You are on page 1of 32

Cloud Computing

Architect our Smarter Planet

CLOUD Computing – IBM Cloud Computing Reference Architecture

Optionally insert picture of presenter in this area, or delete blue square.

Anshu Kak
Distinguished Engineer CTO SWG Tech Sales Cloud Computing

IBM Cloud Computing Reference Architecture


© 2013 IBM Corporation

Adoption patterns to help customers achieve real business value
Cloud Enabled Datacenter Cloud Platform Services Business Solutions on Cloud Cloud Service Provider

Database  licensing cost  by 68% Tax revenue  increase by  USD$1.4m in  3 months

New software rollout  from weeks to 14  mins, driving more  consistent quality 

Boost online rev  2,500 % and  conversion to sale  by 1,700 %.

6x increase in Rev  while holding  operational costs  flat. Time to provision  200 VMs reduced  90%


© 2013 IBM Corporation

com: http://public. Performance & Consumability Governance © 2013 IBM Corporation . PaaS. Resiliency.PDF CCRA OpenGroup submission: http://www.0 Cloud Cloud Service Service Provider Provider Building SaaS SaaS Building –Clouds IBM implements for clients –IBM-hosted cloud services –IBM cloud appliances –IBM cloud products Focuses on cloud specifics Cloud Service Integration Tools Common Common Reference Reference Architecture Architecture Foundation Foundation Cloud Service Consumer Cloud Services Cloud Service Provider Common Cloud Management Platform (CCMP) Cloud Service Creator Existing & 3rd party services. Partner Ecosystems Business-Processas-a-Service Sof tware-as-a-Service Operational Support Services (OSS) Platf orm-as-a-Service Business Support Services (BSS) Service Creation Tools –Radical cost reduction –Achievement of high degrees of security.dhe. scalability and control Consists of multiple detailed documents representing best-of-industry knowledge and insight Consumer In-house IT Inf rastructure-as-a-Service Inf rastructure –How to architect.The IBM Cloud Computing Reference Architecture (CCRA) Represents the aggregate experience from hundreds of cloud client engagements and IBM-hosted cloud implementations Public Cloud RA whitepaper available on ibm. including IBM Research Provides prescriptive guidance on how to build IaaS. SaaS and service provider clouds using IBM technologies Reflected in the design of Cloud-enabled Cloud-enabled data data center center / / building building IaaS IaaS Platform Platform Services Services CCRA 3.IBMSubmission. software & system experiences. design and implement clouds 4 –Based on knowledge of IBM’s services.

0 Defined overall architectural foundation 5 Added product.0) July 2011 April 2011 February 2011 Submitted CCRA to The Open Group Public Cloud RA whitepaper available on ibm.5 • Reach milestone of ~1500 IBMers formally educated on the CCRA October 2012 • Release CCRA 3.0 • Release CCRA 2.and –integration focused solution architectures © 2013 IBM Corporation .0 • Adoption Patterns  Prescriptive guidance on IaaS/PaaS/CSP/SaaS March 2009 Initiated CCMP Reference Architecture Published CC & CCMP Reference Architecture 1.0 for Business Partners” 2012/13 CCRA Standardization ongoing October 2010 Used in Cloud Launch and various customer/analyst sessions Early 2012 March 2011 March 2010 Release CCRA 2.Evolution of the Cloud Computing Reference Architecture (CCRA Released “CCRA 2.

performance. private and hybrid clouds with one common architecture with reusable assets or product recommendations. Clients receive a quicker start to creating an industrial strength cloud with pre-defined use cases and documentation on the architectural requirements or decisions that must be made for security. Utilize sound architectural principles to speed development and reduce errors across the entire development process ensuring designs can scale for efficiencies and can fulfill important cloud requirements such as elasticity. service management. self-service and flexible sourcing Increased business flexibility with a common cloud reference architecture across deployment models (private.The Business Benefits of the IBM Cloud Computing Reference Architecture The IBM Cloud Computing Reference Architecture (CCRA) saves the client time and money by providing detailed documentation on the steps and components required for constructing a cloud implementation across all deployment models. public or hybrid cloud implementations) 6 © 2013 IBM Corporation . Customers can benefit from IBM’s experience in creating public. scalability and virtualization.

