Oracle Viewpoint

Oracle & Cloud Computing: Exclusive Q&A with SVP Richard Sarwal

Thu, 22 Oct 2009 08:15:00 EDT

"We believe that cloud is an important trend that we will support. We have two objectives. The first is to ensure that cloud computing is fully enterprise grade, meaning high performance, scalability, reliability, availability, security and standards-based for portability and interoperability. Second, we will support both public and private cloud computing in order to give customers choice," says Richard Sarwal, SVP Product Development for Oracle Enterprise Manager - and upcoming Keynote Speaker at SYS-CON's 4th International Cloud Computing Expo - in this Exclusive Q&A with Cloud Computing Expo Conference Chair Jeremy Geelan.

Cloud Computing Best Practices

Tue, 29 Sep 2009 03:45:00 EDT

Some of the key things to think about when putting your application on the cloud are discussed below. Cloud computing is relatively new, and best practice is still being established. However we can learn from earlier technologies and concepts such as utility compute, SaaS, outsourcing and even internal enterprise centre management, as well as from experience with vendors such as Amazon and FlexiScale.

Licensing: If you are using the cloud for spikes or overspill make sure that the products you want to use in the cloud can be used in this way. Certain products restrict their licenses to be used from a cloud perspective. This is especially true of commercial Grid, HPC or DataGrid vendors.

Data transfer costs: When using a provider like Amazon with a detailed cost model, make sure that any data transfers are internal to the provider network rather than external. In the case of Amazon, internal traffic is free but you will be charged for any traffic over the external IP addresses.

Latency: If you have low latency requirements then the Cloud may not be the best environment to achieve this. If you are trying to run an ERP or some such system in the cloud then the latency may be good enough but if you are trying to run a binary or FX Exchange then of course the latency requirements are very different and more stringent. It is essential to make sure you understand the performance requirements of your application and have a clear understanding of what is deemed business critical.

One vendor who has focused on attacking low latency in the cloud is GigaSpaces and so if you require cloud low latency then these are one of the companies you should evaluate. Also for processing distributed data loads there is the map reduce pattern and Hadoop. These type of architectures eliminating the boundaries created by scale-out database based approaches.

State: Check whether your cloud infrastructure providers have persistence. When an application is brought down and then back up all local changes will be wiped and you start with a blank slate. This obviously has ramifications with instances that need to store user or application state. To combat this on their platform Amazon delivered EC2 persistent storage in which data can remain linked to a specific computing instance. You should ensure you understand the state limitations of any Cloud Computing platform that you work with.

Data Regulations: If you are storing data in the cloud you may be breaching data laws depending where your data is stored i.e. which country or continent. To combat this Amazon S3 now supports location constraints, which allow you to specify where in the world to store data for a bucket and provides a new API to retrieve the location constraint for an existing bucket. However if you are using another cloud provider you should check where your data is stored.

Dependencies: Be aware of dependencies of service providers. If service ‘y’ is dependant on ‘x’ then if you subscribe to service ‘y’ and service ‘x’ goes down you lose your service. Always check any dependencies when you are using a cloud service.

Standardisation: A major issue with current cloud computing platforms is that there is no standardisation of the APIs and platform technologies that underpin the services provided. Although this represents a lack of maturity you need to consider how locked in you are when considering a Cloud platform or migrating between cloud computing platforms will be very difficult if not impossible. This may not be an issue if your supplier is IBM and always likely to be IBM, but it will be an issue if you are just dipping your toe in the water and discover that other platforms are better suited to your needs.

Security: Lack of security or apparent lack of security is one of the perceived major drawbacks of working with Cloud platform and Cloud technology. When moving sensitive data about or storing it in public cloud it should be encrypted. And it is important to consider a secure ID mechanism for authentication and authorisation for services. As with normal enterprise infrastructures only open the ports needed and consider installing a host based intrusion detection systems such as OSSEC. The advantage of working with an enterprise Cloud provider, such as IBM or Sun is that many of these security optimisations are already taken care of. See our prior blog entry for securing n-tier and distributed applications on the cloud. Be sure to check out Amazon’s new VPC inititative as well as looking at VPN-Cubed by CohesiveFT if you have to tie together public Clouds with private applications, services or infrastructure. If you need to keep costs down and evaluate free then look at OpenVPN.

Compliance: Regulatory controls mean that certain applications may not be able to deployed in the Cloud. For example the US Patriot Act could have very serious consequences for non-US firms considering U.S. hosted cloud providers. Be aware that often cloud computing platforms are made up of components from a variety of vendors who may themselves provide computing in a variety of legal jurisdictions. Be very aware of the dependencies and ensure you factor this into any operational risk management assessment. See also my prior blog entry on this topic

Quality of service: You will need to ensure that the behaviour and effectiveness of the cloud application that you implement can be measured and tracked both to meet existing or new Service Level agreements. We have discussed previously some of the tools that come with this option built in (GigaSpaces) and other tools that provide functionality that enable you to use this with your Cloud Architecture (RightScale, Scalr etc). Achieving Quality of Service will encompass scaling, reliability, service fluidity, monitoring, management and system performance.

