Dedicated to Providing Insight Into the Enablement of Cloud Hosting Environments.

Cloud Hosting Journal

Subscribe to Cloud Hosting Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Cloud Hosting Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories

The Cloud Security Alliance has released it's inaugural whitepaper called "Security Guidance for Critical Areas of Focus in Cloud Computing". The whitepaper is being presented today at RSA, outlines key issues and provides advice for both Cloud Computing customers and providers within 15 strategic domains.  It is now available on the Cloud Security Alliance website at According to Alliance co-founders Nils Puhlmann and Jim Reavis, the several months of collaboration on the white paper was worth the effort, "We would like to thank the many contributors to this initial effort. The great diversity of services offered via cloud computing requires careful analysis to understand the risks and mitigation appropriate in each case. At the same time, we see enormous potential for the cloud model to eventually simplify many difficult sec... (more)

Building a Private Cloud Within a Public Cloud

One of our customers wanted to establish a site to site connectivity between their datacenter and  public cloud (Amazon EC2) and then have a private network within Amazon EC2 with their own custom IP addresses for their servers in the cloud.  Basically the idea here is to augment the internal datacenter resources with the resources in the public cloud securely so that the servers in the cloud appear as if they are part of their own private corporate network.  The idea here is to isolate the servers used by the customer in the cloud from the rest of the servers in the cloud using private network, just like the corporate internal datacenters are isolated using private network with private routers routing the internal traffic. Kaavo team setup the required network using OpenSwan and OpenVPN, see the figure below. The advantage of this setup is that users within the co... (more)

Cloud Computing and Reliability

Eric Novikoff's Blog IT managers and pundits speak of the reliability of a system in "nines." Two nines is the same as 99%, which comes to (100%-99%)*365 or 3.65 days of downtime per year, which is typical for non-redundant hardware if you include the time to reload the operating system and restore backups (if you have them) after a failure. Three nines is about 8 hours of downtime, four nines is about 52 minutes and the holy grail of 5 nines is 7 minutes. From a users' point of view, downtime is downtime, but for a provider/vendor/web site manager, downtime is divided into planned and unplanned. Cloud computing can offer some benefits for planned downtime, but the place that it can have the largest effect on a business is in reducing unplanned downtime. Planned downtime is usually the result of having to do some sort of software maintenance or release process, which... (more)

Rackspace Names Cloud President

Rackspace has made its chief strategy officer Lew Moorman, an ex-McKinsey consultant, president of its cloud business. As CSO, Moorman was responsible for the epiphany of the Rackspace Cloud (aka Mosso) and drove the acquisition of, now the backbone of Rackspace's Cloud Applications division, as well as the Slicehost and Jungle Disk acquisitions. In his new job he'll run both cloud hosting and cloud applications. Mosso is the company's fastest growing division, hosting hundreds of thousands of web sites and applications for 16,000 customers. At the core of its cloud application division is Mailtrust, home to over a million mailboxes. ... (more)

Are Trademarks Harming Cloud Computing?

A few blogs (slashdot) are reporting a story posted last week on titled "Trademarks: The Hidden Menace" in which Keir Thomas asks why open source advocates are keen to suggest patent and copyright reform, yet completely ignore the issue of trademarks. In his story, he says "Trademarking is just as dangerous as its two intellectual property brothers." Thomson goes on to say "Trademarking encourages organizations to foster back-room deals, and negotiations to get permissions. It's almost exclusively a domain for lawyers. Does this sound familiar? That's right -- it's just like the kind of deals that go on over copyright and patents in the boardrooms of big corporations. And just like patents and traditional copyright, it's totally incompatible with the spirit and ethos of open source software." Given the discussions around the potential trademarking of var... (more)

The Future of Software Is The Cloud Application Marketplace

Recently there has been a renewed interested in Cloud Application Marketplaces. This is a repost Originally Posted Sunday, September 7, 2008 Cloud computing isn't a management model so much as a software delivery paradigm. What Apple has done with its App Store is show the world that the key to monetizing the cloud is in the delivery of the key applications and assets (music, video, ringtones) through a simple and accessible channel. With the series of recent announcements from a variety of mobile providers an exciting and potentially lucrative area in cloud computing appears to be emerging. In recently Microsoft, Google and T-mobile and others have all announced efforts to create what I am calling "cloud marketspaces" for the delivery of mobile software using a similar model to that of Apple's iPhone App Store. If successful, these new cloud marketspaces may signify a... (more)

