Design of New or Changed Services in the Cloud:
An ISO/IEC 20000 Perspective
Ronald Dattero
Missouri State University, CIS Dept.
Stuart D. Galup
Florida Atlantic University, IT & OM Dept.
Outline
1. Introduction
2. Actors
3. Deployment Models
4. Service Models
5. Cloud Service Management
6. Concluding Remarks
ICA CON 2012
2
References
[1] ISO/IEC 20000-1 (April 2011) Information Technology Service Management:
Part 1 Service Management System Requirements.
[2] ISO/IEC 20000-7 (February 2012 Draft) Information Technology Service
Management: Part 7 Guidance on the Application of ISO/IEC 20000-1 to the
Cloud.
[3] NIST Definition of Cloud Computing (September 2011), National Institute of
Standards and Technology Special Publication 800-145.
[4] NIST Cloud Computing Reference Architecture (September 2011), National
Institute of Standards and Technology Special Publication 500-292.
[5] White paper from CloudU (2011), Creative Configurations: Mixing and
Matching Public, Private and Hybrid Clouds for Maximum Benefits by Ben Kepes.
ICA CON 2012
3
1. INTRODUCTION
“Cloud Computing is a model for enabling ubiquitous, convenient,
on-demand network access to a shared pool of configurable
computing resources (e.g., networks, servers, storage, applications,
and services) that can be rapidly provisioned and released with
minimal management effort or service provider interaction. This
Cloud model is composed of five essential characteristics, three
service models, and four deployment models.” [3]
ICA CON 2012
4
Five Essential Characteristics [3]
1. on-demand self-service
2. broad network access
3. resource pooling
4. rapid elasticity
5. measured service
ICA CON 2012
5
Comments on Cloud Computing
• Cloud Computing enables businesses to depart from past practices.
• Through resource pooling, an organization can increase computing
efficiency and utilization.
• Through rapid elasticity, an organization can avoid a “boom and
bust” cycle where organizations swing between under-provisioning
and over-provisioning of resources.
ICA CON 2012
6
Comments on ITSM
• Information Technology Service Management (ITSM):
 discipline for managing information technology systems that is
philosophically centered on the customer's perspective of IT's
contribution to the business rather than technology-centered
approaches to IT management and business interaction
• ISO/IEC 20000:
• first international standard for ITSM
• allows companies to demonstrate excellence & prove best practice in ITSM
ICA CON 2012
7
Challenge
• A major challenge for IT service providers is the extent to which
Cloud Computing is used to design new or changed services.
• In designing new or changed services, ISO/IEC 20000 [1] list
eleven requirements.
• The scope of this paper focuses on the first two requirements:
a) authorities and responsibilities for delivery of the new or changed services
b)activities to be performed by the service provider, customer, and other parties for
delivery of the new or changed services.
ICA CON 2012
8
2. ACTORS [4]
1. Cloud Consumer: person or organization that maintains a business
relationship with, and uses service from, Cloud Providers
2. Cloud Provider: person, organization, or entity responsible for
making a service available to interested parties
3. Cloud Auditor: party that can conduct independent assessment of
cloud services, information system operations, performance and
security of the cloud implementation
4. Cloud Broker: entity that manages the use, performance and
delivery of cloud services, and negotiates relationships between
Cloud Providers and Cloud Consumers
5. Cloud Carrier: intermediary that provides connectivity and
transport of cloud services from Cloud Providers to Cloud
Consumers
ICA CON 2012
9
Comments [2]
• Each of these five actors are mentioned in the context of the
Business Relationship process
• “consumer” appears 75 times & “provider” appears 141 times
• Cloud Provider should define:
• the service requirements for new or changed cloud services in ways that
the Cloud Consumer can understand
• the Cloud service with a number of service options in order to help the
Cloud Consumer to understand the potential value of using the service as
well as understanding any known limitations
• Needs to be trust between Cloud Providers & Cloud Consumers
ICA CON 2012
10
Simplified Interaction [2, 4]
1. Cloud Consumer browses service catalog from Cloud Provider
2. Cloud Consumer requests service from Cloud Provider
3. Cloud Consumer agrees to service contract with Cloud Provider
4. Cloud Consumer uses service
5. Cloud Consumer is billed for usage by the Cloud Provider
ICA CON 2012
11
3. DEPLOYMENT MODELS [3]
1. Private Cloud infrastructure is provisioned for exclusive use
by a single organization comprising multiple consumers
2. Community Cloud infrastructure is provisioned for exclusive
use by a specific community of consumers from organizations
that have shared concerns
3. Public Cloud infrastructure is provisioned for open use by the
general public
4. Hybrid Cloud infrastructure is a composition of two or more
distinct cloud infrastructures (private, community, or public)
that remain unique entities, but are bound together by
standardized or proprietary technology that enables data and
application portability
ICA CON 2012
12
Comments on Private Cloud
• Gives the Cloud Consumer exclusive access to and usage of
the infrastructure and computational resources of a Cloud
Provider
• Cloud Provider could be managed by either the Cloud
Consumer's organization or by a third party
• “Physical data center” could be on the Cloud Consumer's
premises or off-site
ICA CON 2012
13
Comments on Community Cloud
• Community Cloud serves a group of Cloud Consumers rather