System hardening: Like all enterprise application infrastructures you need to harden the system so that it is secure, robust, and achieves the necessary functional requirements that you need. See my prior blog entry on system hardening for Amazon EC2.

Content adapted from my book “TheSavvyGuideTo HPC, Grid, DataGrid, Virtualisation and Cloud Computing” available on Amazon.

Immutable Service Containers on Amazon EC2

Mon, 21 Sep 2009 07:00:00 EDT

Back in June, we released the very first security hardened virtual machine images for the Amazon Web Services Elastic Compute Cloud (EC2) environment. These original images were based upon the OpenSolaris 2008.11 release and were configured in accordance with the guidelines published by Sun the Center for Internet Security. Since its initial release, we have provided an update to offer this image in the European Region. In August, we took another step forward with the release of a security-enhanced image based upon the OpenSolaris 2009.06 release.

WebLogic Server - Identity vs Trust Keystores

Sat, 12 Sep 2009 17:30:00 EDT

In computing most technologies have lots of terms and acronyms to learn, it's par for the course, you get used to it. However in computer security the frustration is multiplied as there are often many different terms that mean the same thing. It makes implementing security hard, because understanding it is hard, and I'm not surprised why security is considered badly implemented because the average Joe will struggle (and for the record I'm the average Chris so I struggle too ;-).

I've been trying recently to get straight in my head what is stored in the WLS identity and trust keystores, and what the difference between identity and trust is anyhow. Thanks to kind assistance from Gerard Davison, I think I can now post my understandings, and as usual, hopefully the post is helpful to other readers. As noted however security to me is a difficult area, and so be sure to check the facts here, your mileage with this post may vary.

The following WLS documentation attempts to explain the concepts of identity and trust:

http://download.oracle.com/docs/cd/E12839_01/web.1111/e13707/identity_trust.htm#i1170342

...in ripping out one of the core paragraphs, with a slight rewrite of my own we can see the concept of identity, and how it relates to the public and private keys:

"The public key is embedded in a digital certificate with additional information describing the owner of the public key, such as name, street address, and e-mail address *as well as the hostname*. *Along with this the digital certificate containing the public key, and the separate related private key, provide identity for the server*."

...ultimately to identify the server, to assert the server is who the server says it is.

The digital certificate containing the public key is also referred to as the "server certificate", as for example in 1-way-SSL traffic between the server and client, the server certificate containing the public key is what is initially passed to the client.

There is a missing piece in the puzzle. Regardless that the digital certificate states the owner of the public key, their name and so on, how does a client know that the "identity" asserted by the digital certificate is true? That's where Certificate Authorities (CAs) come in.

Ignoring self signed digital certificates, a typical digital certificate used on the internet containing the public key and owner details is signed by a trusted CA who has verified the identity of the owner. Presumably when purchasing digital certificates from CAs, this is what some of the cost covers, the CAs research into ensuring that the identity details embedded in the digital cert are actually true.

At runtime on receiving the digital certificate, the client checks the CA and if the CA is one that the client trusts (or a CA in a chain of trusted CAs), then the identity of the server is established/verified.

Thus the "identity" of the server is established by what's stored in the "identity" keystore, and its contents are what are farmed out to clients establishing secure connections with the server, who then verify the supplied digital certificate's CA against the clients own list of trusted CAs. The "identity keystore" is also referred to as the "server keystore", because it establishes the server's identity (ie. I am who I say I am).

WLS side note: As mentioned the digital certificate also includes the host name of the server, or in other words the digital certificate is pegged to that server and that server alone. This implies on that server with its relating digital certificate, *all* of the applications will share that single digital certificate for secure communications. Occasionally a requirement will arise where each application must have its own digital certificate. In WLS because keystores are configured under an individual WLS "managed server", if you have two separate applications, it is not possible to use separate digital certificates for each in one managed server. The solution is to create another managed server with its own keystores.

WLS web service side note: Following on from the previous side note, for web services that use in-message encryption and digital signatures, there is often the requirement for multiple different digital certificates. Under WLS to provision the WS-Security model, WLS has a separate Web Service Security Configuration (WSSC) to provision this setup.

Finally regarding the trust keystore, what is its job in all of this? The trust keystore is typically used for storing CA digital certificates, essentially the CAs who will be used to check any digital certificates that are given to the server at runtime (just the same as the client did above). In the standard 1-way-SSL between a client and the WLS server, the trust keystore doesn't come into the equation as the client has its own trust keystore (containing the CAs) and the server has nothing to verify. Yet in the case of mutual SSL (aka. 2 way SSL) between the client and server, the client and server actually swap each other digital certificates to establish identity of both parties, and in this case the server must be able to test the identity of the client through the CA of the client's digital certificate.

Mutual SSL side note: the setup of mutual SSL is more complicated than this. Readers are advised to refer to the following Oracle article.

