Monthly Archives: January 2009

OpenID/OAuth – a step forward in the Interoperability field

Posted on by
Reply

As Reuven reported in the CloudForum Google Group, Google has released its OpenID/OAuth  implementation. This is a major step forward in the Interoperability field. This example is fundamental to show how it’s possible to add real “conversation” capabilities (or information exchange) among Cloud Computing Service providers.

As I’ve already said, instead of developing new tools or platforms, reusing old ones and trying to combine them is, in my perspective, the only way to achieve real Interoperability in the Cloud. Cloud Computing is something that must be a reality now, we must not be forced to wait for future or complex interoperability platforms.

The work that Google has released is very important and it will allow, for instance, that a user from Zoho Writer can use data from a Google Docs Spreadsheet and then make the result available in his Linkedin profile. This is a theoretical example, but it’s intended to demonstrate the power of these new tools.

In other perspective, with OpenID/OAuth (and also maybe using I-Card/Higgins) we’ll be able to deploy Identity Management platforms (authentication and authorization) in a federated way, but without the need to use closed solutions. These federated platforms are very common in academic institutions. Even though these federated IdP are usually built with open technologies, like the OASIS SAML specifications and Internet2 Shibboleth software, they lack real Interoperability capabilities. They have very inflexible IdP discovery mechanisms, and users’ attributes or users’ data sharing mechanisms. Despite all the excellent work that is continuously done by Shibboleth, and even with the recent introduction of SAML2.0, these problems are still unsolved. Using the OpenID/OAuth approach, the federated IdP will definitely obtain major benefits.

[updade 23/07/09]

This short post  has been discussed in the projectconcordia mailing list: (http://lists.projectconcordia.org/pipermail/community/2009-July/002007.html), and I think I should clarify some of my initial thoughts. First, this is not a “OpenID Vs SAML” text. I’ve worked with both in the past and I’m continuing develop this work in an integrated way. I’m responsible to manage and develop an SSO platform initially  designed to support  SAML  2.0, and I’m now updating this platform in order to support OpenID as well.

Another short note, when I was talking on  SAML 2.0 being only recently introduced, I was talking on the context of the Shibboleth stable versions.

Squeeze the Cloud to fit into your hand

Posted on by
1

How could we do this strange thing – squeeze something so large as a cloud, and  specially if we want that the result will fit into the palm of our hand? First we must remember that Cloud Computing is  as large as we could do it, or better, as large as we could use it. Cloud Computing is all about  applications and how they could fit in our daily life, work, etc.

This is exactly what Palm thought about it, although I suppose that they specifically didn’t had the Cloud Computing paradigm in their mind when they started the development process of Palm webOS.

The integrated way that Palm webOS uses Cloud Computing information (user contacts, calendar, etc), in  addition with the way web OS SDK (Mojo) will allow developers to create applications as a part of the Cloud – using HTML5, CSS, JavaScript, will allow Palm products to be seen as an efficient and user centric  Cloud Computing approach or employment.

News and details about Palm platform are yet scarce, but the concept and the Palm presentation at CES 2009 are very  promising.  As usualy, we have a lot of skeptics, but this time we have strong reasons for this skepticism, Palm was expert in doing showcases and presentations that they wouldn’t be able to accomplish.

But this time, if Palm won’t be able to do it, I believe that someone will. This “Cloud on your hand” approach is definitely a thing that users will want and love.

As another example of developments in this area is the work done by www.jolicloud.com. You can find more about their work in the TechCrunch post (thanks Luis for this link). And finally we shouldn’t forget the visionary work done by the eyeOS project.

Interoperatibily, Interoperatibily, and Interoperatibily

Posted on by
Reply

In my post, that’s a follow up of Reuven Cohen initial thoughts about UCI,  I’m  analysing the same point of view of this new Reuven Cohen’s post.

We already have a lot of technologies that could be used as a starting point to make this Cloud world a better place in the interoperability perspective. As Reuven  also said, Cisco is moving in this direction, but you cannot forget other examples, as the recent work done by Microsoft with its Azure and Geneva. In contrast to what they usually do, this time they could (in same aspect) be used as an example.   I’m following closely the work on the Geneva platforms, and Identity 2.0 platforms,  but Azure also has interesting architect decisions.

Cloud’s power and the Internet (dis)connectivity

Posted on by
1

With Cloud Computing we’re invited to store our personal and professional data into a Service Provider, usually without needing the knowledge of any kind of technical “dark” details. This is great! Remember that with Cloud Computing we should be able to let this “dark” IT details be part of the past. We should be able to focus our energy on our core business.

As I try to discuss in earlier posts, to have personal data in places that we don’t completely control is  hard to accept, especially for technical experts. The trust (reputation/security) subjects are not the only relevant matter. We must focus our  attention in other “simple” things such as connectivity, Internet access availability and even Internet communications latency time.

To solve, or at least, to reduce the impact of  Internet disconnectivity, Google has been developing the Google Gears. With it, I can, as an example, continue to review my posts on Worpress (www.cloudviews.org backend) or to make a presentations  using  Google Docs. Gears is having daily developments and its set of features is also increasing very fast. Things like client’s data encryption (also discussed in this gears google groups post) or a lot of other features are under developing, but Gears doesn’t solve every problems, especially the ones related with enterprises.

If a company, even a small one, loses its Internet connectivity, Google Gears will solve the problems (in a small part, at least in the time being) of every individual user, but they will lose the possibility to continue working together. This may not be a problem for micro-companies, but it will become more relevant as the company size increases.

To “attack” this kind of problems we will need more advanced solutions (a kind of Google Gears Enterprise). The  solutions must be able to locally cache the data, but they also need  to understand how the applications are working. Without this “intelligence” they will lose the ability to allow users continue working as a team.

In this field, we already have some work done, at least in the first part of the problem – locally caching date in the enterprise. As an example, you can take a look at the “Ventus Proxy“. I’m looking forward to see how they will evolve this kind of products or solutions.

Cloud it or not to Cloud it – Virtualization

Posted on by
Reply

In my “Cloud it or not to Cloud it” set of posts I’m trying to discuss simple concepts or technologies that must be part of any Cloud Computing migration or study. When I say “simple” I’m referring to those technologies that are nowadays well known and had already the opportunity to be transformed in examples that we can trusty follow.

One of those technologies is Virtualization. Thanks to VMware and other persistent companies, and also thanks to the first IBM CP-40, we have in the time being,  a large group of solutions and business models that have been transforming Virtualization in a reality that must be part of every Datacenter or IT department. The recent developments in the hardware field (AMD-V and INTEL-VT) have also contributed to this Virtualization boom.

So, if you haven’t take a look into this Virtualization reality, you haven’t been able to find out how you can increase your hardware infrastructure utilization, how to increase the availability, or even, how you may increase the elasticity and security of your IT infrastructure.

With Virtualization, together with all this infrastructure optimization,  you may also learn how your applications could behave on the Cloud, in the sense that Virtualization is the core of the majority of clouds. Although we have the Azure example and its one-to-one relationship between a VM [virtual machine] and a physical processor core, in the majority of the Clouds you will not have, at least for the time being, this guaranty.

As it’s discussed in the cloud-computing google groups,  Virtualization issue is not only important in order to have all your infrastructure ready to move to the Cloud, just by copying all your virtual machines images to a service provider, but mostly because with it you will be able to acknowledge how you could be forced to redesign or re-engineer your applications, or even the complete IT infrastructure. This redesigning scenario could be the only way to get real benefit from this new Virtualization world, and then, get all the benefits of the Cloud.

If you still haven’t  started, try this examples: