The first two migration types implement the. Hardware-as-a-Service. (HaaS) .... your bill? ⢠What level of control over your data do you retain: for example, the ...
Proceedings of the 44th Hawaii International Conference on System Sciences - 2011
Service Migration in a Cloud Architecture Stephen Kaisler, SHK & Associates William H. Money George Washington University Abstract This paper examines service migration in a new computing paradigm, the cloud computing environment (CCE), by examining security and integration issues associated with service implementation. We postulate that a cloud architecture will evolve to be both more flexible and heterogeneous in resources because of the services complexity demanded by organizations. This introduces additional, but tractable, complications when considering the service migration concept within three support areas; acquisition, implementation, and security that present significant challenges to service migration in the cloud. From the consumer perspective, these support areas present the slowest and most costly components of the migration problem for small to medium size organizations. We hypothesize that several mechanisms including CCE platform standards and a computational virtual machine will need to be developed (or will emerge and achieve dominance in the cloud market domain) to facilitate service migration and the resolution of the issues identified.
integration issues associated with service implementation at the target host system(s). This paper expands the concept of service migration to the cloud computing environment (CCE), assesses security issues with respect to a CCE, and discusses several mechanisms for resolving those issues. Here, we address the first three issues in Table 1. Table 1. Summary of Issues [1] Issue Acquisition
Implementation
Security
Usage Reporting Valuation Legal
Description Choice of Acquisition Methods Intellectual Property Protection Infrastructure Detection/Support Computing Environment Integration and Eviction Dynamically Changing Needs Authentication of Service to Security Mechanisms Linking the Service to Security APIs Access to Resource Measurement Utilities Service Pricing Cost of Updates and Enhancements Contractual Mechanism Information Transport Costs & Controls
1. Introduction
2. Cloud computing
In [1] Cohen, Money, and Kaisler presented a new approach, service migration, to dynamic provisioning of services in an enterprise IT architecture (EITA). In [1], we surveyed a set of challenges and issues to implementing service migration. Of particular concern were the security and
Cloud computing [6] is a new computing paradigm in which an IT user does not have to physically own any computing infrastructure other than, perhaps, workstations. Contrastingly, the user “rents or leases” computational resources (time, bandwidth, storage, etc.) from some external entity, e.g., “pay-as-you-go” rather than
1530-1605/11 $26.00 © 2011 IEEE
1
Proceedings of the 44th Hawaii International Conference on System Sciences - 2011
“provisioning to peak”. A cloud architecture is the arrangement of massive numbers of computers in centralized, distributed data centers to deliver applications and services via a utility model. [7] Confusion exists about the nature of cloud computing because many authors discuss it generically instead of focusing on specific components, characteristics, and Internet enabled effects. Gartner asserts that a key characteristic is that it is “massively scalable”. [2] That is, it can either “scale up”, by moving to higher performance platforms, or “scale out”, by adding more servers to support a user’s computational needs. The key idea is that computational resources can grow as a user’s computational requirements grow. Originally, cloud computing was proposed as a solution to deliver large-scale computing resources to the scientific community for individual users who could not afford to make the huge investments in permanent infrastructure or specialized tools, or could not lease needed infrastructure and computing services. It evolved, rapidly, into a medium of storage and computation for Internet users that offers economies of scale in several areas. The Pew Internet and American Life Project [3] notes that 69% of Internet users have data stored on-line or use web-based software applications. Examples include various email services (HotMail, Gmail, etc.), personal photo storage (Flickr), social networking sites (FaceBook, MySpace) or instant communication (Skype Chat, Twitter). This approach represents a major shift in the geography of computation analogous to the service bureau concept of the mid-20th century. Large organizations are developing “private” clouds to host their own applications in order to protect their corporate data and proprietary applications
while still capturing significant economies of scale in hardware, software, or support services. Rather than providing the user with a permanent server to connect to when application execution is required, cloud computing provides “virtualized servers” chosen from a pool of servers at one of the available data centers. A user’s request for execution of a web application is directed to one of the available servers that has that application locally installed. Within a data center, almost any application can be run on any server. The user neither knows the physical server nor, in many cases, where it is located, i.e., it is locationally irrelevant. Cloud computing is a viable business computational model for small to medium businesses who cannot afford large investments in permanent infrastructure. The scalability, flexibility, pay-as-you-go and minimal upfront investment make CCEs an attractive option for computing services. But, for cloud computing to succeed, they must be able to run their own tailored or uniquely configured applications in the cloud, a capability available in the scientific community, but now becoming available in the personal and corporate usage community. 2.1 Models of cloud computing The cloud computing concept arises from the notion of “software as a service” (SaaS). A set of services are provided on a set of platforms at various locations. The user determines the service he requires and shops for the best value for that service based on specified defined criteria. As Figure 1 depicts, the computing services provided by a CCE can be accessed in four ways. The first model is Software as a Service (SaaS) in which the application runs entirely
2
Proceedings of the 44th Hawaii International Conference on System Sciences - 2011
in the cloud, where “software that’s owned, delivered, and managed remotely by one or more providers” [2]. The local client is typically a web browser or lightweight client. Email and search engines such as Google, are exemplars. Some CCEs provide specific software stacks for specific applications, such as business intelligence. The second model is attached services in which a local application acquires common services that allow it to interoperate with other applications or users at other sites. One example is Apple’s iTunes where the local app plays music and allows the user to manage a playlist while the
personal computer. Recently, a has emerged where the user platform in the cloud for development along with the system development kits.
