Cloud Forum 2011

The Cloud Forum 2011 Spring Edition in Media Plaza, Utrecht was not really what I hoped for. My expectations were to learn about the cloud and SOA, but what I learned at the forum was mostly about the technical infrastructure. Then again, when you're consuming services from the cloud you have already a SOA (Service Oriented Architecture) in place, so the focus should change from SOA integration to SOA governance and SOA security. Unfortunately my curiosity about SOA governance and SOA security was not satisfied, maybe next year?

One session from Mike Chung was interesting, he placed the cloud hype back in perspective. To identify a cloud Mike gave us the following mnemonic 0 - 1 - ∞:
0 - zero investments
1 - one version
∞ - unlimited scalability

Mike also wrote, together with John Hermans, the KPMG Cloud advisory [ref: From Hype to Future (pdf)]. It's a nice read, this cloud computing survey of 2010.

Cloud computing offers services on various IT layers. When it is at the software layer it is also known as Software-as-a-Service (SaaS). Gmail is an example of SaaS. Platform-as-a-Service (PaaS) delivers IT services on the platform layer such as an operating system or an application framework. Additional software must be developed or installed by the customer. Infrastructure-as-a-Service (IaaS) delivers technical infrastructure components such as storage, memory, CPU and network. Additional platforms and software must be installed by the customer.

The cloud computing market is dominated by very few vendors as the 'Big Four': Amazon, Google, Microsoft and Salesforce.com
SaaS (Software + Platform + Infrastructur): Salesforce.com, Microsoft BPOS, Gmail
PaaS (Platform + Infrastructur): GoogleApps, Force.com, 3tera AppLogic, Azure
IaaS (Infrastructur): Amazon EC2, AppNexus, Citrix Cloud

Basically cloud is the new hype-in-progress and fast-evolving. Yet there is a lack of vendors/standards/certifications, a good initiative can be found in the U.S. with FedRAMP [ref: FedRAMP]:

The Federal Risk and Authorization Management Program has been established to provide a standard approach to Assessing and Authorizing (A&A) cloud computing services and products. FedRAMP allows joint authorizations and continuous security monitoring services for Government and Commercial cloud computing systems intended for multi-agency use.

When will Europe follow?

Still today I learned a nice quote from a head of architecture of a firm in the industrial markets sector:

"We are still using our locally installed ESB and BPM software. Cloud computing is great for relatively simple services such as e-mail and CRM. When it comes to complex architectures such as SOA, a cloud is pretty much useless."