A Decision Framework For Cloud Computing
A Decision Framework For Cloud Computing
1554
Table 2. Cloud Computing Layers One confusing question that is raised is how cloud
CloudComputingLayers computing will replace service-oriented architecture
Server:Thislayerprovidesindividualserver (SOA). As Linthicum has noted, this perspective
servicesorserverhosting.Typicallythisservice indicates a misunderstanding of the basic ideas
involvesthedeliveryofavirtualmachine(asingle presented above. SOA is an architectural pattern. It is
virtualizedinstanceofaserverthattypicallyisnot a specification for creating an architecture in which
awarethatitisnotatangible,physicalserver). services are bound together to create business
solutions. Cloud computing as shown above may
Infrastructure:Avirtualizeddatacenterproviding involve many enabling technologies for creating target
computing,storage,communications,security,and platforms on which to host SOA implementations.
managementresourcesandservices.(Iaas) SOA is a mechanism for specifying the explicit
Platform:Thesoftwarefoundationincludingthe technologies to be used in implementing a cloud to
OSandsystemsoftware(e.g.,DBMSs,web support a particular business environment. Confusing
services,visualizationservices).(PaaS) the two aspects of business (solutions) architecture
Application:Thislayerincludesprebuilt,network development can lead to poor business solutions (and
accessibleapplicationsandservices(e.g.,Google suboptimal decisions).
Docs,Salesforce,etc.).(SaaS)
Client:Thislayerprovidesenduseraccess 2.2 A critical question – how are they
methodstodeliverthecomputingexperiencesuch packaging the cloud?
asthinprovisionedclientsorslimlaptopsusinga
webbrowserwithminimalOS. Although many hope for a simple comparison model
that enables potential customers to uniformly describe,
compare, and assess the features of all the products,
The first three layers have been ubiquitously
this is not presently possible because of the
referred to as the LAMP stack – Linux, Apache,
architectural, packaging and, and service differences in
MySQL, php. This is the minimum configuration to
cloud offerings.
provide deliverable content over a network. However,
Four competitive global cloud providers; IBM,
as new products and services emerge, the structure and
Microsoft, Google, and Amazon illustrate this point,
features of this stack are expected to evolve.
and show how the original sale and delivery of
Each service layer builds upon the next. Multiple
“cloud” services began with large providers servicing
instances of one service layer can work together to
the easily understood business decision to purchase
provide one instance of the next service layer. Thus,
volumes of scalable services. The business decisions
many servers can be integrated with additional
today have morphed into far more complicated
required devices to provide different virtual
assessments with a number of new vendors entering an
datacenters or infrastructure configurations. The
expanding competitive and specialized industry that
datacenters can host different platforms (i.e. Windows
tailors architectures and services to customer needs,
with IIS and SQL Server and Linux with Apache and
and requires significantly more decision making
MySQL) or just redundant instances of the same
expertise to compare and acquire highly differentiated
platform with the multiple instances of the platform
(rather than similar) service offerings. The new
layer all combined to present a common environment
entrants (rapidly formed via acquisition and
for the application service layer which could itself
partnerships) are contrasted with the traditional
serve a variety of cloud clients. The novelty arises
competitors to illustrate the decision complexity.
from the composition of existing technologies
HDS targets clients needing to search and access
combined with new business models for software and
large amounts of data residing in cloud storage devices
service provisioning.
within the HDS Unified Computing Platform solution
Virtualization software is the true critical
for cloud infrastructure. Hitachi Data Systems (HDS)
technology enabler to cloud computing. Virtualization
provides cloud storage strategies for public, private
software (VMware vSphere, the open-source Xen
and hybrid cloud environments. HDS purchased
Hypervisor, and closed-source Enterprise-level
Comstock Systems in 2002, Archivas in 2007, and
virtualization management tools, and Microsoft’s
ParaScale in 2010 – all cloud services providers.
