, in some cases automatically, to quickly scale out and rapidly released to quickly scale in. To the
consumer, the capabilities available
for provisioning often appear to be unlimited and can be purchased in any
quantity at any time.” When elasticity
is combined with on-demand self-service capabilities it could truly become
a game-changing force for IT.
Advanced outsourced IT infrastructure and software services, once available only to organizations with large
