> Archive > Issue LXXXI, February 2014

Download Issue
Download Full Service Technology Magazine PDF

The Trusted Cloud: Addressing Security and Compliance

Enrique Castro-Leon, Raghu Yeluri

Enrique Castro-Leon

Raghu Yeluri

This article will address one of the biggest barriers impeding broader adoption of cloud computing is security—the real and perceived risks of providing, accessing and control services in multitenant cloud environments. IT managers would like to see higher levels of assurance before they can declare their cloud-based services and data are adequately protected. Organizations require compute platforms to be secure and compliant with relevant rules, regulations and laws. These requirements must be met regardless of whether a deployment uses a dedicated service available via a private cloud or a service shared with other subscribers via a public cloud. There’s no margin for error for security breaches. According to a research study conducted by the Ponemon Institute and Symantec, the average organizational cost of a data breach in 2010 increased to $7.2 million, and the cost of lost business was about $4.5 million. It is the high cost of breaches and inadequate security monitoring capabilities offered as part of cloud services that pose a barrier to the wider adoption of cloud computing and create resistance within organizations to public cloud services. From an IT manager's perspective cloud computing architectures bypass or work against traditional security tools and frameworks. The ease with which services are migrated and deployed in a cloud environment brings significant benefits, but they are a bane from a compliance and security perspective. Cloud computing applies the pooling of an on-demand, self-managed virtual infrastructure, consumed as a service. This approach abstracts applications from the complexity of the underlying infrastructure, allowing IT to focus on the enabling of business value and innovation instead of getting bogged down by technology deployment details. Organizations welcome the presumed cost savings and business flexibility associated with cloud deployments. However, IT practitioners unanimously cite security, control, and IT compliance as primary issues that slow the adoption of cloud computing. These considerations often denote general concerns about privacy, trust, change management, configuration management, access controls, auditing, and logging. Many customers also have specific security requirements mandating control over data location, isolation, and integrity. These requirements have traditionally been met through fixed hardware...

Envisioning Converged Service Delivery
Platforms (SDP 2.0) - Part I

Pethuru Cheliah

Pethuru Cheliah

The days of creating only pre-planned and programmed information and transaction services are to end soon and in the near future, software services are becoming composite, knowledge-driven, context-aware, and people-centric. This, without an iota of doubt, represents a technology-driven paradigm shift in service creation, discovery, usage and leverage for bigger things. Service usability, utility, and ubiquity are bound to change towards betterment in the days to unfold. All these are seeing a neat and nice reality due to scores of delectable and decisive advancements in producing highly robust and multifaceted service platforms, design patterns, best practices, synchronized processes, and versatile products. The direct results out of these significant improvisations are real-time, on-demand, self-, surroundings and situation-aware physical services. There is an insistence on continuous innovations on service science, engineering, management and governance aspects to solidly empower every aspect of the end-to-end service lifecycle as indicated in the figure 1. There are integrated development environments (IDEs), enterprise service bus (ESB) for service integration, business process manager (BPM) for service composition and process automation, service component architecture (SCA)-compliant containers for diverse and distributed application integration, data middleware, and a host of distinct adaptors and connectors for business integration. But delivering right services to right people via compatible media and devices is the key requirement for service environments. SDP, being a prominent module in service computing, is the well-articulated and attuned environment to ensure effective and efficient service delivery. The convergence concept in the ICT (Information &Communication; Technology) space is instrumental in rolling out a series of noteworthy consolidations & transformations, integration & composition standards, matured technologies, etc. These perpetual developments invariably provide enough confidence and competencies to visualize converged SDPs, the next-generation delivery platforms. The objective of this paper...

Business Activity Monitoring:
Capabilities & Applicability - Part II

Partha Sarathi Sengupta

Partha Sarathi Sengupta

A typical business process is influenced by both internal and external sources of information. The BAM model described so far only takes the internal sources of influence into account. The same model can be extended to include external sources of information like weather forecasts, selective news feeds and customized dashboard for manually feeding in intelligence information collected offline. Figure 5 shows the manner in which this system can be extended. For instance, when the model depicted above receives some critical weather information about an incoming cyclone, it can update the inventory system to stock appropriate items in the store. Considering another example, the administrator can pull up the list of best selling items during a festival season from the BI system and manually feed it in using the Admin dashboard. At times critical news items can also influence the business process. For instance, in case a popular news source publishes the reviews of a movie with a rating of 5 stars, the systems can send out an alert to increase its inventory. Alternatively, if a stocked movie has really got a bad review, then the stock reorder requests can be put on hold without any manual intervention. Rolling out a BAM process takes a considerable amount of effort and commitment from the business side. Here are few things for the stakeholders to consider before deciding to go ahead with BAM implementation. BAM is a Business Solution, Not a Technology Solution: A systematic study of the business processes in context is required as the first step to BAM roll out. Once the study is over a process matrix (table 2) has to be created to outline the key stages in the lifecycle of a business entity as it goes through the business process. After the matrix is defined, it will be used to configure the BAM solution to monitor the appropriate significant signs and take the right corrective action. This is purely a business activity and does not have much of technology dependency. It has to be ensured that the required time and effort is committed by the business personnel to make this activity...

2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007 2006