Hyper-V) creates and manages virtual servers that
Comstock developed software that manages network
each have an OS and required additional software.
attached storage (NAS), switches, and routers;
Many virtual servers (virtual machines) may exist
Archivas developed software that allows immediate
within an OS on a single physical device (server). The
access to protected, archived data; ParaScale provides
virtualization software also provides additional tools
a service for direct access to cloud storage. These
and features to effectively manage such virtualization.
services are combined to deliver technology for
1555
searching and managing structured and unstructured protection, network detection, security, and control,
data, and delivering storage infrastructure. Microsoft analytic data warehousing, and security. IBM
System Center Operations Manager, Virtual Machine differentiates itself from Microsoft and Amazon by
Manager, and Microsoft Windows Server 2008 R2 seeking customers who want to transform their
with Hyper-V software are also integrated into the business with cloud computing through support of
infrastructure.(http://www.hds.com/solutions/storage- development infrastructure.
strategies/cloud/) Other large firms, such as Oracle, are entering the
Microsoft Corporation has the Windows Azure marketplace. Oracle is marketing a “Cloud in the Box”
platform. Azure is an Internet-scale cloud computing solution, which can be set up to operate at and scale
and services platform hosted in geographically into any of the cloud service layers from Infrastructure
distributed, Microsoft data centers. While the internals to Application. Considering Oracle’s market share of
of the Azure platform have been purpose-built in- corporate applications (such as Enterprise Resource
house by Microsoft, the platform it provides is an open, Planning or Supply Chain Management software),
standards-based, interoperable environment with many corporations may be convinced to use Oracle’s
support for multiple internet protocols, including solution instead if they already use Oracle’s software,
HTTP/HTTPS, REST, SOAP, and XML. and thus benefit from the bundling discounts that
The Windows Azure platform is comprised of 3 Oracle would likely provide.
large grain segments; First, Windows Azure is the As we finalized this paper, Apple announced its
cloud services operating system that serves as the iCloud offering which will connect its iPADs, iPhones,
development, service hosting, and service and iPods to provide a ubiquitous 24x7 computing
management environment for the Windows Azure experience - anywhere, anytime, anyplace (well,
platform. Windows Azure provides on-demand assuming you have connectivity). Given Apple’s
compute and storage to host, scale, and manages web extensive history of innovation within the IT
applications and services. Next, Windows Azure marketplace, this may lead to revolutionary new ways
AppFabric provides applications with a common to use the cloud.
infrastructure to name, discover, expose, secure, and
orchestrate Web services. Last, Microsoft SQL Azure 2.3 An example of vendor marketing of the
can provision and deploy relational databases with “cloud”
manageability, high availability, and scalability baked
in. VCE is attempting to provide an integrated
Hewlett Packard (HP) cloud computing targets service that provides its customers with a complete
large solution oriented enterprises using a hybrid cloud solution for client IaaS needs. They are attempting to
model, needing access between public and private differentiate themselves from the competition by the
clouds and business decision support. completeness (the internally-integrated nature) of the
(www.hp.com/go/cloud) HP purchased EDS, a solution they provide, the one-call available support
technology services company, in 2008 to provides and other value-added products and services available
information technology and business process for their service, and their solution’s performance
outsourcing services; 3com in 2009, for networking, capabilities.
switching, routing, and security; 3par in 2010, for VCE (http://www.vce.com/) is actually a
utility storage solutions; Vertica in 2011, for a real- company formed as a joint venture of VMware, Cisco
time data analytics platform built for physical, virtual, Systems, and EMC2, offers a virtual cloud
and cloud environments facing business intelligence environment that can be scaled from test and
decisions; and ArcSight Inc., for new security development lab environments up to large
solutions for the cloud. HP only recently (March 2011) environments with 3000 virtual machines. The
announced its plans for cloud computing. combined company offers a single solution by
International Business Machines (IBM), offers integrating the various participating company services
many hybrid cloud computing infrastructure platforms and a catalog of add-on products, and allowing
that include performance, storage, and virtualization customers to integrate with their cloud of choice, (as
for any industry. Its offerings are built via the long as the cloud uses VMware vSphere 4.1).