the cloud provider and the cloud services creator • Is a modular framework that allows you to focus on the area that’s most important for your cloud deployment (IaaS. PaaS or SaaS with IBM product recommendations and roadmap to get on cloud journey • Consists of various architectural work products representing best of breed IT industry knowledge and insight on how to architect.WHAT IS NEW IN CCRA 3. SaaS.0 • Delivers prescriptive guidance to architect solutions for IaaS. PaaS. CSP) • Provides the comparison blueprint to perform client cloud gap analysis and to identify integration points 7 © 2013 IBM Corporation . implement and manage clouds • Defines the business and technical requirements needed for various cloud roles and responsibilities such as the cloud consumer. design.

PDF CCRA OpenGroup submission: http://www. Michael M Behrendt. as as a a mgd mgd service) service) Ashok organizational structure .02282011.0 content has been reworked in the context of 4 top-level workstreams CCRA Leadership Team: CCRA Stefan Leadership Pappe.d oc © 2013 IBM Corporation . commercial commercial XaaS) XaaS) Leader: Joe McIntyre Tom Creamer Building SaaS SaaS Building (using IBMIBM(using hosted hosted services) services) Leader: Jeff Klink Common Common Reference Reference Architecture Architecture Foundation Foundation Use Use cases cases Non-functional Non-functional requirements requirements Architecture Architecture Overview Overview Architectural Architectural Decisions Decisions Security Security Performance Performance Resiliency Resiliency Standards Standards 8 Public Cloud RA whitepaper available on ibm.Pietro Pietro Iannucci Iannucci Cloud-enabled Cloud-enabled data data center center (building (building private private IaaS.0 Leaders: Leaders: Jochen Breh.0 3. Prasad Vishnubhotla Platform Platform Services Services (building (building private private PaaS.opengroup. as as a a mgd mgd service) service) Leader: Cloud Cloud Service Service Provider Provider (CSP2. Anshu Kak. Robbie Minshall. (CSP2.Prescriptive solution architectures per cloud adoption pattern New four main workstreams have been added as part of the CCRA 3.CCRA 3.dhe.0 Pre-3. IaaS. Team: Gerd Breiter.IBMSubmission. http://public. Robert Flaherty (PM) “ Cloud Adoption Pattern” deliverables One presentation per adoption pattern (4 in total) containing: •Business Drivers •Actors & Use Cases •Non-functional requirements •System Context •Architectural Decisions •Architecture Overview •Component Model •Operational Model •Roadmap Cross-cutting documents for: •Introduction & Architecture Overview •Use Cases & Roles •Non-functional requirements •Architectural Decisions •Security •Performance & Scalability •Resiliency •Hybrid Cloud •Workload Migration •Standards •Consumability CCRA CCRA 3.

