TERENA Trusted Cloud Drive facility Pilot project report

Size: px
Start display at page:

Download "TERENA Trusted Cloud Drive facility Pilot project report"

Transcription

1 TERENA Trusted Cloud Drive facility Pilot project report Project coordinator: Péter Szegedi (TERENA) May 2013

2 Contributors Maciej Brzeźniak PSNC (TF-Storage co-chair) Andres Steijaert SURFnet (GN3plus SA7 activity leader) Jan Meijer UNINETT (TTC member) Maarten Koopmans Vrijheid.net (lead developer) Christos Loverdos and Panos Louridas GRNET Jakub Peisar CESNET Péter Stefáan and Szabolcs Székelyi NIIF/HUNGARNET Mario Vandaele Belnet João Pagaime FCCN Lorenzo J. Cubero CESCA (left) Guido Aben AARNet, Australia Guilherme Maluf RNP, Brazil Christian Sprajc PowerFolder Christian Schmitz OwnCloud Contact Details Péter Szegedi, Project Development Officer, TERENA TERENA Secretariat, Singel 468D, 1017AW Amsterdam, The Netherlands Phone: Fax: TERENA 2013 All rights reserved. Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved.

3 Executive Summary Triggered by the request of the European national research and education networking organisation (NREN) community as well as the recommendation of the TERENA Advisory Council (TAC) and Technical Committee (TTC), the TERENA Secretariat proposed, planned, and executed an 11-month long pilot project where NRENs experimented with data storage capabilities exposing the cloud service delivery model. In the first phase of the project, a storage cloud brokering platform was selected and deployed at the TERENA Secretariat offices. In the second phase, the facility was opened up to all those in the TERENA community willing to experiment and engage with the Trusted Cloud Drive (TCD) concept. Nineteen NRENs, eight universities, three research institutes and five commercial companies around the globe expressed interest in the pilot; 48 user accounts were provisioned to the TERENA platform; eight other test instances of the open source software were deployed and evaluated in different countries. The pilot initially took an end-user service approach where federated access to the centralised TCD platform was provided via a simple web interface as well as a standard Web Distributed Authoring and Versioning (WebDAV) protocol to store data. This approach turned out to be inadequate for the majority of the users due to its limited features and difficulty to manage in large scale. Therefore, based on recommendations made by the pilot participants, the TCD changed direction and followed a service provider approach where platform functions were not exposed to end-users but kept under control of the domain administrator. The technical and administrative functions of the facility could, as a result, be separated, thereby allowing TERENA and NRENs to perform central service administration and distributed platform management simultaneously. The final recommendations of the pilot can be summarised as follows: TCD should focus on its main asset, which is to maintain trust and privacy of the end-user domain by separating metadata and encryption keys from the storage data at the domains boundary. TCD should not compete with the feature-rich front-end sync&share type applications available on the market; TCD should instead broker them to various public and/or NREN-provided storage back-ends in a trusted way. TCD should be a lightweight, thin layer (preferably controlled and operated by NRENs in a distributed way) separating/interfacing end-user application domains and cloud service provider domains; it should be considered as a storage middleware. TCD should not address interoperability at the cloud infrastructure level but facilitate a multi-vendor approach in the application space (through strategic partnerships with application providers of the users choice) as well as aggregate data storage demands and relay them to public and private cloud back-ends (available under TERENA s certified framework agreements). 3

4 Contents Executive Summary Motivations and objectives... 5 Aim of the pilot... 5 Measures of success... 6 Delivering the pilot... 7 Terms and definitions The cloud broker platform... 9 Platform architecture and technical characteristics Pilot participation and dissemination Dissemination Open Phase II procedures General participation Core team and major results Deployment scenarios and use cases Preliminary service delivery scenarios Trust relationship models Use cases identified Business and legal considerations Legal aspects Pricing model Next steps and future directions Acknowledgement References

5 1. Motivations and objectives Undoubtedly, massive data storage is vital for academic research. Individual researchers and students on campus increasingly use commercial cloud storage offerings (e.g. Google Drive, icloud, Dropbox) available on the market. However, these public services are not primarily designed for the needs of sensitive research data sets. Therefore, universities and research institutes are seeking for partnership with private storage solution integrators and application developers (e.g. PowerFolder, SpiderOak, OwnCloud) to build and operate their own storage infrastructure on campus that needs not only capital investment, but also operational knowledge and experience. Although these private storage clusters are able to provide the desired performance and data privacy,, due to a lack of standards and sometimes proprietary vendor solutions, they cannot always interface with each other or with the public services. National research and education networking organisations (NRENs) are in a good position to deliver highperformance data storage infrastructure as a service specially tailored to the research and education community over their advanced networks at national scale. Moreover, thanks to the European and global NREN collaboration, they can also aggregate demands and facilitate community-provided storage to be shared across TERENA members [1]. Trust is the main asset of NRENs, as the universities that are also the major clients of the NRENs govern them. The Trusted Cloud Drive (TCD) service pilot builds on this trust relationship and provides the necessary software tool and know-how to NRENs. Several NRENs in the TERENA community are increasingly interested in offering cloud services for their constituency and many national pilots have already been established. Cloud service is clearly the new paradigm that is changing the traditional way of providing services and how these are accessed by costumers. For instance, cloud storage supports the demand for outsourcing scientific data preservation services to third-party; for using distributed (i.e. geographical diversity) resources whenever needed; and for offering remote space for users to store their data and access it using different devices. However, when outsourcing to public clouds (i.e. Amazon, Google, etc.), privacy and ownership remain a matter of great concern. TERENA has been asked by several members to take action to support the community experimenting with cloud services. As a results of this community call, a small meeting was organised at the TERENA Secretariat in October One of the outcomes of this meeting was that TERENA would investigate the feasibility of initiating a pilot project that would provide storage capabilities that follow the cloud delivery model to the participating NRENs [2]. Aim of the pilot The primary aim of this pilot was to explore possible deployment scenarios for a trusted personal storage service tailored for academia. The pilot was built upon a federated software platform (i.e. the Cloud Broker Platform) which offers the ability to easily connect different storage back-ends (both private and public cloud storage backends are supported) and store users data in a secure and privacy preserving way - thanks to the separation of storage data and metadata as well as the built-in encryption functionality - in the cloud. Trust is the main factor that is very hard to gain in the global (often multi-national) cloud environment. The TCD facility offers a privacy enforcement tool that preserves privacy data in the client domain by keeping the metadata at home whilst allowing the encrypted contents to be stored in such a way that it cannot be accessed by governments without notifying the data owner. TCD addresses legal concerns highlighted by the U.S.-EU Safe Harbor Framework, the USA PATRIOT Act, and the European Commission Directive on Fighting cyber crime and protecting privacy in the cloud (see Section 5). 5

6 The following features were also explored as part of the pilot: longer term sustainability for a potential service (i.e. the community); legal aspects and perceived trust issues related to the storage and management of the encryption keys and metadata (i.e. the service model); software scalability and performance (i.e. the code). Measures of success Objectives Measures Targets Opportunities Threats The community Longer term sustainability for a potential service Number of alpha/beta testers (individuals) Number of organisations installing the service platform at their location (other than the TERENA Secretariat) Number of software developers (code coowners other than the lead developer) who can work on the code (proof needed) At least 30 test accounts At least 5 test instances At least 3 software developers Knowledgeable and reliable software development community around the open-source code. Significant number of user communities, specific use cases. Platform developer as single point of failure. Lack of development and support efforts. No significant take up of the service platform. The service model Legal aspects and perceived trust issues related to the storage and management of the encryption keys and metadata Common understanding of the legal implications of storing encrypted data blob in the cloud Description of the potential service models and service delivery scenarios illustrated by use cases Post information on the pilot Wiki as well as in the final report Post information on the pilot Wiki as well as in the final report Cloud platform is widely used to clearly separate the personal data controller role from the storage data manager role. Organisations can pick the service model and delivery scenario that is better suited to their environment and use cases. (Legal) benefits of using the platform are not understood. Perceived as yet another personal cloud storage service. One single service model does not fit all organisations. 6