acquisition of software companies such as BigFix, The integration offering stresses simplification by
Cast Iron Systems, Coremetrics, Datacap, Guardium, integrating the Nexus series switch line into the
Intelliden, Netezza, Internet Security Systems, and offering to deliver control in a top-to-bottom fashion;
Sterling Commerce. These companies offer ten gigabyte fiber channel over Ethernet to consolidate
specialties like: software management, cloud networking and reduce cabling; software switching; a
application integration, business analytics, enterprise blade chassis supporting Intel and AMD base
content management, database monitoring and platforms depending on the client’s request; and one
1556
interface to backend storage management via VMware, decision framework for adopting cloud computing to
Cisco, and EMC. address some of these decisions. Currently, we
The VCE pre-integrated solution markets itself as perceive many of these decisions are made in a
a combination of off-the-shelf hardware and software qualitative manner. Quantifying the basis for these
that can be tailor built or assembled by converting user decisions will likely be a unique activity for many
systems, offering a possibly money saving solutions to businesses. Further research is required to develop a
clients who already have some components or are foundation for quantifying these decisions. Version 1,
willing to risk just buying missing components. The discussed in the following sections, is based on
solution “key” is the VCE single 1-800 number for synthesizing key areas of concern form our literature
support minimizing the troubleshooting of datacenter survey.
issues.
3.1 Moving to the Cloud or Not Our framework (figure 3 below) addresses 15
decision categories which we have selected based on
Our survey revealed that deciding to use cloud our literature survey. The first step is to assess cloud
computing is often not made with rigorous analysis. computing and determine if it is a viable architectural
Rather, many organizations decide to experiment with model for enterprise applications and if the application
cloud computing, to implement a small low risk is adaptable to cloud computing. Clearly, large to
application to assess cloud computing. In part, the massive data analysis programs can benefit from cloud
availability of web-accessible CCEs makes it easy to computing using a map-reduce algorithmic
try cloud computing. A formal approach to deciding to formulation. Less clear is whether many business
use cloud computing requires the assessment and operations, such as order processing and payroll could
combination of many decision criteria in an eventual benefit if they have unique tailored process
decision. components. Some of the issues raised by Kaisler and
We formulated a three-tier decision model for Money [4] should be answered positively to yield a
assessing the types of decisions required to move decision to move to cloud computing as an enterprise
services to the cloud either wholly or partially or, architecture platform.
perhaps, not at all. The model follows our literature A few issues that affect viability include the
analysis and research findings and addresses the following. Applications may not fully utilize the
requirements for services, commercial offerings resources of the servers. Cloud computing service
(vendor cloud packaging), and architectural decisions demands can vary widely, so the cloud must be sized
(short and long term). In descending order, an to support peak demands even though it may often be
organization must decide the importance of numerous underutilized. IDC[1] reported that server overcapacity
factors (not all shown) in how it approaches the cloud is costing IT organizations over $140 billion. Inability
adoption decision. to meet demand requirements can ripple through the
We believe that these decisions must be made in a organization and affect multiple work and processing
structured fashion – with exit points when benefits can schedules. While virtualization can provide scaling
be realized and future costs are either unknown or very benefits, it is often constrained by other infrastructure
great. To this end, we have begun to articulate a components (VLANs, ACLs, network domains, etc.)
1557
that create barriers to agility. The fact that each VM Privacy law is well-established. However, the risk
runs its own operating system often results in is great if there is a breach of privacy. But, the
significant duplication and inefficiency compared to mechanisms do not appear to be in place to track such
symmetric multiprocessing. breaches and notify the right people – victims,
Moving to a CCE requires decisions in three responders, oversight officials – with any degree of
architectural categories: service, system, and certainty. With respect to standards, standards need to
application. Service architecture – how the service is be developed across all perspectives of cloud
provided - assesses the user’s view of the CCE. computing. Kaisler and Money [4] offer an initial
System architecture – how the application uses the model for a suite of standards.
CCE - assesses infrastructure issues and application With respect to pricing and economics, the
architecture – how the application is mapped to the diversity of plans which continually change with the
CCE - assesses how the application is mapped to the evolving competitive marketplace makes it hard to
infrastructure. Selected decisions are identified in the compare them. Current cloud pricing seems to be fixed
following sections based on our literature survey. We for certain levels and utilization of resources. Evolving
also identify models associated with each decision competition and greater model diversity, as evidenced
area. by Linthicum’s taxonomy, will yield variable pricing
that will potentially undercut fixed rate cloud pricing.
We noted, however, that the cost to convert business
operations applications to a cloud computing paradigm
is not easily quantified. This will become more
difficult as different models and different cloud
architectures evolve.