Incident mgmt.Cloud Service Consumer Cloud Service Consumer Cloud Services Cloud Service Provider Common Cloud Cloud Service Creator Cloud Service Creator Cloud Service Provider Platform (CCMP) Management Business-Processas-a-Service Common Cloud Management Platform (CCMP) Prescriptive. Resiliency. commercial XaaS) •Storefront •Business Support Services •Customer.Application Lifecycle Mgmt DevOps. security information.Endp oint compliance and PatchMgmt Events Management Services ExistingCloud & 3rd party services. Performance & Consumability Governance Platform Services .Management & deployment of middleware . Consumable IBM Solutions Cloud Adoption Patterns .driven by clients CCRA Adoption Patterns Cloud Enablement Data Center Simple IaaS with Cloud Governance VMs provisioning and images mgmt Usage metering and Accounting Monitoring & Capacity PlanningBackup&Restore. Partner Ecosystems Cloud Service Integration Tools Cloud Service Integration Tools Existing & 3rd party Business-Processservices. License mgmt Common Reference Architecture Foundation Use cases Use cases Architecture Overview && Architecture Overview Introduction Introduction Architectural Decisions Architectural Decisions Security Security Standards Standards Performance && Scalability Performance Scalability Non-functional requirements Non-functional requirements 9 © 2013 IBM Corporation . events mgmt ITIL Managed IaaS Change&configutation mgmt. Problem mgmt. Resiliency. Performance & Consumability Inf rastructure Governance Security. Dev test .Cloud Service Integration “Southbound” integration with CEDC / IaaS Building SaaS (using IBMhosted services) •Business Solutions in cloud •Exploit IaaS and PaaS for building a SaaS •Address ISV space •Use of hosted offerings •Multi-tenancy options & design considerations •Cost considerations -3rd party tools recommended where appropriate Cloud Service Provider (CSP2. User & Partner Management •White-labeling •Billing integration •Order Management •Integrates with “cloudenabled data center” content Advanced IaaS Cloud Services Orchestration Storage Provisioning and mgmt Network Provisioning and mgmt Hybrid Cloud Integration Advanced Security (Identity & access mgmt. Partner as-a-Service Ecosystems Sof tware-as-a-Service Operational Business Support Support Services Services (OSS) (BSS) Operational Business Support Support Services Services (OSS) (BSS) Service Creation Tools Service Creation Tools Sof tware-as-a-Service Platf orm-as-a-Service Consumer In-house IT Consumer In-house IT Platf orm-as-a-Service Inf rastructure-as-a-Service Inf rastructure-as-a-Service Inf rastructure Security.

IaaS Cloud Maturity Model 10 © 2013 IBM Corporation .

  Virtualization Management Key Business Drivers: •Decrease costs and delivery time for new services •Align IT Services with business goals •Increase service level compliance •Centralized accounting & billing •Industrialization of  IT 11 The entry point in the IaaS cloud space since it allows to  start building a multi‐tenant cloud infrastructure and  model for the delivery of simple VMS (configured with  the proper network and storage) that covers the 70 %  of  the requests coming from the different business lines. Advanced IaaS services integrated with ITIL  processes IaaS: Cut IT expense and  complexity through a cloud  enabled data center 4 Advanced IaaS Services (VMs.  etc… for both the virtualized infrastructure that provides  the cloud service as well as the cloud service itself. 2 Simple IaaS Services (VMs) 1 © 2013 IBM Corporation . Storage. resiliency. Network  or their combinations) Allows creating a more sophisticated cloud infrastructure  for the delivery of more complex and critical IaaS services  in highly demanding environments.IBM Cloud Reference Architecture – Cloud Enabled Data Center Pattern Allows to completely integrated the cloud world with the  remaining part of the enterprise by including the cloud  infrastructure and services in the enterprise ITIL  processes. 3 Complements the first macro‐pattern by adding  governance capabilities that allow to effectively manage  aspects like SLAs. security. capacity planning.

 resiliency.Incremental approach for building Cloud enabled Data Center solutions ITIL Managed IaaS services Problem & Incident Management Change & Configuration Management Advanced IaaS services  integrated with ITIL process License Management Service Desk Release Management IT Asset Management 4 Allows to completely integrated the  cloud world with the remaining part  of the enterprise by including the  cloud infrastructure and services in  the enterprise ITIL processes. Network. and  combinations) 3 Allows creating a more sophisticated  cloud infrastructure for delivery of  complex and critical IaaS services in  highly demanding environments. capacity  planning. Cloud Management Virtualised Infrastructure Monitoring Capacity Management and Planning Endpoint Compliance & Management Cloud Management Event Management Backup & Restore Patches Management 2 Complements first macro‐pattern by  adding management capabilities that  allow to manage aspects like SLAs.  Simple IaaS Services (VMs) Usage metering. accounting & chargeback Simple IaaS Services (VMs) Role & Authentication Management VM Image Construction Image Management Entry point in the IaaS cloud space. etc… for both the  infrastructure that provides the  cloud and the cloud service itself. © 2013 IBM Corporation VM provisioning & On-boarding Cloud Management 1 12 .  Storage. Advanced IaaS Services Storage Provisioning & Automation Management Network Provisioning & Automation Management Services Orchestration Hybrid Cloud Integration Threat & vulnerability. Security info and events mgmt Advanced IaaS Services (VMs.  security. It  allows to start building a multi‐ tenant cloud infrastructure and  model delivering simple VMS  (configured with proper network and  storage) that covers 70 %  of  requests  from business lines. identity & access.

