Re: [clouds] Scope of the Cloud is too big

[Mark Webb <mwebb@cisco.com>]

Look at

http://www.cloudaudit.org/

For cloud audit.  It is difficult to specify audit when the services  
are so different today.

The industry has not settled on a small set of services definitions of  
what "cloud" is. So, how does one audit SaaS, PaaS?  When the services  
offered in that space are so different?  IaaS is the most mature and  
perhaps the lcd of cloud.

So, who here thinks that "IT functions as a service" or ITaaS is  
something that IETF can specify?  OK that was rhetorical.  My point  
is, the real opportunity is to look for elements that are mature  
enough to have some problem to be solved defined.  Then ensure you are  
not duplicating what other SDO or Forum are already working on.

Mark Webb

On Apr 8, 2010, at 8:36 AM, Gene Golovinsky wrote:

> While I agree that SaaS, IaaS and PaaS are different categories they  
> all basically do the same thing – letting people consume IT  
> functions as service.
> As a result the same multiple problem spaces apply: users need to be  
> authenticated, their access need to be controlled, activities  
> audited, data protected, functionality provisioned and the list goes  
> on.
>
> Cloud Security Alliance mentioned earlier does not necessarily deal  
> with those issues. I read their guidelines and it mostly deals with  
> deployment recommendations, but the area of auditing for example is  
> not really covered.
>
> Ability to audit is really important if we want to insure that  
> people that care about compliance actually use cloud technologies.  
> Yet neither ability, nor technology for that is there. While  
> traditional logging (syslog) is not good enough for the cloud simply  
> because we are dealing with shared and dynamically allocated  
> resources and user info is not consistently available.
>
> --Gene
>
>
>
> From: clouds-bounces@ietf.org [mailto:clouds-bounces@ietf.org] On  
> Behalf Of Linda Dunbar
> Sent: Wednesday, April 07, 2010 12:16 PM
> To: carlw@mcsr-labs.org; 'Mark Webb'; clouds@ietf.org
> Subject: Re: [clouds] Scope of the Cloud is too big
>
> I find it difficult that people in the same room talking about  
> totally different subjects. Very hard to get the discussion moving  
> forward.
>
> Linda
>
> From: Carl Williams [mailto:carlw@mcsr-labs.org]
> Sent: Wednesday, April 07, 2010 11:59 AM
> To: 'Linda Dunbar'; 'Mark Webb'; clouds@ietf.org
> Subject: RE: [clouds] Scope of the Cloud is too big
>
> The name is irrelevant and perhaps in future it could change to  
> avoid distraction.  The technology discussions is what is key and  
> that is what was discussed in the informal meeting.  From what I can  
> tell the purpose was to get some informal discussion going first and  
> see what people are thinking.  There seems to be some conclusion  
> that the next step was to conduct a gap analysis.
>
> Carl
>
>
> From: clouds-bounces@ietf.org [mailto:clouds-bounces@ietf.org] On  
> Behalf Of Linda Dunbar
> Sent: Wednesday, April 07, 2010 11:48 AM
> To: 'Mark Webb'; clouds@ietf.org
> Subject: [clouds] Scope of the Cloud is too big
>
> I attended the CLOUD’s bar BOF. I don’t think it is appropriate for  
> IETF to have a working group on “CLOUD” because it means different  
> things to different people. Cloud computing is a general term for  
> anything that involves delivering services over the Internet. I can  
> see three basic categories:
> p  Infrastructure-as-a-Service (IaaS),
> p  Platform-as-a-Service (PaaS) and
> p  Software-as-a-Service (SaaS)
>
> There are a lot of stuff under each of the categories above. I  
> suggest separating them and further studying if there are enough  
> contents for one of them to become a working group.
>
> Linda Dunbar
>
> From: clouds-bounces@ietf.org [mailto:clouds-bounces@ietf.org] On  
> Behalf Of Mark Webb
> Sent: Wednesday, April 07, 2010 10:09 AM
> To: clouds@ietf.org
> Subject: Re: [clouds] Use cases
>
> I was not there at the BoF, but did get reports from a couple of  
> people in attendance.
>
> An important perspective is to ensure IETF does NOT start a new  
> effort that overlaps with other SDO and Forum already underway.  The  
> industry does not need more SDO declaring they are relevant to cloud  
> computing IMO.
>
> Seeking contributions on relevant & IETF appropriate gap analysis is  
> the _most_ that should be pursued at this point in time.
>
> Mark Webb
>
>
> On Apr 7, 2010, at 10:57 AM, Gene Golovinsky wrote:
>
>
> Well, I think this is a topic worthy of IETF time and attention.
> How can I help to move the discussion forward?
>
> Was there any specific area out of the white paper discussed?
> I think Cloud interoperability and security are topics were IETF is  
> traditionally focusing its efforts.
>
> --Gene
>
>
> -----Original Message-----
> From: clouds-bounces@ietf.org [mailto:clouds-bounces@ietf.org] On  
> Behalf Of Peter Saint-Andre
> Sent: Wednesday, April 07, 2010 9:48 AM
> To: clouds@ietf.org
> Subject: Re: [clouds] Use cases
>
> On 4/7/10 8:40 AM, Gene Golovinsky wrote:
>
> >    2. I saw references to bar BoF at last IETF meeting, but could  
> not
> >       really figure out if the WG was chartered.
>
> It was a bar BoF, not a real BoF. And IMHO the discussion was so  
> nebulous that folks are a long way from forming a WG.
>
> Peter
>
> --
> Peter Saint-Andre
> https://stpeter.im/
>
>
>
> _______________________________________________
> clouds mailing list
> clouds@ietf.org
> https://www.ietf.org/mailman/listinfo/clouds
>
>