The initial investment in cloud computing varies
if one wants to believe the Big Four providers.
Organizations wishing to experiment with cloud
computing can gain experience for relatively little cost
with these providers. A commitment to using cloud
computing for many or all of an organization's major
applications can become expensive when factoring in
servers, storage, communications, security, and
programming costs.
As large CCE providers form alliances with
professional services firms, the cost to “get on” the
cloud will grow substantially. Businesses must make a
Figure 3. Decision Framework for Adopting Cloud quantitative decision between the costs of an in-house
Computing IT staff versus the use of a professional services firm.
Careful analysis is required to determine where the
cost of the former exceeds the latter. But, this is just
4. Service Architecture one cost factor. Others include retained knowledge of
applications, immediate access to knowledgeable
This category assesses access to the cloud applications developers, understanding of a businesses
computing environment through four dimensions. operations, etc. Quantifying these factors makes the
Kaisler and Money [4,5] have discussed issues in decision a complex one. Accordingly, unlike some
using cloud computing in this category in two pundits, we do not believe that private IT staffs will
previous papers. wholly disappear. Rather, we think there will be
Two observations relative to privacy are of division of labor based on the complexity of business
significant concern. Many users seemed not to be operations knowledge embedded in an organization's
aware of privacy issues or blithely ignore the applications. Thus, apps like CRM, HRM, sales
implications of placing so much personal data on the management, etc can be farmed out to professional
Web (e.g., FaceBook, MySpace, YouTube, Twitter, services firms while core business apps containing
etc.). Although CC providers often assert compliance proprietary information will continue to be developed
with federal regulations, there is often no explicit way and maintained in-house.
for users to tell that they actually comply and the The last aspect is management from the
degree to which they comply. perspective of the user or client of cloud computing.
From our perspective, management is about the
amount of user control over the environment. In table
1558
x, we describe some of the decisions to be made in the communication occurs between virtualized nodes
service architecture. which add a time component to the interaction
between application processes.
Table 3. Selected Service Architecture Decisions Virtualization, which reduces the number of
Decision Decisions physical servers, can lead to a single point of failure
Area which affects multiple applications. The tradeoff is to
Privacy AddressedinKaislerandMoney replicate the server hardware, storage, and networking
[4,5] in an alternate data center and increase the operational
complexity by implementing an automatic failover
Economics/ Howdoestotalcostcompare
capability. Multiple VMs often share one NIC, which
Pricing w/dedicatedclusters? means that its capacity is divided among the VMs and
Howeasyisitforausertopay thereby reduces their individual performance.
foraccesstopublicclouds? Many cloud implementations assign a suite of
Howmany&whattypesof physical servers, which may have local memory as
pricingstrategiesareofferedto well as shared memory, to run a user’s application.
theuser? Recently, some cloud providers now assign virtual
CanCCEcomponentsbe machines which may run on a single processor, on a
purchasedpiecemeal? closely coupled set of processors, or may be
Standard Whatservicesareprovidedby distributed across multiple symmetric multiprocessors
services theCCE? or geographically networked SMPs. Virtual machines
HowdoestheSLAcorrelate often make assumptions about their environment such
withtheservicesprovided? as the characteristics of the network segments and the
storage systems. Conversely, the hypervisor makes
Management Howeasyisitfortheuserto
assumptions about the VM’s behavior. When VMs are
manageaninstance? replicated on a single host (uni- or multiprocessor),
Doestheorganizationhavethe these concerns are resolved through site-specific and
talenttoassembletheCCE non-portable customizations. When VMs are to be
componentsatacostlessthan replicated across multiple hosts, additional
acquiringtheservicefroma requirements must be considered and adjudicated. For
vendor? example, consider firewalls with different rules which
Product/Service Howoftenareproducts& must often be manually adjusted through
Evolution servicesupdated? communication among multiple administrators.