 Storage and Network Virtualization layer 13 © 2013 IBM Corporation . accounting & chargeback chargeback 1 0 Compute. identity & access. Security Log  Virtual Server  info and events mgmt Management Protection Identity  Threat & Management 3 Backup &  Backup & Restore Restore Endpoint Compliance Patch Patches  Management  and  & Management Security Compliance Management 2 Simple IaaS Services (VMs) VM Role &   Authenticatio provisioning VMs Provisioning Cloud & Onn Management boarding Management Virtual Images  Virtual Images  VM Image Image Construction Management Construction Management Usage Metering  &  metering.Cloud enabled Data Center Architecture Overview Advanced IaaS services integrated with ITIL processes Problem & Incident Management IT Asset Management Management Change & ITIL  processes Configuration integration   License Management Service Desk Release Management 4 Advanced IaaS Services Storage Network  component Services Orchestration Provisioning Provisioning Services & Automation & Automation Orchestration Storage Configuration Network Configuration Management Management Cloud Management Virtualised Capacity Health Monitoring  &  Infrastructure Management Capacity Management Monitoring and Planning Event   Events Management Management Hybrid Hybrid Clouds Cloud  Integration Integration Intrusion prevention  vulnerability.

Cost  & Management accounting Management chargeback 1 Optional components © 2013 IBM Corporation 14 .Cloud enabled Data Center Solution stack Advanced IaaS services integrated with ITIL processes Problem & Incident Management IT Asset Management Change & License Configuration SmartCloud Control  Desk Management Management Service Desk Release Management 4 Advanced IaaS Services Storage Network Tivoli Service  Automation  Services Provisioning Provisioning Manager/  SCO Orchestration SmartCloud Virtual  & Automation Tivoli NetCool & Automation Storage Center Configuration Manager Management Management Virtualization Management Virtualised Capacity Infrastructure Management SmartCloud Monitoring Monitoring and Planning Tivoli  NetCool Event Omnibus. Intrusion prevention identity & access. Security Virtual Server  Qradar Log  info and events Manager Protectionmgmt  for VMWare Tivoli Identity  Threat & Manager Security Network  3 Tivoli  Storage Backup &   Manager  Suite  Restore for UR Endpoint Patch Compliance SmartCloud Management & Patch Management Management 2 Simple IaaS Services (VMs) VM Role & Cloud VM Image provisioning Authenticatio SmartCloud Provisioning Management Construction & Onn boarding Management Required components Recommended components Usage SmartCloud Image metering.  Management Impact Hybrid Cloud Cast Iron Integration HCI  Extensions vulnerability.

  automate their  deployment and meter the resources used by this  service. DB or data‐caching services)  or integration services  that allow to integrate with  external application or public clouds and to implement  auto‐scaling and cloud‐bursting scenarios.IBM Cloud Reference Architecture – PaaS Pattern Paas based Lifecycle or PaaS based DevOps Allows to implement a DevOps process by creating a  continuous delivery flow that automates the build. it allows to model  multi‐tiered middleware patterns.  Advanced/ Autonomic PaaS Services 3 Managed PaaS Key Business Drivers: •Reduce CAPEX (Capital Expenditure) and OPEX  (Operational Expenditure) to deliver business services. expose them as  services into a self‐service catalogue. and lowering risks associated with delivery of  new IT environments to business and software  application development and delivery. 15 2 The entry point into the PaaS space.. Cloud  Integration Complements the first macro‐pattern by adding  governance services that allow to effectively manage the  SLAa and QoS aspects of the provisioned middleware.  applications can leverage additional services like  programming services (e.g.  security. etc.  like for example  resiliency. •Drive down IT costs by improving delivery time and  quality. application performance. test  and delivery of applications into a cloud environment Accelerate time‐to‐market  with new workloads with   Cloud Platform Services 4 In addition to the managed middleware patterns. Foundations /Simple PaaS Services 1 © 2013 IBM Corporation . Increase  flexibility and integration between middleware  components.