7 The code Software scalability and performance Security test results (system intrusion, hacking, data privacy) Compatibility test results (operating system, web browser, APIs) All the necessary tests to be completed. Platform code is robust, secure, and scalable. Platform code is weak, insecure, and rigid. Performance test results (load, volume, stress) Acceptance test results (Alpha, Beta) Table 1: Measures of success The pilot project has been evaluated against these measures of success and pre-defined targets. For evaluation results see Section 3. Delivering the pilot The pilot was carried out in two phases: Phase I - A test instance of the platform was deployed at the TERENA Secretariat s offices. During this phase the cloud broker (the elements in the green box depicted in Fig. 1) were installed and connected to a limited local storage back-end offered by TERENA. A simple web portal and the necessary support for the federated access were also implemented. For this phase TERENA sub-contracted the lead software developer, Maarten Koopmans, who provided the necessary support for the installation. The platform was evaluated and tested by a limited number of NRENs experts coordinated by TERENA. Phase II - NRENs were invited to participate in the pilot by either adding their own cloud storage backend and/or developing new front-end applications to the cloud broker. The Amazon S3 public storage back-end option was also available for testing. It was envisaged that NRENs would offer a limited number of end-users to provide feedback on the usability of the system. Although most of the user requirements were not implemented during the pilot phase, they did help to shape and understand the type of services that users are looking for. The pilot Phase II was operated for a nine-month period after which an evaluation was made to assess the success of the pilot and to agree on the following steps. Terms and definitions Some definitions used in the document can be found in Table 2. Cloud Broker Platform The Cloud Broker Platform is a flexible open-source software tool developed by UNINETT Sigma in 2010 as part of the NEON project. The platform is the basis of the TERENA Trusted Cloud Drive pilot service. 7

8 Trusted Cloud Drive Trusted Cloud Drive is a pilot service made available by TERENA for evolutionary prototyping, testing and service development purposes. Pilot A pilot experiment, also called a pilot study, is a small scale preliminary study conducted in order to evaluate feasibility, time, cost, adverse events, and effect size (statistical variability) in an attempt to predict an appropriate sample size and improve the study design prior to implementing it as a full-scale research project. Pilot studies, therefore, may not be appropriate for case studies. Prototype A prototype is an early sample or model built to test a concept or process, or to act as a thing to be replicated or learned from. A prototype is designed to test and trial a new design to enhance precision by system analysts and users. Prototyping serves to provide specifications for a real, working system rather than a theoretical one. Prototype software is often referred to as alpha grade, meaning it is the first version to run. Often only a few functions are implemented; the primary focus of the alpha is to have a functional base code onto which features may be added. Once the alpha grade software has most of the required features integrated into it, it becomes beta software for testing the entire software and to adjust the program to respond correctly during unforeseen situations in the development process. Evolutionary Prototyping The main goal when using evolutionary prototyping is to build a very robust prototype in a structured manner and constantly refine it. The reason for this is that the evolutionary prototype, when built, forms the heart of the new system, and the improvements and further requirements will be built. Evolutionary prototyping acknowledges that we do not understand all the requirements and builds only those that are well understood. Grey-box Testing Service Delivery Framework In black-box testing there is no information about the internal structure at all. In grey-box testing there is information when the tests are designed, but when the tests are executed that information is neglected. The TCD pilot testing procedure includes: security testing (system intrusion, hacking, data privacy) compatibility testing (operating system, web browser, API) performance testing (load, volume, stress) acceptance testing (Alpha, Beta) A service delivery framework (SDF) is a set of principles, standards, policies and constraints used to guide the design, development, deployment, operation and retirement of services delivered by a service provider with a view to offering a consistent service experience to a specific user community in a specific business context. An SDF is the context in which a service provider's capabilities are arranged into services. Table 2: Terms and definitions 8

9 2. The cloud broker platform The TERENA TCD is a pilot experiment to determine the feasibility of a targeted personal data storage service that builds on a flexible Cloud Broker Platform. The unique features of the selected software platform are: federated access to the service; metadata and storage data are kept separate; storage data is encrypted and stored in the cloud; metadata is stored in a trusted place; various cloud storage back-ends can be brokered; standard-based Web Distributed Authoring and Versioning (WebDAV) front-end and the proprietary web application are both included; different user platforms (Windows, MacOS, ios, Android) are supported; code and documentation are fully open-source and available on TERENA Github 1 under Apache Licences, Version 2.0. The software architecture is modular (Fig. 1); each of the platform functionalities can be enabled or disabled according to the administrator s choice. Fig. 1: The modular Cloud Broker Platform architecture and its components Platform architecture and technical characteristics The pilot Phase I focused on prototyping and operating the Cloud Broker Platform, the open software developed by UNINETT Sigma in 2010 as part of the NEON project 2, at the TERENA Secretariat. This prototype software was built with the basic idea of separating the storage data (i.e. encrypted content) from the metadata (i.e. encryption keys, filenames, size, date, etc.). This particular feature makes, unique to the Cloud Broker Platform, the usage of 1 https://github.com/terena 2 Åke Edlund and Maarten Koopmans, NEON Northern Europe Cloud Computing, Final Report, December 17, 2010, 2 Åke Edlund and Maarten Koopmans, NEON Northern Europe Cloud Computing, Final Report, December 17, 2010, https://notendur.hi.is/~helmut/publications/neon-final-report.pdf 9

10 public clouds particular appealing. A set of metadata is linked to the user s data for search purposes; the metadata (together with the encryption keys) are meant to be stored and operated by a trusted party, which in practical terms means that the storage data and the metadata can be handled by different parties. By keeping the metadata store on premises data confidentiality is guaranteed under the assumption that the premises are inside a trusted domain e.g. TERENA. The metadata is stored in a metadata store called Voldemort that was developed and open sourced by LinkedIn; this store scales elastically and across data centres. The data itself is encrypted using 128 bit Advanced Encryption Standards (AES) (though any cipher could be used); the file names are replaced by a universally unique identifier (UUID) for the cloud provider. The mapping between the UUID and the filename takes place in the metadata store. In this way, a stored blob does not reveal any information that could be exploited by a malicious attack (i.e. which blob do we need to attack? ). The data stored in the cloud is accessed using WebDAV, a stable and widely supported protocol (MacOS, Linux, Windows); the WebDAV server connects to a web front-end, which makes the WebDAV transparent to the endusers. Though many built-in clients differ slightly in their implementation, all their differences are handled by the custom designed WebDAV daemon including ios and Android s most popular applications such as Goodreader and WebDAVNav. Fig. 2: Cloud broker platform architecture implemented in Phase I The software has features that are not an essential part of the pilot, such as a public folder where users can share data with the world, a web interface to the file storage, the ability to tag files and folders and search these tags via the web interface, and the ability to store these searches as search folders that are automatically updated when new files are tagged or when tags are removed from existing files. There is no limitation on the type of storage that can be used, as the software is able to support different cloud storages - such as Amazon S3 and RackSpace Cloud Files, - which makes it particularly flexible. When logging in via their federations, users will not be informed of the type of cloud-storage back-end used but will be able to store and retrieve their data as desired. The frontends are elastically scalable as they are stateless all data resides in the metadata store. Stable operation of the metadata store and fast connections (low latency, low round trip time) will improve the end user experience when keeping the NoSQL metadata store on premises. 10

11 3. Pilot participation and dissemination The pilot Phase I was completed by the end of May The platform was then opened to the participants of Phase II for the following 9 months. To access the pilot service: the WebApp interface was available at https://tc2.terena.org; the WebDAV interface was available at https://tc1.terena.org. The following practical limitations applied to the TERENA test service instance (all configurable otherwise): 100 GB local data storage (on a 1TB volume); 20 GB metadata store (inside the virtual machine (VM)); 5 GB single file-size limit; no limitation on the number of concurrent users. Dissemination The features of the platform were presented and demonstrated at the TERENA Networking Conference 2012 in Reykjavik, Iceland. A YouTube video 3 was also prepared by Péter Szegedi (Project coordinator, TERENA Secretariat) to show how to access and use the platform. The full list of dissemination activities (eight presentations) can be found in the References section of this document. It includes the presentations provided at meetings of the TERENA Storage task force (TF-Storage) [3] [9] and the TERENA task force on Management of Service Portfolio (TF-MSP) [4]; larger events such as the European Commission Information Day on Call 8 [5]; the TERENA Networking Conference 2012 [6]; the Cisco Symposium 2012 [7],; the RNP Forum 2012 [8]; and the SUCRE Project Workshop 2013 [10]. TERENA also issued two news items on its website: April New pilot project to extend TERENA's cloud activities October TERENA Trusted Cloud Drive pilot invites phase II participation The third news item will be issued after the publication of this final report. Open Phase II procedures Phase II was the public phase of the pilot which ran until the end of March A discussion mailing list was set up for Phase II participants. To ensure widest possible participation from within the TERENA community, a gradual procedure was adopted, where participants could first become involved by experimenting as a user of the service, then act as an administrator of the service, and finally, if they wanted, study the code and become an adaption or developer of the service: 1. Bring your test users and try out the TERENA installation of the service: All the national federations, as well as the guest federations (social media) such us Google and facebook, were connected to federated platform. User with e.g. a Google account could therefore test this service. Due to service restrictions, all test users needed to be white-listed. A Wiki tutorial explaining the procedure to follow to white-list a federated account was made available at: https://confluence.terena.org/display/cloudstorage/get+access+to+the+terena+installation 3 Demonstartion video: 11

12 An additional Identify Provider (IdP) configuration guide (only for experts) was published to address cases where a user account was white-listed but still faced problems accessing the service: https://confluence.terena.org/display/cloudstorage/idp+configuration 2. Attach your own storage back-end to the platform installed at the TERENA Secretariat offices: By default, the service used a local file system at the TERENA offices and had the possibility to store encrypted data in the Amazon S3 cloud. If a user wanted to connect a local storage back-end, he needed to develop a bridge between the Cloud Broker Platform and the local data storage facility. The interface/protocol description, and the detailed technical information, consultation, and support were made available on the mailing list. 3. Get familiar with the code: The open source code was written in Scala and ran on top of the Java VM. The pilot participants could get familiar with the code step by step. A single downloadable development VM image, a clone of the TERENA system installation (three VMware images on Ubuntu LTS Server platform with openjdk 6, MySQL, cadaver (downloadable ZIP file 4 ) and Readme 5 ), and the source code and full documentation were all made available by the pilot through Github, under Apache Licenses, Version 2.0. There was also limited free support via the Google group. Pilot participants (Staszek Jankowski and Maciej Brzeźniak PSNC, Dirk Dupont BELNET, and Jakub Peisar - CESNET) also contributed to an Installation Guide available at https://confluence.terena.org/display/cloudstorage/installation+guide. TERENA owns a Github space https://github.com/terena where the Trusted Cloud Drive project is forked (temporarily) and Github users (developers) can be added to the team. The aim of the aforementioned gradual approach was to build a community of developers who would eventually become "co-owners" of the code. It was expected that these potential co-owners organisations would contribute, through man-power and/or financial support, to the maintenance and development of the code. General participation A total of 66 subscribers signed up to the pilot mailing list. Forty-eight user accounts were provisioned (whitelisted) on the TERENA service instance. Table 3 includes the list of organisations that expressed an interest in the pilot. More details about their actual interest can be found at https://confluence.terena.org/display/cloudstorage/phase+ii+-+completed European NRENs (16) ACOnet, ARNES, Belnet, CARNet, CESNET, CSC, DFN, FCCN, GRNET, HEAnet, NIIF, PSNC, RedIRIS, RENATER, SURFnet, SWITCH Other NRENs (3) AARNet (Australia) ERNET (India), RNP (Brazil) Universities (8) École Polytechnique Fédérale de Lausanne, Newcastle University, University of Melbourne, University of Malta, University of Porto, Università Roma TRE, Aristotle University of Thessaloniki, University of Vienna 4 Development VMwaer images 5 Readme 12

13 Regional networks and Research institutes (3) Commercials (7) CERN, CESCA, Srce Amazon, Box, Dell, Joyent, OwnCloud, PowerFolder Table 3: Phase II interest TERENA TF-Storage participants discussing the Trusted Cloud Drive pilot in March 2013 in Berlin, Germany Core team and major results In addition to the TERENA test service instance, eight other national deployments were implemented primarily for testing and software development purposes. The list of platform instances, the name of contacts and voluntary developers, and their results are summarised in Table 4. Organisation Contact / Developer Results GRNET Panos Louridas Christos Loverdos The Pithos+ cloud storage back-end of GRNET has been integrated with the TCD platform. The code extensions were added to the Github repository. The work was demonstrated and the experiences shared at the 12 th TF-Storage meeting in Berlin, Germany. Pithos-CloudDrive.pdf 13

14 RNP CESCA Roberto Araujo Guilherme Maluf Jordi Guijarro Lorenzo J. Cubero OpenStack Java SDK was used for connecting the Swift storage back-end of PRN and interfacing with TCD. The results were added to the Github repository. A TCD service integration with RNP's OpenStack Swift-based cloud storage infrastructure is planned. The implementation of the Jclouds API at the TCD back-end has was planned and begun however, as Lorenzo has left CESCA, this was not completed CESNET Jakub Peisar A test platform instance was deployed using a single VM as well as multiple VMs setups. The performance test resulted in good scalability and performance, taking into account the actual test conditions. The TCD platform scales horizontally per vcpu and across multiple WebDAV servers. The ~60Mbit/s upload speed achieved with application level encryption and compression on one vcpu was good; it could even be tripled on a quad core. Note that both compression and encryption can be turned off which increases the seed by a factor of 4-8. The detailed results can be found at https://confluence.terena.org/display/cloudstorage/software+tests Belnet PSNC Srce/CARNet Mario Vandaele Jean-Philippe Evrard Maciej Brzeźniak Stanisław Jankowski Damir Žagar Nikola Garafolic The test platform instance was deployed using a single VM setup. Priority was taken by the national storage infrastructure tender at Belnet. The test platform instance was deployed using a single VM setup. Future code security audits and performance tests have been planned. Code security audit has been postponed. Srce/CARNet was looking for new storage platforms to migrate from the current GSS installation due to end of product life. TCD was deployed and evaluated but the end-user features of the platform were not sufficient. FCCN João Pagaime The test platform instance was deployed using a single VM setup. The end-user features of the TCD platform were found rough around the edges. Table 4: Test/Development platform instances (in addition to the Phase I TERENA instance) The detailed consultation of the aforementioned extensive group of pilot participants has led to the development of potential deployment scenarios and use cases for the TERENA Trusted Cloud Drive facility, summarised in the next section. 14

15 4. Deployment scenarios and use cases The pilot initially took an end-user service approach where users could have federated access to the centralised TCD platform via a simple web interface as well as a standard WebDAV to store data. This approach turned out to be insufficient for the majority of the users because of its limited features and difficulty to manage in large scale. Therefore, based on recommendations made by the pilot participants, the TCD changed direction and followed a service provider approach where the platform functions were not exposed to end-users but kept under the control of the domain administrator. The technical and administrative functions of the facility could, as a result, be separated, thereby allowing TERENA/NRENs to simultaneously perform central service administration and distributed platform management. Pilot recommendations and service architecture The final recommendations of the pilot can be summarised as follows: TCD should focus on its main asset: to maintain trust and privacy of the end-user domain by separating metadata and encryption keys from the storage data at the domains boundary; TCD should not compete with the feature-rich front-end sync&share type applications available on the market. It should instead broker them to various public and/or NREN-provided storage back-ends in a trusted way; TCD should be a lightweight, thin layer (preferably controlled and operated by NRENs in a distributed way) separating/interfacing end-user application domains and cloud service provider domains; TCD should be considered as a storage middleware; TCD should not address interoperability at the cloud infrastructure level but facilitate a multi-vendor approach in the application space (throughout strategic partnerships with application providers of the users choice) as well as aggregate data storage demands and relay them to public and private cloud back-ends (available under TERENA s certified framework agreements). In line with the strategic directions outlined above, TERENA should further explore: the service brokering scenarios made available by the TCD-Pithos+ and the TCD-Swift integrations; different NREN storage infrastructures and/or public cloud storage back-ends can be brokered down to user domains in a trusted, privacy-controlled way; the service integration scenarios with feature-rich end-user storage applications; both communitydeveloped and commercial solutions (such as OwnCloud and PowerFolder) can be investigated for potential integration with TCD functionality to preserve trust and privacy. Fig. 3 depicts the desired TCD service architecture taking into account some potential use cases described in the followings. 15