Howoftenarenewproducts& Many legacy systems utilize a local, centralized
servicesintroducedtomeet storage model, but which may be prone to disk and
newcustomerneeds? host failures even when implemented on a
multiprocessor system. Distributed virtual storage
(DVS) offers scalability and resilience to disk and host
failures, but often requires significant modifications to
5. System Architecture applications to adapt to the DVS model. As CCEs
begin to encompass a diverse array of platforms,
Given Linthicum’s model, there are a large including cell phones, FLASH drives, and laptops, the
number of choices for designing system architecture DVS must continue to support an application even if
that overlays cloud computing instances. For example, some of its storage resources are off-line for periods of
simple three-tier architecture of application, database, time. Thus, a DVS will require peer-to-peer replication
and use interface can be distributed across three cloud across the many storage nodes. Moreover, the DVS
computing sites. A distributed cloud computing will need to ensure consistency in the face of silent
implementation requires loose coupling among the replica divergence due to failed nodes or disks and
components in order to ensure that components can be communications corruption. And, the DVS must be
moved to different CCE platforms as well as to scale optimized for random and mostly exclusive block
with workload. accesses to large and sparsely populated virtual disk
Performance is one of the greatest challenges in files. The tradeoff between these extra mechanisms to
managing a cloud-based application. In (distributed) ensure consistency and the need for robust
multiprocessor systems, communication between the performance given scalability and resilience is yet to
nodes, depending on the application requirements, can be resolved.
be a significant time component of the overall
computation time. With cloud computing, the Table 4. Selected System Architecture Decisions
1559
Decision Decisions running in the public cloud is an emerging area of
Area research and legal concern. A recent evolution is the
interoperation of multiple CCEs as organizations
Performance/ Howcanyouperformrepeatable
distribute functionality across multiple cloud providers
Reliability benchmarking experiments to
per the Linthicum model. This approach allows
gauge scalable performance? To geographic distribution of cloud services that provides
supportSLAs? additional benefits, but requires increased complexity
What is the performance ‘hit’ and raises additional legal, security, and privacy
duetovirtualization? concerns.
OS/VM AreseveralVMofferings Many cloud computing applications are pieced
Technology supported,e.g.,Xen,etc.? together as a patchwork of open source software
AreseveralOSofferings (OSS). While there are benefits to using OSS code,
supported:Linux,Windows, integration of independently written and tested
etc.? modules introduces many interfaces where security,
Distributed Is DVS separate from the performance, and reliability can be compromised.
Storage computeservers? Today, many CCEs provide an implementation of
cloud computing based on best practices in standard
Distributed DoestheCCEsupporta
ways, e.g., “one approach fits all”. This seems to work
VMs federationofserversacross well for many common applications such as CRM,
multiplecloudstoaddress HRM, etc. Complex applications with extensive
scalingandperformance? embedded business operation knowledge or those that
Security Howdoyouminimizetherisks provide significant competitive advantage, such as
associatedwith“livinginthe travel reservation systems, may not be easily
cloud”? implementable on the cloud’s flexible, but rigid
Kaisler and Money [4,5] discussed security with services and platforms. This paradoxical situation may
respect to cloud computing. Security is a continuing act as a deterrent to moving to the cloud. We expect
concern in cloud computing, not the least of which is that as experience with the cloud grows, CCE
how a CCE provider assures clients that their data and providers will develop customizable platforms and
applications are secure – both when they are executing services that will enable businesses to move mission-
and when they are not. A recent concern, not critical unique applications to the cloud.
adequately addressed, is hypervisor security. Integration of multiple heterogeneous components
raises additional problems: the organization must
6. Application Architecture maintain separate service contracts for each equipment
and software vendor, different system management
software, additional personnel with specific areas of
Business applications must often be redesigned to
expertise in multiple hardware and software product
map to the cloud computing environment. In some
vendors, and other recurring costs brought about by a
cases, new applications must be written to replace
heterogeneous mix of datacenter infrastructure – both
legacy structures and algorithms that are oriented
hardware and software.
towards uniprocessors. Scaling and partitioning are
closely related. Table 5. Selected Application Architecture Decisions
Cloud computing allows scaling of execution and
DecisionArea Decisions
storage resources as the computational and storage
needs of the application grow. Currently, most CCEs Partitioning Howdoyourearchitectyour
require specification of the number of processors and applicationstoadaptthemto
storage units prior to executing an application. Once a thecloud?
processor allocation is made, it is usually static. With IsMapReduceaviablescheme
virtualization, dynamic scaling becomes possible, foryourapplication?
because additional virtual machines and virtual storage Arealternateparallel
can be created and assigned as needed. environmentsavailable:MPI,
While many firms are moving entire applications PVM,etc.?
with their associated data to the cloud, others are Scaling Canserversbedynamically
reluctant to permanently move their proprietary (de)allocatedasworkload
applications and vital data to a public cloud. varies?