HyperV. Xen Interested only in PowerVM and vCenter Currently using IBM middleware and products for which patterns are available? No Yes Looking for application patterns? Yes Yes SCAS IPAS Support for Virtual Applications (Vapps) is a critical factor SCP Using 3rd party or nonIBM software Time to value a significant factor SCP IWD This is changing as SCP is the way to go in next releases 16 For any other options a deeper analysis would be required © 2013 IBM Corporation .Middleware Deployment & Management Platform Desires Public Cloud No Yes Integrated hardware & software solution is key factor No Broad hypervisor support including KVM.

messaging Mobile management Integration Services & SLA-centric workload management cloud-bursting. hybrid services (Integration) Workload Automation and Scheduling Services Managed PaaS Services Identity management and Security Multi-tenancy / isolation License Management Workload/transaction Monitoring Foundational/ Simple PaaS Services  Provisioning and automation services M/W Patterns deployment Metering 17 © 2013 IBM Corporation .IBM Cloud Reference Architecture for PaaS solutions PaaS Paas based Lifecycle or PaaS based DevOps Application Development Application testing Application Lifecycle Mgmt Application governance Application onboarding Continuous Delivery Advanced/ Autonomic PaaS Services Cloud services – data cache. Service Registry routing.

messaging SLA-centric workload management Mobile management Integration Services & Worklight/TEM   cloud-bursting. Service Registry IWD/  Pure  App routing. hybrid Castservices  iron (Integration) Workload Tivoli  Automation and Workload Scheduling  Scheduler Services Managed PaaS Services Security  products  Identity management and Security (SCIM.IBM Cloud Reference Architecture for PaaS solutions PaaS Process Oriented PaaS Service Application  Application  Application  Rational Suite lifecycle   Application Application development testing CLM   /   RTC RTWtesting Management RSA / RAD Application Lifecycle Mgmt Development Application  Application governance RAM governance Application  Application on ‐boarding RAF  / AMC onboarding SmartCloud Continuous  Continuous   SCCD.  APM Continuous delivery Delivery Delivery Advanced/ Autonomic PaaS Services Cloud services – data cache.SCAM) Multi-tenancy / isolation License TLM Management Workload/transaction SmartCloud Monitoring APM  Foundational/ Simple PaaS Services  Provisioning and M/W Patterns SmartCloud Provisioning/IWD automation services deployment SmartCloud Cost  Metering Mgmt  18 © 2013 IBM Corporation .

messaging Mobile management Integration Services & Worklight/TEM   SLA-centric workload management cloud-bursting. hybrid Castservices  iron (Integration) Workload Tivoli  Workload   Automation and Workload   Scheduling Scheduler Services Scheduler Managed PaaS Services Identity management and Security Multi-tenancy / isolation SmartCloud APM  Management Monitoring IBM Pure  Application  System License Workload/transaction Foundational/ Simple PaaS Services  Provisioning and Provisioning/IWD M/W Patterns SmartCloud automation services deployment Smart Cloud     SmartCloud Cost Metering Cost  mgmt Mgmt   19 © 2013 IBM Corporation . routing.IBM Cloud Reference Architecture for PaaS solutions PaaS Paas based Lifecycle or PaaS based DevOps Application Development Application testing Application Rational  Suite Lifecycle Mgmt Application governance Application onboarding SCCD.  APM Continuous Delivery Advanced/ Autonomic PaaS Services Service Registry Cloud services – data cache.

