6 standards that shape open-source cloud computing


The Cloud Security Alliance is working to establish cloud security best practices. Credit: Getty Images

The Cloud Security Alliance is working to establish cloud security best practices. Credit: Getty Images

As cloud computing matures, the early stages of open cloud standards are taking shape – partly in response to IT’s concerns for increased security and lockout prevention. Alternately, the discussion continues around whether open source is the answer, especially given the number of firmly entrenched closed cloud players including Amazon, Google and HP.

While supporters of open cloud computing – Dell, IBM and Rackspace among others – believe in the innovation potential that open source brings, both sides are driving standards activity in an effort to boost cloud adoption.

We’ve identified six standards areas that could influence the future of open-source cloud computing:

Security: The Cloud Security Alliance (CSA), a global coalition representing business, industry and subject matter experts, is actively working toward establishing cloud security best practices. The CSA’s Cloud Controls Matrix aligns with established security standards and frameworks, including:

  • ISACA Control Objectives for Information and Related Technology (COBIT)
  • International Organization for Standardization (ISO) 27001/27002
  • Jericho Forum
  • National Institute of Standards and Technology  (NIST)
  • North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP)
  • PCI

Compliance: This is an area of growing concern for legal counsel, specifically in their risk assessments of a company’s decision to place workloads in the cloud. Much of the cloud security compliance concerns stem from the data and how it’s handled, especially given virtualization. Cloud service providers should expect to be evaluated against existing standards based on industry, and can include those named above in addition to industry specific standards.

Licensing: Cloud computing licensing models come in three types –per user, per device and enterprise. The challenge is to strike a balance between cost – which can escalate quickly in a complex virtual environment – and vendor management, should you decide to retain your software license but move to a different cloud provider. Then, there’s the issue of open-source versus proprietary software licensing. Traditional proprietary software licensing was based on a specific hardware and location, which doesn’t transfer well to the ubiquitous virtual machine cloud environment.

Interoperability: This is to cloud computing what the Federal Communications Commission’s local number portability rule is to telecommunications. It’s the ability to easily move data and workloads to from one cloud provider to another, or between public and private clouds. Interoperability and portability apply data, application and platform. The Institute of Electrical and Electronics Engineers (IEEE) has established working groups aimed at developing cloud portability and interoperability standards.

Scalability: Fast server spinning is an important advantage of cloud computing.  However, there are some limitations on the number of servers you can create. The number isn’t always obvious in your service contract, though.  If you plan on processing a fairly heavy workload, then you’ll need to make sure your provider’s service contract has a workaround.

Remember to consider the multitenant architecture when scaling your public or private cloud. Each tenant must be isolated to prevent one cloud from co-mingling data or inhibiting the performance of the other.

Performance: Business continuity and disaster recovery are key cloud computing performance areas to consider, as well as security and overall performance based on the service level agreement. Standards help consumers consistently evaluate cloud service providers and measure them against performance criteria.

Technological advances in cloud computing have outpaced the conventional standards development process, leaving a void. However, standards developing organizations are organizing to fill the void. They’re turning to academia, business and subject matter experts to catch up with the pace of technology. See the above links to learn about the latest developments for each of these standards in greater detail.

In the meantime, learn how open-source can make sense for enterprise business here at Tech Page One, and check out our eBook to learn how cloud computing is changing the role of the CIO. If you’re thinking about using open-source cloud, let us know in the comments.


Dennis Smith

Dennis Smith

Dell Contributor at Tech Page One
Dennis is the networking and storage evangelist for DellTechCenter.com. He also manages the Dell TechCenter social accounts; click on the tabs above to be connected to them. Dennis has also been recognized as aVMware vExpert.
Dennis Smith
Dennis Smith
Dennis Smith
Dennis Smith
Tags: Cloud Computing,Technology