Integration between in-house applications running on
dedicated servers or private clouds and applications Integration Isthecloudofferingaself
containedoropensystem?
1560
DoestheCCEsupportintegration be the dominating feature. (Social networking app
withexistinglegacyapps? evolution and tactics might change a future
assessment.)
DoestheCCEsupport
The tradeoff between virtualization versus
interoperabilitywithotherCCEs?
multicore processing in a private data center from a
DoestheCCEvendorsupport cost, application development, and resource utilization
integrationfroma perspective needs to be quantified. For example, high
heterogeneousmixof energy utilization due to increased workload and
components? increased cooling requirements often results during
Development WhatSDKsexisttosupport virtualization.
Kits applicationdevelopment? Cloud computing is a new business environment
Support Whatsupportservicesare and is a business itself; it is becoming an industry on
offeredbytheCCEvendor? its own. Thus, business use of CCEs is becoming a
Training?Application business-to-business activity.
development? We conclude that small private clouds can allow
small to medium-sized businesses to assess the use of
cloud computing and make the eventual transition of
7. Conclusions and Future Work their critical applications to a public CCE easier to
accomplish. In particular, micro data centers that
This paper has discussed the challenges that may support cloud computing applications, traditional
limit the viability of cloud computing for small to business operations applications, and transitional
medium-sized businesses where privacy, security and applications are a feasible approach for many small to
proprietary information concerns are key to medium businesses. However, the more issues raised
competitive success and efficient operation. We in this and earlier papers that are unresolved by
analyzed these concerns through three classes of management – technical, legal, operational – should
architectural decisions, and present a preliminary delay, rather than hasten, the move to cloud computing.
decision model. with the types of decisions that small- As a result, we are evolving our model to assist small
to-medium businesses should consider in deciding to to medium business in tier decisions on whether or not
move wholly or partially to a cloud computing to move to cloud computing.
environment.
This model has raised some interesting research References
and positioning questions to be addressed from a
business operations perspective, including: (1) what
Note: The number of papers, articles, and blogs
impact will public cloud computing services have on
consulted for this paper is too numerous to include
organizations’ traditional IT infrastructure and
here. We will provide this list upon request by email to
processes over the next five years?, (2) what
any of the authors.
percentage of organizations’ current applications are
being delivered via a SaaS model? How will this [1] IDC. 2007. “Virtualization and multicore innovations
change over time? and (3) will organizations move to disrupt the worldwide server market”, IDC Doc# 206035
a distributed cloud architecture such as represented by
Linthicum’s model? [2] Linthicum, D. 2009. “Defining the Cloud Computing
If an organization is going to compete and expand Framework: Refining the Concept”, Cloud Computing
in the cloud marketplace, it has to make decisions Journal, http://cloudcomputing.sys-con.com/node/811519
about where and how it will compete and attract a
sufficient and stable customer base to continue [3] Jansen, A. and Bosch, J. 2005. “Software Architecture as
a Set of Architectural Design Decisions”, Proceedings of the
operations. Large businesses seem to be moving to
5th Working IEEE/IFIP Conference on Software
private clouds in order to gain the scalar benefits of Architecture (Wicsa'05), IEEE Computer Society,
cloud computing. Small and medium-sized businesses Washington, DC
as well as individuals form the biggest customer base
for public cloud computing. For small to medium [4] Kaisler, S. and W. Money. 2010. “Dynamic Service
businesses, early applications for cloud computing Migration in a Cloud Architecture”, ARCS 2010 Workshop,
include customer resource management (CRM), Said Business School, University of Oxford, England, June 1,
human resource management, collaboration, and other 2010
front office functions. At present we find no likely
[5] Kaisler, S. and W. Money. 2011. “Service Migration in a
killer apps for the cloud, rather, easy application
Cloud Computing Architecture”, 44th Hawaii International
integration that delivers cost-effective computing will
1561
Conference on System Sciences, Poipu, Kauai, Hawaii, Jan 8,
2011
1562