Retain and enhance customer relationship. Solutions/ Patterns  Develop Strategy and Select Business Models to become a successful CSP  Select Services and Infrastructure  Develop Ecosystem and Supporting Infrastructure  Extend Applications in Cloud – – – – – Customer Applications Provider Applications Third Party Applications Cloud Aggregation White-label Cloud Incorporate hosted Clouds built on IaaS and PaaS architecture from “cloud-enabled data center” and “platform services” solutions 20 © 2013 IBM Corporation .Cloud Adoption Pattern – Cloud Service Provider (CSP) Business Drivers – Competitive environment to become CSP. Monetize their infrastructure. cost effective delivery. differentiation in products offered (value of the products in realizing market leadership) differentiation in service provided (value of the Service Provider brand).

storefront & OSS/BSS integration Focus areas: Multi-tenancy.premise services Focus areas: Multi-tenancy. Capabilities & Explanation Patterns Cloud Services Host for Customer Applications Capabilities • • • • • • Storefront Customer Access Management Customer Management Service Onboarding Service Management Customer Images Management Storefront Provider Access Management Provider Service Management Provider Service Onboarding Provider Image Management Storefront Partner Access Management Provider Service Management Provider Service Onboarding Provider Image Management Cloud Hosting Third-Party Applications Capabilities and OSS/BSS integration Federated cloud with on-/off.CSP Patterns. OSS/BS integration • • Portal Re-branding Wrappers Cloud Management (OSS/BSS) re-branding wrappers Enable customer to re-brand cloud (and hosted services) Focus areas: Multi-tenancy. Focus areas: Multi-tenancy. service management. Micro-Patterns. access control. granular access control. Cloud Services Host for Provider Applications • • • • • Offer services hosted on (internal) cloud to customers. Application & Service Management Cloud Hosting Third-party Applications • • • • • Extend cloud to offer both Provider and Third-Party services Focus areas: Multi-tenancy. service management Cloud Aggregation Cloud Provider Front-end for White-label Cloud • 21 © 2013 IBM Corporation . customer management Explanation Extend cloud deployment to allow customers to host their applications.

 PaaS with  automation like devOps.  vertical market opportunities  . AMAZON Maturity level 4 Providing apps as SaaS. Process  for on boarding Maturity level 1 Basic resource management. PaaS as  services.  amazon apps). partner  managemnet.  Fully automated . Basic metering and  billing – small scale with low  automation Simple Basic MSP 22 © 2013 IBM Corporation . advanced  metering. payment process. B2C  elemnet Advanced full CSP/MSP Increased Capabilities Maturity level 3 Library stack provide backup  as service. Advanced storefront.  Patch Mgmt. Metering. take snap shots. basic storefront. get  into aggregation (google apps. storage as service  etc. DR.  providing basic IaaS .CSP Maturity model Maturity level 5 Advanced library services. get  into B2B elemnet I Maturity level 2 Provide IaaS.  credit card processing.  white label services .

IBM Cloud Reference Architecture for CSP2 solutions Cloud Service Provider Advanced  CSP2 Services Storefront SaaS integration Services Third-party IaaS/PaaS integration services Rating. Accounting. Billing Provider management Partner management Simple CSP2 Services Metering Accounting System integration services IaaS/PaaS services Cloud Services Management Customer Mgmt Access Mgmt 23 © 2013 IBM Corporation .

Network 24 © 2013 IBM Corporation . OS) Compute. Storage.Solution view: IaaS Entry Point using SCP User IBM SmartCloud Provisioning IBM SmartCloud Monitoring Support Systems Integration Customer Management and Access Customer and Product Mgmt IBM WebSphere MQ FTP (OS provided) Cloud Services Management Local Access Local Access Hosted Services Hosted VMs VMWare. PureFlex Storage: IBM v7000 Unified Network: Juniper. KVM Compute: IBM xSeries. pSeries. Cisco Runtime (hypervisor.