fourth use “rents” a application associated
2.2 Benefits of cloud computing Cloud computing provides several benefits to an organization. First, the organization does not have to invest heavily in physical or software infrastructure except for communication pipes to the Internet or the private grid. Second, there’s no “upfront” cost, except, perhaps, an administrative charge to set up an account. Typically, cloud computing is operated as a “pay-as-you-go” operation much like renting movies on demand from Comcast. There is no minimum charge and the maximum charge is whatever the organization can afford. Moreover, different charges can be assessed for different types of resources depending on the resources characteristics. Third, users can access their data wherever they have access to the Internet. Fourth, because the data are stored in the cloud, users assume they won’t lose their data if their personal computer fails. Fifth, users believe it enables easier data sharing with others. 2.3 Limits of cloud computing
Figure 1. Cloud Computing Models attached service allows the user to buy new audio content. Microsoft’s Exchange Hosted Content is another example. The third model treats cloud platforms as application execution engines, e.g., Hardware as a Service (HaaS), which communicate with applications. This approach drives SETI@Home, where the application parcels out signals to be analyzed by an application on an idle
To date, the literature implies that cloud computing supports the execution of services and applications that are already installed and available in one or more data centers. Assuming multiple organizations operating the cloud computing data centers, a user can “shop” for the best deal regarding application execution and long-term data storage (if he chooses to store his data in the cloud). The types of applications that are most amenable to cloud computing are those that
3
Proceedings of the 44th Hawaii International Conference on System Sciences - 2011
serve a very large population of users, such as email, various types of general web applications, document processing, graphics presentation, etc. Such applications can store their data in the cloud and access it from any of the servers within the data center from any Web portal. 3. Migration in cloud computing Cloud computing offers a significant advance in user’s and organization’s abilities to acquire diverse computing services and data storage at marginal but varying costs. However, unlike an EITA [1], which exists (typically as a more standardized single set of coordinated resources) for a single corporate entity, a cloud architecture is can be both flexible and heterogeneous in resources: hardware, software, personnel, and legal entities. Cloud computing resource needs for an organization are not actually “simple” and services are not truly standardized. We believe this introduces additional, but tractable, complications when considering the service migration concept. Clouds seem to be implemented top-down and, currently, are designed to serve a limited, specific set of use cases and usage modes [5]. Typically, as mentioned in section 2, these are web-based applications used by a large interactive community. Presently, cloud computing cannot support users who cannot switch from legacy applications because equivalent cloud applications do not exist. [7] Table 2. Migration in the Cloud Type of Migration Data Migration Manual Movement Information Migration (Data+Schema+Context) Semiautomatic Movement
Cost/Speed High Slow Medium Slow
Service Migration Automatic Movement of Data and Information Manual Movement of Applications Autonomic Migration Automatic Movement of Data, Information and Applications
High/Low Medium to Slow Low Fast
In Table 2, we introduce a simple model and hypothesis comparing the relative cost/speed for migration in a cloud computing environment (CCE). For data migration, the user sends data into the cloud to be processed by an available server using standard applications. A user can choose the server through one of several mechanisms, including auction, advertised price, guaranteed service, etc. For information migration, the user sends information, which can carry with it its own schema and processing requirements, to a broker who selects the best location based on the processing requirements. In service migration, the user sends applications (perhaps, along with data) to the cloud for processing. The applications transferred may be unique or proprietary to the organization. Finally, in autonomic migration, user services and data reside somewhere in the cloud along with additional information about processing requirements. The first two migration types implement the Hardware-as-a-Service (HaaS) and Software-as-a-Service (SaaS) concepts, which represent the state-of-the-art. In the remainder of this paper we focus on service migration. Autonomic migration will be the subject of a future paper. 4. Service migration issues Of the categories presented in Table 2, we believe that three – acquisition, implementation, and security – offer the greatest challenges to service migration in the cloud from the consumer perspective
4
Proceedings of the 44th Hawaii International Conference on System Sciences - 2011
because they represent the slowest and most costly components of the migration problem. We highlight some of the critical problems facing small to medium organizations as they consider cloud computing as a means of obtaining computational services. Some of these problems can be ameliorated by the use of standards, which are discussed in section 5.
