At the RSA Keynote a few weeks back, Amazon’s Security Lead, Steve Riley participated on a panel with other security leaders of the industry. We were impressed with the openness of all of the participants, and particularly excited with the new concepts coming from at Amazon. Riley used a term that is being used within his part of Amazon, the “Think Cloud”.
As we understand it from the discussion on stage, a Think Cloud is a “body of knowledge” that is a real-time information base of Amazon cloud that can be pivoted all the way down to the threads and individual data concurrency. It would be an index that acts like a control point that helps define movement of data through a servers and compute tasks. Looking at the journey from the data point of view, including data about the environment itself and how to repair itself when damaged and keep data concurrency in tact.
Here’s the RSA cloud security keynote to get a bit of inspiration to benefits of portable (cloud) computing.
In this 30 minute discussion, there are several notable considerations from the contributors on how cloud security challenge can be thought of as a big opportunity and that perhaps now is time to debunk the myth that security is not a part of the cloud.
We picked out a few of Riley’s comments that we believe are leading towards the idea of the Think Cloud and why Amazon may be there first.
I/O
Amazon knows it is critical to be able to have good inputs and outputs. And emphasizes ease of use even more than data portability standards themselves.
Riley described a great use case where an un-named customer used Amazon for compute, another cloud provider for data processing, SalesForce for crunching, and then pushed the results to Facebook. Interconnection is happening and applications are already “using all the clouds out there”. In this case, all the way down to the consumer.
When we look at this pattern, it we see parts that mimic the history of web in the enterprise. Back-end systems moving data around, optimizing, and passing it to the a web portal. And, the portal demanding “real time” updates for key pieces of data, while relying on batch for others.
We can see that idea of a Think Cloud may come into this pattern to help set boundaries and checks so that when a piece of data passes through an Amazon, it is returned reliably, ever time. Perhaps a Think Cloud is a registry that does part of what a smart Enterprise Services Bus does when registered new applications for master data, that is keeps track of activity.
In a way, we need to solve the cloud-equivalent “floating point” problem in the CPU of generations past in the computer itself.
On the CPU math co-processor, the question was, “Does it know how to do math correctly every-time under all conditions?”.
Perhaps the question in the cloud may be “Are all my customers still in the database even though that thread died?”, or “Do we have encryption set on every cpu that this user’s information is stored in memory or on disk”. Solving that problem of interchange the role the concept of Think Cloud might lead.
Many legacy applications won’t make it to the cloud.
At least, not as-is. Riley comments that “servers are disposable horsepower, they come, they go”.
In other words, Since applications sit on top of servers, and servers are sinking into the cloud, applications will sink or swim based on how they migrate to this model. So, the first movers are “the rats” that have jump ship as it started to sink. Follow the rats, or drown.
The tear-down of the server into the n-resource cloud breaks-or-suboptimizes server based applications in a fundamental way.
Thinking back, this is very similar to web services revolution in the enterprise, where just because an application can export its data model, doesn’t mean it is optimized for web services, or API level interaction.
We find this almost a reverse-trend to server virtualization, which has expanded the physical compute space. Perhaps we are finding that there is some new turf to be claimed on where the cloud reaches and virtualization ends.
We like to think of it as “smart service bus” meets “smart application” on infinite resources. Infinite, or course, equaling the credit in your PayPal (or other) form of payment collection required by either, or both parties.
As reported by The Register’s Cade Metz, Microsoft’s Steve Ballmer recently pointed out that this is a potential opportunity with Microsoft and Azure. Where, instead of “only” focusing on infrastructure clouds, the company is working towards a new programming model, Steve said on March 4, 2010.
“I think Azure is very different than anything else on the market. I don’t think that anyone else is trying to redefine the programming model”
When we look at the services recently in our post, Is Amazon’s Computing Fabric a New Economy, we noted a series of services outside of core computing that start evolving Amazon quickly down the path of a new development paradigm. Abstracting storage, network, monitoring, and perhaps in future security, in raw terms gives rise to new opportunities to bind them back together.
Security is the topic for RSA. Compliance is the reason to get it right. If the computing model wants to be secure, it needs to know the assets and their relationships. As reported by Search Cloud Computing, Amazon’s Riley also tipped the audience at RSA that Amazon is weighing in on encryption as a service offerings. This is another example, where that now Amazon is supporting a new services such as Virtual Private Cloud, it moves one step closer the knowledge point for all the key assets, including their peers within the corporate network.
We find this area, as well as certificate management, to be an area ripe for the type of thinking we see at Amazon. The problem to be solved isn’t a better routine, but is how to apply it tandem with the moving assets and data that is ever changing in demand.
Perhaps We Needed to Get to Random, to Get to Secure
We wonder if Amazon’s Think Cloud is something new, and if so, is a path towards solving the collision of the major parties in the network. If it joins network, storage, person, and server resources together, perhaps it is the brains of the next generation Internet.
The winner will be the one that makes it simple, because as Devo on Chatroulette is proving, demand is asymmetric, and access control is from the eighties.