Tivoli Access Manager. Tivoli Federated Identity Manager Parallels or Jamcracker or Provider Specific Storefront Customer Management Partner Management Provider Management IBM Service Delivery Manager/SCO Cloud Services Aggregation and Integration Remote Cloud Provisioning Local SaaS Provisioning Local IaaS Provisioning IBM Cloud Services Aggregation and Integration Pack IBM WebSphere Cast Iron Integration IBM WebSphere MQ / FTP (OS provided) Integration Adapter SaaS Management IaaS Management IBM Service Delivery Manager/SCO VMWare. KVM Compute: IBM xSeries. PureFlex Storage: IBM v7000 Unified Network: Juniper.User Customer Manager Solution view: Cloud Service Provider Solution Product Customer Manager Service Rep Access Tivoli WebSeal. Cisco External Cloud Management Virtualization Management Resource Management 25 © 2013 IBM Corporation . pSeries.

© 2013 IBM Corporation .SaaS Adoption Pattern  Following topics of prescriptive guidance – Security – Governance – Business Models – BSS (Business Support Services) – OSS (Operations Support Services)  Three primary models of SaaS delivery – Primary Hybrid • Extending on-premise or hosted deployments into a cloud environment – Hybrid Cloud • Attaching one or more on-premise or hosted environments to a true IaaS or PaaS environment. – Full Cloud & Extended Cloud 26 • Delivering a production-ready solution using only cloud services from one or more cloud providers.

in terms of availability. Note: Tenancy is an optional component of any SaaS deployment. performance & security. The Tenancy Spectrum – Tenancy Diagram 27 © 2013 IBM Corporation . • The introduction of multi-tenancy to SaaS has allowed businesses to realize methods for attaining their goals of decreased cost for delivery and operation. from physical hardware to run-time application configuration options. In this context.SaaS and Multi-Tenancy What is tenancy and how does it relate to SaaS? • A client. end-user. a "virtual slice" is assigned to each tenant and is isolated from the others. • Multi-tenancy allows a shared environment appear to each tenant as if it was dedicated. • Multi-tenancy uses the full spectrum of virtualization and application capabilities. or customer is considered a tenant of an application or service.

Changes in Security and Privacy − Customer − More − Good − Easy responsibility for infrastructure − Provider − Less − No responsibility for infrastructure customization of security controls visibility into day-to-day operations to access to logs and policies and data remain “inside the firewall” customization of security controls to access to logs and policies and data are publically exposed visibility into day-to-day operations − Difficult − Applications − Applications 28 © 2013 IBM Corporation .Different cloud deployment models also change the way we think about security Private cloud On or off premises cloud infrastructure operated solely for an organization and managed by the organization or a third party Hybrid IT Traditional IT and clouds (public and/or private) that remain separate but are bound together by technology that enables data and application portability Public cloud Available to the general public or a large industry group and owned by an organization selling cloud services.

Security Intelligence. Analytics and GRC Security Intelligence with Big Data Infrastructure Applications People Data Mobile Security Cloud Security 29 © 2013 IBM Corporation .

Help the client develop their reference architecture over time  Reference architectures can take a long time to create – Harvested from repeated successes – Generally broad in scope  Reference architectures are not created in a vacuum – Help the client begin with one or more reference implementations – Determine what does and does not work in the client environment – Use portions of the CCRA as a template. but modify with clientspecific aspects – Creating a client-specific reference architecture requires participation and input from the client • Gather client-specific standards • Understand client processes • Applicability of the RA is usually at an enterprise level. not limited to a particular department 30 © 2013 IBM Corporation .

redbooks.html?Open – Redguide about the “Cloud Service Provider” adoption pattern http://www.doc 31 © 2013 IBM Corporation – Academy TechNote about the CCRA  Publically available material – Whitepaper about the CCRA – Redguide about the “Cloud-Enabled Data center / IaaS” adoption pattern – CCRA Submission to the OpenGroup Other product and service names might be trademarks of IBM or other companies.shtml. 32 © 2013 IBM Corporation .Thank you IBM is a registered trademark of International Business Machines Corp. See the current list of IBM trademarks: www.