contracts and service agreements with all three providers. A key unanswered question is where is the tradeoff between cloud computing and a private infrastructure? One or more cost models need to be developed to assess the cost of moving from the existing architecture of a private data center to the distributed, anonymous architecture of the cloud.
4.1 Acquisition Within a cloud computing environment, there can be many potential computing, storage, and communication service providers available with different cost schedules and service offerings. In data and information migration, a client would seek proposals for providing a particular computational service and, perhaps, a data transmission service, possibly separately. The user would evaluate these to seek the best combination that meets budget and schedule requirements. In service migration, the client’s decision expands to include: • Which service provider can execute his applications with the best cost-benefit (for example, minimum cost, and best time to delivery)? • Which service provider can host the data required for the application? • What is the best communications path to transfer applications and, perhaps, data to the service provider with the best cost-benefit? • Which service provider guarantees a service level agreement (SLA)? • What is the guarantee of data access (retention) if a CCE provider goes outof-business? So, it is possible, in the CCE, to have three different providers: the HaaS provider, the SaaS provider, and the data transport provider. The user may have to have
A major issue for acquisition in the CCE is assessing the risk for vendor lock-in: what mechanisms might vendors use to prevent migration to alternative environments. In service migration, where dynamic migration, albeit manual, is considered, more user interaction is required between user and provider. Thus, greater awareness and care must be taken by the user as to the mechanisms for transferring and installing the user’s applications at the service provider’s site. The user must be alert to customizations by the service provider that lead to unique service environments. Finally, the user should consider the financial viability of the service provider. A key question is what happens to the user’s data and applications should the service provider go bankrupt and shut down over night. Another is how does the user go about recovering data and applications in a timely manner. 4.2 Implementation A cloud computing environment will most likely be a heterogeneous environment in hardware, software, and personnel. In data and information migration, we assume the services are defined by the CCE providers. The user must adapt his data/information to the formats demanded by these services. As with service bureaus, the providers deploy a standard set of services likely to satisfy the
5
Proceedings of the 44th Hawaii International Conference on System Sciences - 2011
needs of most consumers. We assume that providers would be willing to develop and deploy customized services via a negotiated contract. However, the user then loses a key benefit of the cloud, which is the ability to “run anywhere”, and is tied to a particular service provider. Implementation questions include: • What happens in the cloud (or at a selected service provider) when the set of service demands exceeds the available computational resources? [Is there an analogy to hotel or airline overbooking?] • Once a service provider is selected, does the user access data – manually or automatically? At what cost? • How does one measure reliability versus liability when a CCE provider assumes the responsibility for running “missioncritical” apps? 4.3 Security and privacy A CCE consists of service providers from multiple legal entities. It is one method for implementing an EITA. While in a closed EITA, a client might reasonably assume a non-malicious environment; such an assumption is not possible in the CCE. This goes against the grain of the Confidentiality, Integrity, and Availability (CIA) security model. For many businesses steeped in CIA, accepting an IT model that appears to violate its principles will be difficult to accept since HIPAA, FISMA, and SOX place the burden on the organization rather than the provider [4]. Data must often be retained locally to satisfy regulatory requirements. Allowing a third party to have custody of personal documents raises significant questions about control and ownership of information. Some of the questions that a user must consider include:
• • • •
• • •
•
If the user moves to a competing service provider, can you take your data with you? Do you lose access (and control and ownership) of your data if you fail to pay your bill? What level of control over your data do you retain: for example, the ability to delete data that you no longer want? If your data is subpoenaed by a government agency, who surrenders the data (e.g., who is the target of the subpoena)? If a customer’s information are in the cloud, does this violate privacy law? How does an organization determine that a CCE provider is meeting the security standards it espouses? What legal and financial provisions are made for violations of security and privacy laws on the part of the CCE provider? Will users be able to access their data and applications without hindrance form the CCE provider, third parties, or the government?