16 Fig. 3: TCD service architecture and major use cases In this architecture the TCD acts as a storage middleware (with the functionality of encryption, compression, and metadata preservation) that separates the client trust domain(s) from the storage provider domain(s), and brokers several cloud storage back-ends (both private and public) to the user-preferred storage application front-ends according to the platform administrator s choice. Preliminary service delivery scenarios The following preliminary service delivery scenarios (Fig 4.) were envisioned at the beginning of the pilot: 1. Hosted service scenarios A) One cloud broker instance is hosted at a central location (e.g. TERENA offices), metadata is stored at the same place (i.e. inside the broker), storage data is stored in the public cloud contracted by TERENA. B) One cloud broker instance is hosted at a central location (e.g. TERENA offices), metadata is stored at the same place (i.e. inside the broker), storage data is either stored in the public cloud or in the data storage facilities provided by NRENs participating in the pilot coordinated by TERENA. 2. Brokered service scenarios A) Several cloud broker instances are hosted by NRENs or end-sites, metadata is stored locally (i.e. inside the distributed brokers), storage data is stored in the public cloud that is brokered to NRENs by TERENA. B) Several cloud broker instances are hosted by NRENs or end-sites, metadata is stored locally (i.e. inside the distributed brokers), storage data is stored in both public cloud and the data storage facility of NRENs brokered and coordinated by TERENA. 16

17 Fig. 4: Preliminary service delivery scenarios According to the pilot results, the fully centralised service delivery scenarios (1A and 1B), where TERENA hosts and operates a single TCD platform, would not function. A distributed approach, where NRENs or client domain administrators host and operate the TCD instances by accessing one or more storage back-ends provisioned via a centralised TERENA portal, is a more realistic approach. In these cases (2A and 2B), the administrative functions (i.e. the TERENA portal part) are separated from the technical functions (i.e. the distributed TCD platform instances). Trust relationship models In the distributed service delivery scenarios, the TCD platform can be placed at different levels in the cloud stack. Table 5 shows the possible TCD platform locations against the trust relationship throughout the entire cloud service stack. Trust model No trust Client domain trust NREN trust TERENA trust Full trust Cloud storage provider No further trust delegation No further trust delegation No further trust delegation No further trust delegation Back-end encryption TERENA TCD instance encryption NREN or Data centre TCD instance encryption University or Institute TCD instance encryption End-user Client level encryption Client Client Client Client Out of scope In scope In scope In scope Out of scope Table 5: Trust relationships throughout the cloud service stack 17

18 It is assumed here that trust becomes weaker and weaker as we move up the cloud service stack from end-user to cloud storage provider. It is therefore recommended that the TCD storage middleware platform be installed as close as possible to the end-user domain. Ideally, TCD can sit at the border of the client domain controlling outgoing storage data (i.e. client domain trust model). Use cases identified Based on the extensive consultation with the pilot participants as well as the broader TERENA community (via TF- Storage and TF-MSP) four major TCD use cases have been identified: 1. Public cloud storage broker 2. Private storage infrastructure capacity aggregator 3. Private storage application back-end interface 4. Trusted data replication middleware The following set of tables summarises the essence of these use cases. 18

19 Use case 1. Scope Public cloud storage broker Pan-European level (TERENA). NREN as storage service provider. The case NREN wants to burst temporary storage demand peeks into public storage cloud(s) even if that nominally costs more than the in-house data storage facility. TCD functions API(s) to public cloud storage back-end(s). Transparent account management via federated authentication and authorisation infrastructure (AAI). Trust domain demarcation (i.e. privacy preservation by metadata separation). Strong (additional) encryption. Storage data compression (optional). Uniform search support on local metadata without touching the actual storage data. Role of TERENA TERENA shall close framework agreement(s) with appropriate public cloud storage provider(s) optionally provide technical/legal certification of these and make them available via the distributed TCD platform(s). Aggregate demands from NRENs, provide administration and accounting full authentication, authorisation and accounting (AAA) if needed via an additional centralised TERENA web portal. Key benefits To make sure that no personal data leaves the customer domain (i.e. beyond TCD) when bursting to public clouds. To opt-in to TERENA framework agreement(s) if the total value of purchase is lower than the limit of national public tendering rules or team up for joint procurements with the help of TERENA. Illustration 19

20 Use case 2. Scope The case TCD functions Private storage infrastructure capacity aggregator Pan-European level (TERENA). NREN as storage infrastructure provider/customer. NREN makes spare data storage capacity of its own infrastructure dynamically available to others for a short or long period. This can typically happen in the early phase of the funding period/deployment cycle (optionally) to cover the maintenance cost of the new infrastructure. (Sometimes proprietary) APIs to private data storage back-end(s). Transparent account management via federated AAI. Trust domain demarcation (i.e. privacy preservation by metadata separation). Strong (additional) encryption. Storage data compression (optional). Uniform search support on local metadata without touching the actual storage data. Role of TERENA TERENA shall close agreement(s) and collect Terms of Use documents from the participating NRENs optionally provide technical/legal certification of those offerings and make them available via the distributed TCD platform(s). Aggregate small dynamic chunks of NREN private storage capacities to a larger consistent pool and provide them to other NRENs. Provide a centralised TERENA web portal for provisioning, administration and accounting. Key benefits Ensure that no personal data is exposed to NRENs that offer spare storage capacity to others. No legal obligations arise. Offers private storage cloud interoperability not at the infrastructure but the application level. NREN as storage infrastructure: customer can dynamically select the storage back-end (made available by other NRENs) that fits its customers/applications needs the most. Illustration 20

TERENA Trusted Cloud Drive

TERENA Trusted Cloud Drive SUCRE Workshop Open Source Clouds in the public sector 16-17 April, 2013 Poznan, Poland Peter Szegedi Project Development Officer szegedi@terena.org www.terena.org TERENA Trusted Cloud Drive Unleashing

More information

Trust in your own cloud

Trust in your own cloud TF-MSP meeting 10-11 September 2013 Trondheim, Norway Peter Szegedi Project Development Officer szegedi@terena.org www.terena.org Trust in your own cloud How we concluded the TCD pilot http://www.terena.org/publications/files/terena

More information

Ready for cloud service delivery?

Ready for cloud service delivery? Ready for cloud service delivery? Status and next steps TF-MSP Berlin, 11 January GN4-1, SA7 Andres Steijaert NREN collaboration on service delivery Agenda & topics Which services are - available - incoming

More information

6 Cloud strategy formation. 6.1 Towards cloud solutions

6 Cloud strategy formation. 6.1 Towards cloud solutions 6 Cloud strategy formation 6.1 Towards cloud solutions Based on the comprehensive set of information, collected and analysed during the strategic analysis process, the next step in cloud strategy formation

More information

3. The Task Force will be open to any individual who can offer appropriate expertise, manpower, equipment or services.

3. The Task Force will be open to any individual who can offer appropriate expertise, manpower, equipment or services. Task Force on Network Operation Centres Terms of Reference 1. A task force is established under the auspices of the TERENA Technical Programme with the primary aim to offer a forum for leading staff members

More information

Networks Services People www.geant.org 1

Networks Services People www.geant.org 1 1 NREN collaboration on clouds Cloud opportunities GN4 SGA1 SA7 Mary Grammatikou & Andres Steijaert November 2, 2015 Agenda Why collaborate on clouds? Progress in our collaboration Opportunities for NRENs,

More information

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com Introduction to Cloud Computing Srinath Beldona srinath_beldona@yahoo.com Agenda Pre-requisites Course objectives What you will learn in this tutorial? Brief history Is cloud computing new? Why cloud computing?