Cenzic's Cloud Computing Security

Cenzic announced the 6.0 release of both its cloud computing infrastructure and on-premise software offerings. Continuing to provide automated on-going security assessment of custom and commercial Web applications throughout the software development lifecycle (SDLC), ClickToSecure® 6.0 and Cenzic Hailstorm Enterprise ARC® 6.0, bring strong enhancements focused on integration, support of industry standards, optimized assessment executions, and superior Web crawling technology. "Cloud-delivered security for securing Web applications offers organizations potential economies of scale and faster ramp-up times to get their applications tested," said Neil MacDonald, VP and Gartner Fellow. "Many enterprises have a backlog of untested applications and cloud-delivered security testing can help accelerate the Web application testing process. Cloud-based testing services can s... (more)

Cloud Security: Into the Cloud We Go . . .

A new shift in computing is upon us - cloud computing. As our use of computing resources evolves from mainframes to PCs and networks, we are now facing a major shift in the way we work. This could have dramatic effects on the way we use computers, both for work and play. But the security issues need to be discussed, risks assessed and judgements made knowing the risks and issues. For some, cloud computing makes a lot of business sense, for others, it may create confusion. What is cloud computing? For many it's the natural evolution of the Internet. The Internet has provided a major shift in the way we work. Less than 20 years ago, there was a comment by Ray Noorda, the CEO of Novell - "If you don't have an e-mail address on your business card, you will be considered a nobody" and most people did not believe it. Twenty years later and it seems pretty much everyone h... (more)

An Itty-Bitty Chip Could Slash a Data Center’s Energy Bill

Imagine a data center chock full of heterogeneous equipment and running hot. That should be an easy exercise since they all are. But now it's important to stop the waste and reduce energy consumption. Where do you start? Well, it might be nice to whittle the problem down to size and figure out what in that sea of servers and whatnot are the biggest offenders. A start-up called Sentilla says it can help. It's got a wireless sensor network that can track energy use in data centers from multiple vendors, including the facility itself. IT managers can set a baseline with the consolidated information and establish power usage effective (PUE), the first step in an energy reduction strategy. Sentilla says its sensors, itty-bitty Java-based computers the size of a dime embedded in an intelligent power strip, can go anywhere or be attached to anything, even a blast furnace, ... (more)

IBM & Cloud Computing: How "SOA in the Cloud" Can Produce Real Change

"SOA serves as the foundation for the move into the cloud," stated Dr. Kareem Yusuf, Director Product Management, WebSphere Software, IBM, in his keynote at SOA World Conference & Expo in NYC Tuesday. "What are the characteristics of the cloud?" Dr Yusuf then asked. Shared infrastructure, self-service capabilities, and the fact that it will be virtualized are several that he mentioned. He also noted that two things stand out about the cloud - self-service access and management, and elastic scaling. "What we are actually doing with the cloud comes down to cloud services," stated Dr Yusuf. "What kind of service do you want to provide as the cloud becomes a means of delivering that service." He then categorized three types of cloud-based services: Infrastructure as a Service Platforms as a Service Applications as a Service It's first and foremost about service. You the... (more)

IBM Researcher Solves In-Cloud Data Encryption Puzzle

Big news came out of IBM Wednesday, an IBM researcher has solved a thorny mathematical problem that has confounded scientists since the invention of public-key encryption several decades ago. The breakthrough, called "privacy homomorphism," or "fully homomorphic encryption," makes possible the deep and unlimited analysis of encrypted information -- data that has been intentionally scrambled -- without sacrificing confidentiality. IBM's solution, formulated by IBM Researcher Craig Gentry, uses a mathematical object called an "ideal lattice," and allows people to fully interact with encrypted data in ways previously thought impossible. With the breakthrough, computer vendors storing the confidential, electronic data of others will be able to fully analyze data on their clients' behalf without expensive interaction with the client, and without seeing any of the private ... (more)