Final author's note: if any readers find anything particularly wrong with the ideas presented in this post I'd be keen to hear them please. As I've really only experience with 1-way-SSL, it's hard to know if what I've said applies to the concepts of mutual SSL and other security configurations.

Cloud Computing Adoption - Part 1 of 5

Fri, 28 Aug 2009 14:45:00 EDT

Cloud computing is becoming a ubiquitous concept. It has mass-market implications for the technology industry, and it is advancing at speeds rarely seen with any major technological evolution. As a business leader, do you know why cloud computing is important to you? What parts of your business should you be migrating to the cloud? Do you know what you don't know about cloud computing?

Explain to Me Why Stuff Like This is Even Vaguely Legal

Tue, 28 Jul 2009 17:45:00 EDT

Hackers have developed an automated, easy-to-use tool to break into Oracle databases that’s going to be unveiled at the annual Black Hat conference in Las Vegas in a few days. Supposedly it’s for simulating attacks on computer systems but it will also be available to prying employees looking to upgrade their pay packets, amateur hackers with time on their hands and plain old-fashioned cyber crooks. According to Reuters, it was developed using the open source Metasploit Project, which has already released some of the most technically sophisticated exploits to public security vulnerabilities. Oracle has reportedly issued defensive patches, but that doesn’t mean they’re installed. While there are Metasploit hacks for Windows, Firefox and IE, the wire service says this is the first Metasploit program to target Oracle. There have been other ways to hack Oracle, but this one’s reportedly way easier and quicker.

Governance: Service Catalogs and the Cloud

Mon, 27 Jul 2009 15:30:00 EDT

My first read through a post on the Cloud Front Office led me to scoff disdainfully at the re-emergence of a concept central to a successful SOA implementation: the service catalog. Oh, we called it "registry" and then "registry/repository (reg/rep)" and finally "governance" but the concept behind it was exactly the same. Take a gander at the description of a cloud service catalog apparently growing out of discussions that began at Structure 09:

The SOA Marketing Paradox and the Wizard of Oz

Thu, 23 Jul 2009 07:15:00 EDT

Service-Oriented Architecture (SOA) presents a challenge to software marketing people like none other in recent history. On the one hand, SOA has been the top enterprise software bandwagon to jump on for the last four years or so, but on the other hand, many vendors have struggled to tell the proper SOA story for their products in a way that leads to increased sales and happy customers. The reason SOA presents such a formidable challenge is at once both subtle and obvious. After all, SOA is architecture -- it is a set of best practices enterprises follow to organize their IT resources to meet the needs of the business. SOA, however, is not, and never will be, a set of product features. And therein lies the rub. How do you position your product as a SOA product when SOA consists of best practices, not product features?

Is Your SOA Hammer Looking for a Nail?

Wed, 22 Jul 2009 12:30:00 EDT

ZapThink considers the SOA business case as an essential SOA artifact. Architects must have a clear picture of the business motivations for SOA, not only at the beginning of the initiative, but also as the architecture rolls out. Nevertheless, there is still frequently a disconnect between the business problems and the SOA approach. The challenge here is that the architects -- or more broadly, the entire SOA team -- are only one part of the bigger picture, especially in large organizations. In the enterprise context, how the business asks for IT capabilities in the broad sense is often at the root of the issue.

Sun Was Too Arrogant To Survive

Tue, 21 Jul 2009 07:45:00 EDT

Sure, now that the deed is done and the board has approved the acquisition, there’s lots of Monday morning quarterbacks. However, in this case, I’m not one of them. Indeed, I point to the release of my 9/1997 report that I wrote for NC.Focus entitled “State of Java Report: IBM” and the subsequent press release where I assert that IBM is leading in deploying Java in the Enterprise. The story goes somewhat like this. On the day I released the report, I subsequently released the press release through PR Newswire, but it was also available on the IBM website. Within hours of posting the press release, IBM was contacted by Sun and told to remove the link to the press release on their website. Ultimately, Sun did not like the fact that I presented that IBM was doing a better job of monetizing Java in the Enterprise than Sun was, but that was the truth.

Enterprise Architects: Saviors or Door Stops?

Thu, 28 May 2009 22:00:00 EDT

The challenge for EA is to be able to balance the long-term goals against the pressing short-term needs of the business. There are intense commercial pressures right now to reduce costs at a time when capital expenditure is severely constrained. Operational efficiency has become an imperative, but agility and speed to market are equally as important. How to reconcile the short-term needs with the long-term goals? Can they be done simultaneously? Can the architects bridge the two?

McKinsey & Co - Clearing the Air on Cloud Computing

Sat, 18 Apr 2009 15:00:00 EDT

Late last year I received a phone call from McKinsey & Co in regards to helping provide some insights into the cost benefits of moving to a cloud computing environment. For one reason or another we were not able to connect to complete the discussion, which after the last couple days seems like a shame because that very report has been generating a tonne of buzz.