Ahead of the storm

Cloud computing

by David Baum

For many businesses, the concept of cloud computing means renting hardware, software, or applications from a public cloud service provider. Gone are the hassles of managing your information systems, the advocates say. You simply pay a monthly fee and let the service provider take care of your IT needs.

Based on the enthusiastic coverage in leading business and technology journals, you would think that cloud computing is already revolutionizing the entire technology industry. If enterprises don’t move fast, they will miss a stratospheric opportunity.

But a realistic cloud computing strategy—like most previous strategies for embracing new technologies in the enterprise—is more of an evolution than a revolution. CIOs must embrace new cloud computing models while serving a diverse base of users, managing existing systems, and integrating a variety of existing applications.

This is the approach many Oracle customers have adopted within their enterprise IT architectures. According to Rex Wang, vice president of product marketing at Oracle, Oracle’s long experience with grid computing, dynamic resource management, clustering, and virtualization has laid the groundwork for cloud computing. Many of these technologies are fundamental to today’s cloud implementations, both public and private.

“We see many enterprises interested in building their own private clouds to get the agility, efficiency, and quality-of-service advantages of cloud computing while mitigating concerns about security, compliance, performance, reliability, vendor lock-in, and long-term costs,” explains Wang. “When you consider that cloud computing is really about on-demand access to a shared pool of computing resources, it is clear that Oracle has been providing the key building blocks of this architecture for some time.”

Defining Terms
Like most new computing paradigms, cloud computing didn’t just appear out of nowhere. The clouds have been gathering for years, and Oracle has helped seed their formation with technologies such as grid computing, virtualization, SOA, shared services, and management automation. Astute CIOs are aware of these precedents. Many of them are evolving their existing infrastructures to a cloud model that will deliver incremental benefits over time.

The National Institute of Standards and Technology (NIST), a nonregulatory agency of the U.S. Department of Commerce that promotes innovation and industrial competitiveness by advancing measurement science, standards, and technology, offers a widely accepted definition of cloud computing (see “Cloud Computing in Perspective”). One of the important distinctions made in this definition is between public and private clouds.

A public cloud is shared by multiple tenants and hosted and managed by a cloud service provider. Public clouds are often faster and cheaper for users to get started with, because there’s nothing to install. Customers pay only for what they use, which is especially attractive for dynamic or temporary workloads. Public clouds don’t require in-house IT staff to manage and administer them. And they are paid for out of the operating budget, with no capital outlay.

Private clouds are for the exclusive use of a single organization. They are generally controlled and managed by an in-house IT staff, which gives the organization greater control over security, data privacy, and compliance, along with more control over where data resides and how it must be handled. Private clouds can also provide higher quality of service, because IT can optimize networks and infrastructure in ways public clouds don’t allow. Finally, private clouds are easier to integrate with on-premises information systems.

Controlled Access to IT Resources
Both public and private clouds can dramatically accelerate application development and deployment. Once enterprises set up a private cloud, authorized users can simply sign in to the internal portal, make an IT request for a plain-old virtual machine or a virtual machine with preinstalled and preconfigured middleware and/or database, and click Submit. The associated IT resources will be automatically provisioned without an IT person’s having to be involved. The same thing can be done through a public cloud service provider, except that the process includes a payment transaction.

IT leaders at Embry-Riddle Aeronautical University, the world’s largest fully accredited university specializing in aviation and aerospace, are gradually implementing cloud-based services without sacrificing security or compromising the user experience. The university educates students at two traditional residential campuses as well as at its worldwide campus, which includes both classroom and online distance learning education at 170 locations across the U.S., Europe, the Middle East, and Asia.

This diverse learning environment challenges IT department personnel to provide secure access to campus services and applications as well as to meet student and employee demands for online self-service functionality. One of their key objectives is to provide their dynamic user population of students, faculty, and staff with both public and private cloud services in a consistent and well-controlled manner. To do this, the IT department needed a flexible identity management infrastructure that enables users to access cloud applications in the same way they access all other university applications—with consistent authentication, access management, security, and provisioning.