Regardless of the service agreement between the cloud host and the user regarding governing law, several jurisdictions might claim authority over the data. For example, law enforcement officials in the location in which a particular server is housed likely would assert jurisdiction over the server, even if neither the user nor the cloud host has a major presence in that locale. Users may be surprised to discover that their documents and images stored in the cloud could be subject to laws not of their home state, but instead—or in addition to—some distant state or country with, perhaps, more or less protective laws. This is similar to the situation today in which the U.S. asserts criminal jurisdiction over offshore website operators that accept online gambling from users located in the U.S.
6
Proceedings of the 44th Hawaii International Conference on System Sciences - 2011
Resolving these issues may have significant economic and financial implications for both providers and users. Placing corporate assets, such as data or applications, into the custody of service providers raises several legal issues. Service agreements and contracts must be tightly written to assign liability in the event data is lost, stolen, or corrupted and to protect the intellectual property embedded in applications. For example, the DOD may require contractors to have plans for continuity of operations in case of catastrophic events. Cloud computing provides a possible solution. Information stored in the cloud is much more accessible by a private litigant or the government. Traditionally, if an enterprise has information in its possession that a government wants, the government must come directly to the owner of the information to get it. But if the information is in the custody of a third party, the information potentially could be released without the owner's knowledge. The government, for example, can demand the release of the information without the owner of the information being able to object to the disclosure let alone even know their information has been released. A further problem is the location of cloud resources. Different rules and laws apply in the European Union versus the United States. This will apply to both data and applications residing at a cloud site. Within the US, different state’s privacy laws may apply which further muddles the picture. Thus, an organization will have to be very cautious in its usage of cloud computing.
4.4 Economics Cloud computing will ultimately succeed or fail based on its economics. Like permanent organizational infrastructure investments, the SaaS and HaaS models require up-front investment in software and hardware. But, the business model is challenging as upfront revenue streams are much smaller and can vary widely from week-to-week. Server utilization can be greatly increased if the CCE can support on-demand application deployment, e.g., service migration from the organization to the cloud. However, this requires the service provider to be adept at bidding on and negotiating contracts to provide service(s) that can make a profit. In the next section we suggest several standards that can facilitate level 3 of our model. These standards will be critical to optimizing the bid-response negotiations between potential users and providers of services. 5. Standards As noted in section 4, several types of standards need to be developed to facilitate service migration within the CCE. The Open Cloud Consortium (OCC) [6] is beginning to tackle the challenge of developing standards for data and information migration as discussed in their working groups. Figure 2 presents a suggested set of standards. We will address the standards required for service migration. We envision the negotiation proceeding as follows. A user publishes a request for service for one or more applications by posting an Application Requirements Specification (ARS) for each application on a bid-request site. Potential service providers, either manually or automatically match the
7
Proceedings of the 44th Hawaii International Conference on System Sciences - 2011
ARS against the Computing Services Specification (CSS) for each host site. Service providers bid to deliver services for the ARS with reference to their Service Billing Specification (SBS) to the user via the bid-request site. The user decides to accept one (or more) of the bids from various service providers for some or all of his applications. For the bids he accepts, the
Figure 2. Suggested CCE Standards Service Level Agreement is negotiated using the CSS and SBS. The user then manually transports applications and data to each site based on the bid for application execution and/or data hosting. An element of the decision process is matching the computational environment capabilities – as given by the CCE Platform Specification and the CVM Specification to the ARS.