More information

Deliverable D11.2 (DS7.5.1,1): Review of Y1, Task 5: Mobile Data Service Activities and Achievements

Deliverable D11.2 (DS7.5.1,1): Review of Y1, Task 5: Mobile Data Service Activities and Achievements 09-04-2014 Review of Y1, Task 5: Mobile Data Service Deliverable D11.2 (DS7.5.1,1) Contractual Date: 31-03-2014 Actual Date: 09-04-2014 Grant Agreement No.: 605243 Work Package/Activity: 11/SA7 Task Item:

More information

Mobile Cloud Computing T-110.5121 Open Source IaaS

Mobile Cloud Computing T-110.5121 Open Source IaaS Mobile Cloud Computing T-110.5121 Open Source IaaS Tommi Mäkelä, Otaniemi Evolution Mainframe Centralized computation and storage, thin clients Dedicated hardware, software, experienced staff High capital

More information

Cloud Computing and Records Management

Cloud Computing and Records Management GPO Box 2343 Adelaide SA 5001 Tel (+61 8) 8204 8773 Fax (+61 8) 8204 8777 DX:336 srsarecordsmanagement@sa.gov.au www.archives.sa.gov.au Cloud Computing and Records Management June 2015 Version 1 Version

More information

HEAnet s Data Storage Services

HEAnet s Data Storage Services HEAnet s Data Storage Services Context & Environment Brian Boyle Network Services Manager HEAnet Storage Services Overview International environment National environment HEAnet s Storage services & plans

More information

Data Protection Act 1998. Guidance on the use of cloud computing

Data Protection Act 1998. Guidance on the use of cloud computing Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered

More information

Simplified NIF for GN4 Input

Simplified NIF for GN4 Input Simplified NIF for GN4 Input Purpose: Submit to: This NIF form is to be used for the submission of New Ideas suggested for inclusion in the GN4 Phase1 and beyond proposals. Budget estimates, information

More information

2) Xen Hypervisor 3) UEC

2) Xen Hypervisor 3) UEC 5. Implementation Implementation of the trust model requires first preparing a test bed. It is a cloud computing environment that is required as the first step towards the implementation. Various tools

More information

CLOUD POWER. NREN collaboration in GÉANT @ STF

CLOUD POWER. NREN collaboration in GÉANT @ STF CLOUD POWER NREN collaboration in GÉANT to enable and facilitate the Research and Education community to use online services on a large scale, with the right conditions @ STF MARCH 24 Andres Steijaert

More information

owncloud Architecture Overview

owncloud Architecture Overview owncloud Architecture Overview Time to get control back Employees are using cloud-based services to share sensitive company data with vendors, customers, partners and each other. They are syncing data

More information

Strategic approach to cloud computing deployment

Strategic approach to cloud computing deployment Strategic approach to cloud computing deployment Slavko Gajin, (GN3plus, SA7T1) Datacenter IaaS workshop 2014 11-12. September, 2014 Cloud and NRENs Cloud is the latest big thing affecting NREN users Do

More information

Using AWS in the context of Australian Privacy Considerations October 2015

Using AWS in the context of Australian Privacy Considerations October 2015 Using AWS in the context of Australian Privacy Considerations October 2015 (Please consult https://aws.amazon.com/compliance/aws-whitepapers/for the latest version of this paper) Page 1 of 13 Overview

More information

preliminary experiment conducted on Amazon EC2 instance further demonstrates the fast performance of the design.

preliminary experiment conducted on Amazon EC2 instance further demonstrates the fast performance of the design. Privacy-Preserving Public Auditing For Secure Cloud Storage ABSTRACT: Using cloud storage, users can remotely store their data and enjoy the on-demand high-quality applications and services from a shared

More information

WHITEPAPER. Data Security for Office 365 Balancing control & usability

WHITEPAPER. Data Security for Office 365 Balancing control & usability WHITEPAPER Data Security for Office 365 Balancing control & usability Contents Executive Summary... 2 Top Security Issues for Office 365... 4 Compelled Disclosures... 4 Unauthorized Sharing... 4 External

More information

Security Practices for Online Collaboration and Social Media

Security Practices for Online Collaboration and Social Media Cisco IT Best Practice Collaboration Security Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 2013 Cisco and/or its affiliates. All rights reserved.

More information

cloud functionality: advantages and Disadvantages

cloud functionality: advantages and Disadvantages Whitepaper RED HAT JOINS THE OPENSTACK COMMUNITY IN DEVELOPING AN OPEN SOURCE, PRIVATE CLOUD PLATFORM Introduction: CLOUD COMPUTING AND The Private Cloud cloud functionality: advantages and Disadvantages

More information

Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media

Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 All contents are Copyright 1992 2012 Cisco Systems, Inc. All rights reserved. This document

More information

Dropbox for Business. Secure file sharing, collaboration and cloud storage. G-Cloud Service Description

Dropbox for Business. Secure file sharing, collaboration and cloud storage. G-Cloud Service Description Dropbox for Business Secure file sharing, collaboration and cloud storage G-Cloud Service Description Table of contents Introduction to Dropbox for Business 3 Security 7 Infrastructure 7 Getting Started

More information

15th TERENA TF-Storage Belnet File Sync & Share Update. Belnet Jean-Philippe Evrard & Mario Vandaele Uppsala 22nd September 2014

15th TERENA TF-Storage Belnet File Sync & Share Update. Belnet Jean-Philippe Evrard & Mario Vandaele Uppsala 22nd September 2014 15th TERENA TF-Storage Belnet File Sync & Share Update Belnet Jean-Philippe Evrard & Mario Vandaele Uppsala 22nd September 2014 Small PoC with Seafile! What? http://www.seafile.com/en/home/ Open-source

More information

The NREN cloud strategy should be aligned with the European and national policies, but also with the strategies of the member institutions.

The NREN cloud strategy should be aligned with the European and national policies, but also with the strategies of the member institutions. 4 External influences PESTLE Analysis A PESTLE analysis is a useful tool to support the investigation and decision process relating to cloud services. PESTLE in general covers Political, Economic, Social,

More information

GÉANT IaaS suppliers meeting Towards Pan-European Cloud Services. Utrecht October 14 2015

GÉANT IaaS suppliers meeting Towards Pan-European Cloud Services. Utrecht October 14 2015 GÉANT IaaS suppliers meeting Towards Pan-European Cloud Services Utrecht October 14 2015 Why and what TODAY More information about IaaS delivery through GÉANT Tender Provider GÉANT interaction Opportunity

More information

IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures

IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF Introduction

More information

AARNet submission to the Australian Computer Society Cloud Protocol Discussion Paper. James Sankar, Alex Reid August 2013

AARNet submission to the Australian Computer Society Cloud Protocol Discussion Paper. James Sankar, Alex Reid August 2013 AARNet submission to the Australian Computer Society Cloud Protocol Discussion Paper James Sankar, Alex Reid August 2013 AARNet, Australia's Academic and Research Network (AARNet) is the not- for- profit

More information

Cloud Computing Security Considerations

Cloud Computing Security Considerations Cloud Computing Security Considerations Roger Halbheer, Chief Security Advisor, Public Sector, EMEA Doug Cavit, Principal Security Strategist Lead, Trustworthy Computing, USA January 2010 1 Introduction

More information

Sistemi Operativi e Reti. Cloud Computing

Sistemi Operativi e Reti. Cloud Computing 1 Sistemi Operativi e Reti Cloud Computing Facoltà di Scienze Matematiche Fisiche e Naturali Corso di Laurea Magistrale in Informatica Osvaldo Gervasi ogervasi@computer.org 2 Introduction Technologies

More information

SECURE, ENTERPRISE FILE SYNC AND SHARE WITH EMC SYNCPLICITY UTILIZING EMC ISILON, EMC ATMOS, AND EMC VNX

SECURE, ENTERPRISE FILE SYNC AND SHARE WITH EMC SYNCPLICITY UTILIZING EMC ISILON, EMC ATMOS, AND EMC VNX White Paper SECURE, ENTERPRISE FILE SYNC AND SHARE WITH EMC SYNCPLICITY UTILIZING EMC ISILON, EMC ATMOS, AND EMC VNX Abstract This white paper explains the benefits to the extended enterprise of the on-

More information

TECHNICAL SPECIFICATION: LEGISLATION EXECUTING CLOUD SERVICES

TECHNICAL SPECIFICATION: LEGISLATION EXECUTING CLOUD SERVICES REALIZATION OF A RESEARCH AND DEVELOPMENT PROJECT (PRE-COMMERCIAL PROCUREMENT) ON CLOUD FOR EUROPE TECHNICAL SPECIFICATION: LEGISLATION EXECUTING CLOUD SERVICES ANNEX IV (D) TO THE CONTRACT NOTICE TENDER

More information

WEB 2.0 AND SECURITY

WEB 2.0 AND SECURITY WEB 2.0 AND SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without

More information

IBM 000-281 EXAM QUESTIONS & ANSWERS

IBM 000-281 EXAM QUESTIONS & ANSWERS IBM 000-281 EXAM QUESTIONS & ANSWERS Number: 000-281 Passing Score: 800 Time Limit: 120 min File Version: 58.8 http://www.gratisexam.com/ IBM 000-281 EXAM QUESTIONS & ANSWERS Exam Name: Foundations of

More information

ESG and Solvency II in the Cloud

ESG and Solvency II in the Cloud Insights ESG and Solvency II in the Cloud In this article we look at how the model of cloud computing can be applied to high performance computing (HPC) applications. In particular it looks at economic

More information

Complementary notes to the agenda of the 34th TERENA General Assembly meeting Luxembourg, Luxembourg, 20-21 October 2010

Complementary notes to the agenda of the 34th TERENA General Assembly meeting Luxembourg, Luxembourg, 20-21 October 2010 7. Feedback from Member Visits In 2008, a series of bilateral meetings was started between TERENA member organisations and members of the TEC and TERENA Secretariat staff, with the purpose to discuss at

More information

Cloud Computing: Contracting and Compliance Issues for In-House Counsel

Cloud Computing: Contracting and Compliance Issues for In-House Counsel International In-house Counsel Journal Vol. 6, No. 23, Spring 2013, 1 Cloud Computing: Contracting and Compliance Issues for In-House Counsel SHAHAB AHMED Director Legal and Corporate Affairs, Microsoft,

More information

Article 29 Working Party Issues Opinion on Cloud Computing

Article 29 Working Party Issues Opinion on Cloud Computing Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,

More information

An Introduction to Cloud Computing Concepts

An Introduction to Cloud Computing Concepts Software Engineering Competence Center TUTORIAL An Introduction to Cloud Computing Concepts Practical Steps for Using Amazon EC2 IaaS Technology Ahmed Mohamed Gamaleldin Senior R&D Engineer-SECC ahmed.gamal.eldin@itida.gov.eg

More information

With Red Hat Enterprise Virtualization, you can: Take advantage of existing people skills and investments

With Red Hat Enterprise Virtualization, you can: Take advantage of existing people skills and investments RED HAT ENTERPRISE VIRTUALIZATION DATASHEET RED HAT ENTERPRISE VIRTUALIZATION AT A GLANCE Provides a complete end-toend enterprise virtualization solution for servers and desktop Provides an on-ramp to

More information

How much do you pay for your PKI solution?

How much do you pay for your PKI solution? Information Paper Understand the total cost of your PKI How much do you pay for your PKI? A closer look into the real costs associated with building and running your own Public Key Infrastructure and 3SKey.

More information

Cisco Hybrid Cloud Solution: Deploy an E-Business Application with Cisco Intercloud Fabric for Business Reference Architecture

Cisco Hybrid Cloud Solution: Deploy an E-Business Application with Cisco Intercloud Fabric for Business Reference Architecture Reference Architecture Cisco Hybrid Cloud Solution: Deploy an E-Business Application with Cisco Intercloud Fabric for Business Reference Architecture 2015 Cisco and/or its affiliates. All rights reserved.

More information

Building low cost disk storage with Ceph and OpenStack Swift

Building low cost disk storage with Ceph and OpenStack Swift Background photo from: http://edelomahony.com/2011/07/25/loving-money-doesnt-bring-you-more/ Building low cost disk storage with Ceph and OpenStack Swift Paweł Woszuk, Maciej Brzeźniak TERENA TF-Storage

More information

CFT 100001411 Provision of a common data transmission system. Questions/Responses

CFT 100001411 Provision of a common data transmission system. Questions/Responses CFT 100001411 Provision of a common data transmission system Questions/Responses 20 November 2015 1 Assumption 9: There shall be an agreed upon set of security rules and procedures for background investigations

More information

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao Guocui.gao@tufts.

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao Guocui.gao@tufts. Tufts University Department of Computer Science COMP 116 Introduction to Computer Security Fall 2014 Final Project Investigating Security Issues in Cloud Computing Guocui Gao Guocui.gao@tufts.edu Mentor:

More information

HIGH-SPEED BRIDGE TO CLOUD STORAGE

HIGH-SPEED BRIDGE TO CLOUD STORAGE HIGH-SPEED BRIDGE TO CLOUD STORAGE Addressing throughput bottlenecks with Signiant s SkyDrop 2 The heart of the Internet is a pulsing movement of data circulating among billions of devices worldwide between

More information

Guidance End User Devices Security Guidance: Apple ios 7

Guidance End User Devices Security Guidance: Apple ios 7 GOV.UK Guidance End User Devices Security Guidance: Apple ios 7 Updated 10 June 2014 Contents 1. Changes since previous guidance 2. Usage Scenario 3. Summary of Platform Security 4. How the Platform Can

More information

CPNI VIEWPOINT 01/2010 CLOUD COMPUTING

CPNI VIEWPOINT 01/2010 CLOUD COMPUTING CPNI VIEWPOINT 01/2010 CLOUD COMPUTING MARCH 2010 Acknowledgements This viewpoint is based upon a research document compiled on behalf of CPNI by Deloitte. The findings presented here have been subjected

More information

MS7.1.1 Cloud Assessment Document

MS7.1.1 Cloud Assessment Document MS7.1.1 Cloud Assessment Document August 2013 DANTE on behalf of the GN3plus project. The research leading to these results has received funding from the European Community s Seventh Framework Programme

More information

owncloud Architecture Overview

owncloud Architecture Overview owncloud Architecture Overview owncloud, Inc. 57 Bedford Street, Suite 102 Lexington, MA 02420 United States phone: +1 (877) 394-2030 www.owncloud.com/contact owncloud GmbH Schloßäckerstraße 26a 90443

More information

Public Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc.

Public Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc. Public Clouds Krishnan Subramanian Analyst & Researcher Krishworld.com A whitepaper sponsored by Trend Micro Inc. Introduction Public clouds are the latest evolution of computing, offering tremendous value

More information

Book of Abstracts. 2016 CS3 Workshop

Book of Abstracts. 2016 CS3 Workshop Book of Abstracts 2016 CS3 Workshop Experiences of Cloud Storage Service Monitoring: Performance Assessment and Comparison E. Bocchi (Politecnico Torino) Enrico Bocchi 1,2, Idilio Drago 1, Marco Mellia

More information

Cloudbuz at Glance. How to take control of your File Transfers!