For example, Embry-Riddle’s e-mail system is part of a public cloud service called Live@edu, which is offered free to universities. Taking advantage of this cloud service saves lots of money for the university, which would otherwise have to support 35,000 e-mail users with 10 gigabytes of storage space for each account. By using this cloud-based e-mail system, the institution gets a large, ready-made infrastructure virtually for free.

Once enrolled, students need to access the university’s information systems 24 hours a day, 7 days a week. This makes the identity management environment mission-critical to the organization.

According to Eric Fisher, director of middleware at Embry-Riddle, Oracle Identity Management provides federated single sign-on and real-time account provisioning to the cloud-based student e-mail system as easily as if it were an on-premises system. The software also keeps the IT team apprised of who has access to what resources at all times—no matter where those information systems reside.

“The Oracle Identity Management software merges user activities among various types of applications, some of which reside in a public cloud, some in our own datacenter, and some hosted by an application service provider,” he says.

Yet although the basic e-mail hosting service is free to the university, Embry-Riddle needs to manage the user accounts and maintain control. According to Fisher, that means being able to create accounts, update them, delete them, lock them, and unlock them—all in a timely fashion and without increasing administrative overhead. “Being able to provide timely account management is very critical to our students,” he says. “Many students don’t visit one of our locations until the day before class starts, and they need to be able to sign up and get going right away.”

Embry-Riddle IT managers worked with Oracle partner Mycroft to implement Oracle Identity and Access Management Suite, enforcing access and management controls for sensitive student data. They created a strong, scalable system to manage more than 70,000 accounts. Oracle Identity Manager establishes a single identity for every user, automatically provisioning and deprovisioning access privileges and requirements as roles change.

In addition, the university used Oracle Identity and Access Management Suite to create a centralized, automated single-sign-on system to control access to specific information systems and applications throughout Embry-Riddle’s IT infrastructure.

Oracle Identity Manager is also the gatekeeper for access to the university’s Oracle Portal via Oracle Internet Directory. Together, these technologies manage all of the school’s desktop workstation accounts, file sharing services, and print sharing services, as well as e-mail accounts for the faculty and staff—all of which the university prefers to maintain on its own servers. The Oracle software also handles several applications, such as the university’s student information system, that are hosted on Oracle Enterprise Linux servers.

Merging Public and Private Cloud Services
In addition to helping enterprises build private clouds and run Oracle technology in public clouds, Oracle also offers an Oracle platform for software as a service (SaaS) to cloud service providers such as Blackboard, a Washington DC-based company that provides enterprise software applications and related services to educational institutions. Blackboard has built several SaaS applications on top of the Oracle platform for SaaS.

According to Jay Robertson, senior vice president of Blackboard Managed Hosting Services, Blackboard has achieved tremendous cost savings in installing, configuring, managing, and maintaining the data tier of its hosted offering by leveraging Oracle Database and Oracle Real Application Clusters (Oracle RAC). “Blackboard Managed Hosting has come to rely on Oracle RAC database technologies when deploying and managing Blackboard software for our growing base of clients,” he says. “Oracle database products enable us to get new clients up and running in as little as seven days and continue to scale with them as student and faculty adoption increases.”

Embry-Riddle relies on Blackboard for a Web-based learning system that adds online elements to courses traditionally delivered face-to-face.

“Our users enjoy single sign-on to Blackboard through Oracle Identity Manager via our Oracle Portal,” Fisher sums up. “They don’t care whether an application resides on our servers, is hosted at a third-party location, or is some type of a cloud service. The Oracle identity management software makes this possible while permitting us to take advantage of applications that meet our business needs.”

This article was first published in Profit magazine

To discuss this and other articles please visit the Mission Critical Systems Forum group on LinkedIn.

Comments are closed.