5.1 Computing environment standards Two standards are required for defining the computational environment for applications: a CCE platform standard and a computational virtual machine. The computational virtual machine (CVM) will specify an environment for executing an arbitrary, perhaps anonymous, program. The CCE Platform Specification (CPS) will specify a collection of physical resources that are guaranteed to be available to the CVM running on the computer system at a particular site. Such resources include performance, storage – both main memory and mass storage, communication, etc. Both standards, of course, would specify the minimum capability available at a particular site. It is expected that any site could exceed the minimum capabilities. Each standard would need to provide a means for specifying or determining what additional capabilities might be available at any particular site. There may be several different CCE Platform and CVM standards. A particular computer system may support multiple CVMs. At a particular host site, there may be several systems running the same CVM, but supporting different cost-performance models. 5.2 Computing services standard Moving an application to a service provider will require a new set of standards to be defined, which can provide: • A description of the computational resources available at a site • A description of services provided at the computational environment • A description of the application’s computational requirements (see 5.3)
8
Proceedings of the 44th Hawaii International Conference on System Sciences - 2011
A Computing Services Specification (CSS) will provide a standard description of the services and costs for using them at a site. The CCS should define classes of service and constraints on types of applications. We assume that (at least) one CSS will be associated with each CVM. A CSS requires a taxonomic structure for a cloud computing environment. Not every CCE host site will fully satisfy the taxonomy. The CVM must provide a mechanism for supporting communications among each application’s distributed components. 5.3 Application requirements standard An Applications Requirements Specification (ARS) will specify the resources that an application needs to execute within a CVM on a CCE platform. Few CVMs exist that operate on multiple platforms – the Java Virtual Machine being one of them. An ARS must specify requirements for application execution that can be interpreted within the CVM framework. We suggest that both the CVM and the ARS be written in an RDF notation which allows computerbased matching and resolution. This will enable automatic selection of a CCE host site during Level 4 of our model – Autonomic Migration. 5.4 Service billing specification A standard means of billing for services rendered by a service provider will be required, the Service Billing Specification (SBS). This specification should provide users with a clear definition of services and rates for a CCE host site. It should also explicitly state the Service Level Agreement between the user and the provider.
6. Conclusion We set out to determine if the service migration concept is compatible with the cloud computing paradigm. We conclude that the service migration concept enhances the use of cloud computing to provide an organization with computing services subject to security and privacy criteria. While cloud computing is a viable concept for the on-line consumer community, it may not yet be a viable business model for small to medium organizations until the numerous issues and challenges by the security and legal problems posed are resolved . We suggest a model for data and service migration in a CCE. This paper focused on service migration. Future work will address autonomic migration of data/information and services within a CCE. The questions raised in section 4, when considered in an autonomic environment, increase the decision-making complexity. Additionally, we have not addressed how service migration will affect the consumer’s ecosystem, e.g., by the transition to service provision and data/information storage in the cloud. We hypothesize that this capability will yield new business models and, perhaps, accelerate a transition from brick and mortar offices to more mobile and distributed organizations. Another aspect of service migration is how multi-enterprise (B2B) interactions and technologies will be affected by service migration. We hypothesize that autonomic migration will enable B2B interactions in interesting ways that need to be explored. Our research effort into service migration will continue to address some of the issues raised in this paper as we seek to develop and understand new models of providing
9
Proceedings of the 44th Hawaii International Conference on System Sciences - 2011
computational services within the dynamic service provisioning environment that cloud computing can provide. We will also continue to address the security and legal issues raised in section. Acknowledgement: The authors thank Hugh Watson, Edwin Huizenga, Chad Plambeck, and Lionel Mew. 7. References [1] Cohen, S., W.H. Money and S. H. Kaisler. 2009. “Service Migration in an Enterprise Architecture”, HICSS-42, Big Island, Hawaii [2] Desisto, R.P., D.C. Plummer, and D.M. Smith. 2008. Tutorial for Understanding the Relationship Between Cloud Computing and SaaS, Gartner, G00156152 [3] Horrigan, J. 2008. “Use of Cloud Computing Applications and Services”, PEW/INTERNET Memorandum [4] Jaeger, P., J. Lin, and J.M. Grimes. 2008. “Cloud Computing and Information Policy: Computing in a Policy Cloud?” Journal of Information Technology and Politics, 5(3), http://www.jitp.net/ [5] Jha, S., A Merzky, and G. Fox. 2008. Programming Abstractions for Clouds, [6] Open Cloud Consortium,
http://www.opencloudconsortium.org/index. html [7] Sun Microsystems. 2009. Introduction to Cloud Computing Architecture, White Paper
10