Cloudbuz at Glance. How to take control of your File Transfers! How to take control of your File Transfers! A MFT solution for ALL organisations! Cloudbuz is a MFT (Managed File Transfer) platform for organisations and businesses installed On-Premise or distributed

More information

EXIN Cloud Computing Foundation

EXIN Cloud Computing Foundation Sample Questions EXIN Cloud Computing Foundation Edition April 2013 Copyright 2013 EXIN All rights reserved. No part of this publication may be published, reproduced, copied or stored in a data processing

More information

CUMULUX WHICH CLOUD PLATFORM IS RIGHT FOR YOU? COMPARING CLOUD PLATFORMS. Review Business and Technology Series www.cumulux.com

CUMULUX WHICH CLOUD PLATFORM IS RIGHT FOR YOU? COMPARING CLOUD PLATFORMS. Review Business and Technology Series www.cumulux.com ` CUMULUX WHICH CLOUD PLATFORM IS RIGHT FOR YOU? COMPARING CLOUD PLATFORMS Review Business and Technology Series www.cumulux.com Table of Contents Cloud Computing Model...2 Impact on IT Management and

More information

Technical Proposition. Security

Technical Proposition. Security Technical Proposition ADAM Software NV The global provider of media workflow and marketing technology software ADAM Software NV adamsoftware.net info@adamsoftware.net Why Read this Technical Proposition?

More information

The NREN s core activities are in providing network and associated services to its user community that usually comprises:

The NREN s core activities are in providing network and associated services to its user community that usually comprises: 3 NREN and its Users The NREN s core activities are in providing network and associated services to its user community that usually comprises: Higher education institutions and possibly other levels of

More information

Interoute Virtual Data Centre. Hands on cloud control.

Interoute Virtual Data Centre. Hands on cloud control. Interoute Virtual Data Centre. Hands on cloud control. Scale your computing resource on demand Choose where in Europe you want your data Europe s most trusted and secure network www.interoute.com/vdc Interoute

More information

Fujitsu Dynamic Cloud Bridging today and tomorrow

Fujitsu Dynamic Cloud Bridging today and tomorrow Fujitsu Dynamic Cloud Bridging today and tomorrow Contents Cloud Computing with Fujitsu 3 Fujitsu Dynamic Cloud: Higher Dynamics for Enterprises 4 Fujitsu Dynamic Cloud: Our Offering 6 High Security Standards

More information

Implementing Mconf web conferencing at the South African National Research and Education Network

Implementing Mconf web conferencing at the South African National Research and Education Network Implementing Mconf web conferencing at the South African National Research and Education Network Kasandra ISAAC SANReN CA, CSIR Meraka Institute, Building 43, Block D, Meiring Naude Road, Pretoria, South

More information

Forth TF- Mobility meeting. Minutes

Forth TF- Mobility meeting. Minutes Forth TF- Mobility meeting Date: 30th January 2004 Venue: TERENA, Amsterdam Minutes Attendees Hansruedi Born (HB) Tim Chown (TC) (streaming) Licia Florio (LC) Carles Fragoso (CF) Jan Furman (JF) Luis Guido

More information

G-Cloud Service Definition. Atos Rapid Pilot Mobile Application Development Service SCS

G-Cloud Service Definition. Atos Rapid Pilot Mobile Application Development Service SCS G-Cloud Service Definition Atos Rapid Pilot Mobile Application Development Service SCS Atos Rapid Pilot Mobile Applications Development Service SCS Designed to provide rapid development and deployment

More information

89% IT Enterprise Services. Optimise your cloud investments with innovative hybrid cloud solutions. Hybrid cloud

89% IT Enterprise Services. Optimise your cloud investments with innovative hybrid cloud solutions. Hybrid cloud IT Enterprise Services Hybrid cloud Choosing the right cloud mix for your enterprise 89% of respondents who signified that deploying some sort of private cloud and hybrid infrastructure is a key priority

More information

Testbeds as a Service Building Future Networks A view into a new GEANT Service. Jerry Sobieski (NORDUnet) GLIF Tech Atlanta, Mar 18, 2014

Testbeds as a Service Building Future Networks A view into a new GEANT Service. Jerry Sobieski (NORDUnet) GLIF Tech Atlanta, Mar 18, 2014 Testbeds as a Service Building Future Networks A view into a new GEANT Service Jerry Sobieski (NORDUnet) GLIF Tech Atlanta, Mar 18, 2014 From Innovation to Infrastructure! Network Innovation requires testing

More information

SECURE YOUR DATA EXCHANGE WITH SAFE-T BOX

SECURE YOUR DATA EXCHANGE WITH SAFE-T BOX SECURE YOUR DATA EXCHANGE SAFE-T BOX WHITE PAPER Safe-T. Smart Security Made Simple. 1 The Costs of Uncontrolled Data Exchange 2 Safe-T Box Secure Data Exchange Platform 2.1 Business Applications and Data

More information

Cloud Computing and Amazon Web Services

Cloud Computing and Amazon Web Services Cloud Computing and Amazon Web Services Gary A. McGilvary edinburgh data.intensive research 1 OUTLINE 1. An Overview of Cloud Computing 2. Amazon Web Services 3. Amazon EC2 Tutorial 4. Conclusions 2 CLOUD

More information

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0 White Paper Enterprise File Serving 2.0 Anywhere, Any Device File Access with IT in Control Like it or not, cloud- based file sharing services have opened up a new world of mobile file access and collaborative

More information

Toward the Clouds, Together!

Toward the Clouds, Together! Toward the Clouds, Together! Collaboration effort of European NRENs in Cloud Computing Branko Radojević, Deputy Director, CARNet/GEANT E-Infrastructure Autumn Workshops Chișinău Where do I come from? NRENs.000

More information

NCTA Cloud Operations

NCTA Cloud Operations NCTA Cloud Operations 093018 Lesson 1: Cloud Operations Topic A: Overview of Cloud Computing Solutions Identify the core concepts of cloud computing. Operations Terminology Identify the terminology used

More information

Orbiter Series Service Oriented Architecture Applications

Orbiter Series Service Oriented Architecture Applications Workshop on Science Agency Uses of Clouds and Grids Orbiter Series Service Oriented Architecture Applications Orbiter Project Overview Mark L. Green mlgreen@txcorp.com Tech-X Corporation, Buffalo Office

More information

Structuring and implementing the Brazilian Academic Cloud. Strategy, modelling, challenges and services

Structuring and implementing the Brazilian Academic Cloud. Strategy, modelling, challenges and services Structuring and implementing the Brazilian Academic Cloud Strategy, modelling, challenges and services Paper s Authors José Luiz Ribeiro Filho Antônio Carlos Fernandes Nunes Ricardo Nobuyoshi dos Santos

More information

CLOUD POWER. NREN collaboration in GÉANT

CLOUD POWER. NREN collaboration in GÉANT CLOUD POWER NREN collaboration in GÉANT to enable and facilitate the Research and Education community to use online services on a large scale, with the right conditions @ edupert MARCH 19 Andres Steijaert

More information

Storage solutions for a. infrastructure. Giacinto DONVITO INFN-Bari. Workshop on Cloud Services for File Synchronisation and Sharing

Storage solutions for a. infrastructure. Giacinto DONVITO INFN-Bari. Workshop on Cloud Services for File Synchronisation and Sharing Storage solutions for a productionlevel cloud infrastructure Giacinto DONVITO INFN-Bari Synchronisation and Sharing 1 Outline Use cases Technologies evaluated Implementation (hw and sw) Problems and optimization

More information

Getting Started Hacking on OpenNebula

Getting Started Hacking on OpenNebula LinuxTag 2013 Berlin, Germany, May 22nd Getting Started Hacking on OpenNebula Carlos Martín Project Engineer Acknowledgments The research leading to these results has received funding from Comunidad de

More information

Enterprise Private Cloud Storage

Enterprise Private Cloud Storage Enterprise Private Cloud Storage The term cloud storage seems to have acquired many definitions. At Cloud Leverage, we define cloud storage as an enterprise-class file server located in multiple geographically

More information

Cloud Computing Trends

Cloud Computing Trends UT DALLAS Erik Jonsson School of Engineering & Computer Science Cloud Computing Trends What is cloud computing? Cloud computing refers to the apps and services delivered over the internet. Software delivered

More information

Vodafone Total Managed Mobility

Vodafone Total Managed Mobility Vodafone Total Managed Mobility More productivity, less complexity Vodafone Power to you What s inside? What you get see how your business benefits 4 In detail find out how it all works 5 Service lifecycle

More information

Cloud-pilot.doc 12-12-2010 SA1 Marcus Hardt, Marcin Plociennik, Ahmad Hammad, Bartek Palak E U F O R I A

Cloud-pilot.doc 12-12-2010 SA1 Marcus Hardt, Marcin Plociennik, Ahmad Hammad, Bartek Palak E U F O R I A Identifier: Date: Activity: Authors: Status: Link: Cloud-pilot.doc 12-12-2010 SA1 Marcus Hardt, Marcin Plociennik, Ahmad Hammad, Bartek Palak E U F O R I A J O I N T A C T I O N ( S A 1, J R A 3 ) F I

More information

Towards a common definition and taxonomy of the Internet of Things. Towards a common definition and taxonomy of the Internet of Things...

Towards a common definition and taxonomy of the Internet of Things. Towards a common definition and taxonomy of the Internet of Things... Towards a common definition and taxonomy of the Internet of Things Contents Towards a common definition and taxonomy of the Internet of Things... 1 Introduction... 2 Common characteristics of Internet

More information

Amazon Cloud Storage Options

Amazon Cloud Storage Options Amazon Cloud Storage Options Table of Contents 1. Overview of AWS Storage Options 02 2. Why you should use the AWS Storage 02 3. How to get Data into the AWS.03 4. Types of AWS Storage Options.03 5. Object

More information

IP Address Management: Smoothing the Way to Cloud-Based Services

IP Address Management: Smoothing the Way to Cloud-Based Services White Paper IP Address Management: Smoothing the Way to Cloud-Based Services What You Will Learn Cloud computing offers many operational advantages to service providers. An important element of successful

More information

WhitePaper. Private Cloud Computing Essentials

WhitePaper. Private Cloud Computing Essentials Private Cloud Computing Essentials The 2X Private Cloud Computing Essentials This white paper contains a brief guide to Private Cloud Computing. Contents Introduction.... 3 About Private Cloud Computing....

More information

Service Overview CloudCare Online Backup

Service Overview CloudCare Online Backup Service Overview CloudCare Online Backup CloudCare s Online Backup service is a secure, fully automated set and forget solution, powered by Attix5, and is ideal for organisations with limited in-house

More information

Assignment # 1 (Cloud Computing Security)

Assignment # 1 (Cloud Computing Security) Assignment # 1 (Cloud Computing Security) Group Members: Abdullah Abid Zeeshan Qaiser M. Umar Hayat Table of Contents Windows Azure Introduction... 4 Windows Azure Services... 4 1. Compute... 4 a) Virtual

More information

Secure Cross Border File Protection & Sharing for Enterprise Product Brief CRYPTOMILL INC

Secure Cross Border File Protection & Sharing for Enterprise Product Brief CRYPTOMILL INC C NNECTED Circles of Trust Secure Cross Border File Protection & Sharing for Enterprise Product Brief www.cryptomill.com product overview OVERVIEW Connected Circles of Trust is an endpoint data security

More information

Elo Touch Solutions Privacy Policy

Elo Touch Solutions Privacy Policy Elo Touch Solutions Privacy Policy Your privacy is very important to us. At Elo Touch Solutions, Inc. ( Elo, we or us which includes any of our worldwide direct and indirect subsidiaries), we recognize

More information

Cloud Computing. Security Practices for General User. Examples of Popular Cloud Service Providers

Cloud Computing. Security Practices for General User. Examples of Popular Cloud Service Providers Cloud Computing Security Practices for General User T he cloud is composed of an extensive bulk of computers owned by a third-party in remote location(s). The Internet provides a bridge between personal

More information

Invest in your business with Ubuntu Advantage.

Invest in your business with Ubuntu Advantage. Invest in your business with Ubuntu Advantage. Expert advice. Specialist tools. Dedicated support. Introducing Ubuntu Advantage Contents 02 Introducing Ubuntu Advantage 03 Ubuntu Advantage 04 - Landscape

More information

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS WHITEPAPER SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS EXECUTIVE OVERVIEW 2-Factor as a Service (2FaaS) is a 100% cloud-hosted authentication solution that offers flexible security without compromising user

More information

ADRI. Advice on managing the recordkeeping risks associated with cloud computing. ADRI-2010-1-v1.0

ADRI. Advice on managing the recordkeeping risks associated with cloud computing. ADRI-2010-1-v1.0 ADRI Advice on managing the recordkeeping risks associated with cloud computing ADRI-2010-1-v1.0 Version 1.0 29 July 2010 Advice on managing the recordkeeping risks associated with cloud computing 2 Copyright

More information

Cloud Computing in the Enterprise An Overview. For INF 5890 IT & Management Ben Eaton 24/04/2013

Cloud Computing in the Enterprise An Overview. For INF 5890 IT & Management Ben Eaton 24/04/2013 Cloud Computing in the Enterprise An Overview For INF 5890 IT & Management Ben Eaton 24/04/2013 Cloud Computing in the Enterprise Background Defining the Cloud Issues of Cloud Governance Issue of Cloud

More information

Amazon Relational Database Service (RDS)

Amazon Relational Database Service (RDS) Amazon Relational Database Service (RDS) G-Cloud Service 1 1.An overview of the G-Cloud Service Arcus Global are approved to sell to the UK Public Sector as official Amazon Web Services resellers. Amazon

More information

Fujitsu Private Cloud Customer Service Description

Fujitsu Private Cloud Customer Service Description Fujitsu Private Cloud Customer Service Description Fujitsu Private Cloud forms part of Fujitsu Hybrid IT portfolio to address the full range of Customers requirements and business needs by providing agility

More information

Cloud Computing for Control Systems CERN Openlab Summer Student Program 9/9/2011 ARSALAAN AHMED SHAIKH

Cloud Computing for Control Systems CERN Openlab Summer Student Program 9/9/2011 ARSALAAN AHMED SHAIKH Cloud Computing for Control Systems CERN Openlab Summer Student Program 9/9/2011 ARSALAAN AHMED SHAIKH CONTENTS Introduction... 4 System Components... 4 OpenNebula Cloud Management Toolkit... 4 VMware

More information

FileDrawer An Enterprise File Sharing and Synchronization (EFSS) solution.

FileDrawer An Enterprise File Sharing and Synchronization (EFSS) solution. FileDrawer An Enterprise File Sharing and Synchronization (EFSS) solution. In today s world the potential for ready access to data from virtually any device over any type of network connection creates

More information

SLA BASED SERVICE BROKERING IN INTERCLOUD ENVIRONMENTS

SLA BASED SERVICE BROKERING IN INTERCLOUD ENVIRONMENTS SLA BASED SERVICE BROKERING IN INTERCLOUD ENVIRONMENTS Foued Jrad, Jie Tao and Achim Streit Steinbuch Centre for Computing, Karlsruhe Institute of Technology, Karlsruhe, Germany {foued.jrad, jie.tao, achim.streit}@kit.edu

More information

EMC PERSPECTIVE. The Cloud Controversy IT Alternative or IT Architecture?

EMC PERSPECTIVE. The Cloud Controversy IT Alternative or IT Architecture? EMC PERSPECTIVE The Cloud Controversy IT Alternative or IT Architecture? The Cloud Controversy IT Alternative or IT Architecture? Table of Contents Overview...........................................................................

More information

CLOUD COMPUTING An Overview

CLOUD COMPUTING An Overview CLOUD COMPUTING An Overview Abstract Resource sharing in a pure plug and play model that dramatically simplifies infrastructure planning is the promise of cloud computing. The two key advantages of this

More information