Tuesday, October 28, 2008
Enterprise Architecture and Cloud Computing
James Governor published research through the eyes of a vendor, while Jeff looks at things through the eyes of customers. In order for industry analysts to not have daggers thrown at them, they have to understand the distinction between who pays them to create research vs those who consume research.
Cloud computing has several characteristics that industry analysts continue to ignore. Consider that if an enterprise wants to move compute power to the cloud that they may also need access to data which goes above and beyond simply poking a hole in the firewall and/or applying encryption. How about talking about what industry standards that should exist prior to deployment to prove that data is not only encrypted while in the cloud but is certified as destroyed when no longer required?
Do clouds need to participate in federated identity? What about the authorization model used to secure services within the cloud? Is XACML the right specification? Instead of worrying about what operating system the cloud runs, how about talking about the methods in which enterprises can build applications that are operating system agnostic?
40 page requirements are still needed because the industry hasn't figured out a complete yet concise way of describing the notion of a service-level agreement. I wonder if James and Jeff believe that instead of throwing daggers at each other, whether they have some duty to actually help get this type of industry standard off the ground to enable proper cloud computing ecosystems...
Links to this post: