"Best practices for Cloud Storefronts" - NCOIC Session - Sept 21, Virginia

4 views
Skip to first unread message

Bob Marcus

unread,
Jul 29, 2009, 5:43:39 PM7/29/09
to cloud...@googlegroups.com

At the July 15 NDU Cloud Computing Symposium, Vivek Kundra (Federal CIO) strongly endorsed the creation of a government Cloud Storefront. This Storefront (run by GSA) will make Cloud resources (IaaS, PaaS, SaaS) available to government agencies.  Centralized access points for procuring Cloud resources are being considered by several other governments including the United Kingdom G-Cloud app store  and the Japanese Kasumigaseki Cloud

There are strong initial efficiency benefits (reduced procurement time and costs) gained by providing government projects with controlled access to multiple Cloud resources. However unless a set of best practices are followed, there could be negative long-range results such as lack of portability and interoperability across Cloud deployments. On September 21, the Network Centric Operations Industry Consortium (NCOIC) will host an open free Session on "Best Practices for Cloud Storefronts" at its Virginia Plenary.  The focus will be on recommended minimal standardizations (and compliance tests) for Cloud resources that are included in Storefront. Government IT leaders (e.g. GSA) will be invited to participate in the Session.

Some examples of possible standardization areas are listed below.  The Cloud Standards Coordination  (cloud-standards.org) groups and CloudStandards mailing list could provide valuable feedback on the status and value of recommended Cloud Storefront standardizations. It would be valuable to collect recommendations before the Session and prepare a summarized presentation that could be an extended keynote talk (possibly with multiple speakers). Let me know your feedback on the Session topic and agenda. Thanks.
 
Bob Marcus
 
Possible standardizations for Cloud resources available through Storefronts and future Cloud Brokers include:

* Security (e.g. authentication, authorization)
* Interfaces to IaaS (e.g., compute, storage)
* PaaS & deployment model formats for Cloud applications
        - Resource descriptions (Required, Available)
        - Service & SLA models
* Management Frameworks
        - Governance and Policy Enforcement
        - Regulatory agreements (e.g. Data location and security)
        - SLA formats (e.g. Performance, Availability)
* Portable component descriptions (e.g. VM’s)
* Data exchange formats (to and from Clouds)
* Cloud Taxonomies and Reference Models

Reuven Cohen

unread,
Jul 29, 2009, 5:53:02 PM7/29/09
to cloud...@googlegroups.com
I don't think the US Federal Gov App store requires standardization so much as transparency into the underliying processes that support the so called "running" of the goverments app store. 

Some thoughts that come to mind include, who exactly is building this app store, how will it be managed, what oversight will it have and how can we prevent abuse (halliburton style contracts anyone?) or even Apple's Iphone app store style "vendor lockout". These are much more important questions that need to be addressed first.

R/c

Sam Johnston

unread,
Jul 30, 2009, 6:26:49 AM7/30/09
to cloud...@googlegroups.com
On Wed, Jul 29, 2009 at 11:53 PM, Reuven Cohen <r...@enomaly.com> wrote:
I don't think the US Federal Gov App store requires standardization so much as transparency into the underliying processes that support the so called "running" of the goverments app store. 

Some thoughts that come to mind include, who exactly is building this app store, how will it be managed, what oversight will it have and how can we prevent abuse (halliburton style contracts anyone?) or even Apple's Iphone app store style "vendor lockout". These are much more important questions that need to be addressed first.

In the absence of an existing, sensible (ideally open source) solution you can bet some big consulting company will be bought in to build some shitty web interface completely unlike what we've come to expect from consumer-facing web applications... and I'm not just looking at the US here.

As you observe, that's not so much the point though. I definitely agree that the important questions about about access to the storefront by "small" vendors (where "small" is anything smaller than Google, Amazon and Microsoft).

Sam

Alexis Richardson

unread,
Jul 30, 2009, 8:36:11 AM7/30/09
to cloud...@googlegroups.com
On Thu, Jul 30, 2009 at 11:26 AM, Sam Johnston<sa...@samj.net> wrote:
> On Wed, Jul 29, 2009 at 11:53 PM, Reuven Cohen <r...@enomaly.com> wrote:
>>
>> Some thoughts that come to mind include, who exactly is building this app
>> store, how will it be managed, what oversight will it have and how can we
>> prevent abuse (halliburton style contracts anyone?) or even Apple's Iphone
>> app store style "vendor lockout". These are much more important questions
>> that need to be addressed first.
>
> In the absence of an existing, sensible (ideally open source) solution you
> can bet some big consulting company will be bought in to build some shitty
> web interface completely unlike what we've come to expect from
> consumer-facing web applications... and I'm not just looking at the US here.

+1

Attempting to fix government procurement using government procurement
to pick a solution... oh the humanity.

a

Bob Marcus

unread,
Jul 30, 2009, 10:52:37 AM7/30/09
to cloud...@googlegroups.com
Several governments have announced plans to move forward with Cloud Storefronts. This approach will also appeal to other large organizations (governments and enterprises).  The purpose of the September 21 Session is to collect a set of "best practices" recommendations (e.g. minimal standardizations, governance, risks to avoid) to help guide future Storefront implementations, Any preliminary suggestions before the Session would be valuable. Thanks.
 
 

Alexis Richardson

unread,
Jul 30, 2009, 11:08:36 AM7/30/09
to cloud...@googlegroups.com
Bob,

That is great. It would be excellent for the governments concerned to
put out a note stating what a Storefront sells and to whom. Does it
sell (or offer) government cloud services? Does it also enable third
parties to sell their own apps that use gov-cloud services in some way
(like the iPhone store)...? Who buys these?

alexis








>
> >
>
Reply all
Reply to author
Forward
0 new messages