than serving a single organization
• These organizations share some commonalities such as
mission objectives, security, privacy and compliance policy
• Similar to a Private Cloud, a Community Cloud could be
managed by either one of the Cloud Consumer's organizations
or by a third party and the “physical data center” could be on
one of the Cloud Consumer's premises or off-site
ICA CON 2012
14
Comments on Public Cloud
• Cloud infrastructure and computing resources are made
available to the general public by the Cloud Provider [4]
• Access is via a public network, such as the internet [4]
• Generates significant benefits for Cloud Consumers [5]
 low (or no) upfront costs
 increased flexibility
 greater capacity,
 reduced infrastructure footprint
 (often) lower total costs
ICA CON 2012
15
Comments on Hybrid Cloud [5]
•
Can enable organizations to mix and match different services to achieve
the highest levels of performance, maximum utilization of existing assets,
and create an environment that meets the various imperatives – legislative,
economic, and regulatory
•
Specific situations where a Hybrid approach is best:
• where the organization has legacy applications that do not make sense to
move to the Cloud
• where compliance requirements create a demarcation between what can
be stored on the Public Cloud and what must remain on dedicated servers
• where peaks in traffic (after specific marketing campaigns for an
example) demand that traffic be “burst” to the Cloud, where the cost of
having backups on-premise for disaster recovery is prohibitive
• where web applications require high database performance but need to
scale via the Cloud for web serving
• where organizations wish to prototype applications cheaply before
deploying them on in-house infrastructure, and where vendor lock-in is a
primary concern
ICA CON 2012
16
4. SERVICE MODELS [3]
1. Software as a Service (SaaS)
•
use the provider’s applications running on a cloud infrastructure.
•
applications are accessible from various client devices through either a thin
client interface, such as a web browser (e.g., web-based email), or a
program interface
2. Platform as a Service (PaaS)
•
deploy onto the cloud infrastructure consumer-created or acquired
applications created using programming languages, libraries, services, and
tools supported by the provider
3. Infrastructure as a Service (IaaS)
•
provision processing, storage, networks, and other fundamental computing
resources where the consumer is able to deploy and run arbitrary software,
which can include operating systems and applications.
ICA CON 2012
17
Comments on SaaS
• Cloud Provider deploys, configures, maintains, and updates the
operation of the software applications on a cloud infrastructure
so that the services are provisioned to the Cloud Consumers and
made accessible to end users via a network
• Cloud Provider assumes most of the responsibilities in
managing and controlling the applications and the infrastructure
• Cloud Consumer can have well defined administrative (but
limited) control of the applications
• Cloud Consumer can be billed based on the number of end
users, the time of use, the network bandwidth consumed, or the
amount of data stored or duration of stored data
ICA CON 2012
18
Comments on PaaS
• Cloud Provider should manage the computing infrastructure for
the platform and run the cloud software that provides the
components of the platform
• Software on the platform often includes integrated development
environments (IDEs) and other application development tools
• Cloud Consumer uses the tools and resources provided by the
Cloud Provider to develop, test, deploy, and manage the
developed applications
• Cloud Consumer can be billed can be billed according to,
processing, database storage and network resources consumed,
and the duration of the platform usage
ICA CON 2012
19
Comments on IaaS
• Cloud Provider possesses the physical computing resources
underlying the service, including the servers, networks, storage
and hosting infrastructure
• Cloud Provider runs the software necessary to makes
computing resources available to Cloud Consumer through a set
of service interfaces and computing resource abstractions, such
as virtual machines and virtual network interfaces
• Cloud Consumer uses these computing resources for their
fundamental computing needs
ICA CON 2012
20
5. CLOUD SERVICE MANAGEMENT [4]
1. Business Support
1) Customer Management
2) Contract Management
3) Inventory Management
4) Accounting and Billing
5) Reporting and Auditing
6) Pricing and Rating
2. Provisioning and Configuration
1) Rapid Provisioning
2) Resource Changing
3) Monitoring and Reporting
4) Metering
5) Service Level Agreement Management
3. Portability and Interoperability
ICA CON 2012
21
Comments
•
Most of the Business Support and Provisioning and Configuration
processes are components of three ISO/IEC 20000 processes:
1. Service Level Management: process that ensures that agreed service
level targets for each customer are met and responsible for maintaining
the service catalog
2. Business Relationship Management: process that identifies and
manage customer needs and expectations
3. Service Reporting: process that produces timely, accurate service
reports that meet the information requirements of the service provider,
customer, and other interested parties
•
Rather than specific processes, Portability and Interoperability address
specific Cloud Consumer issues
ICA CON 2012
22
6. CONCLUDING REMARKS
Perspectives of the NIST Cloud Computing Reference
Architecture and ISO/IEC 20000 were melded to gain insight
into the design of new or changed Services in the Cloud
 NIST Cloud Computing Reference Architecture contributed the
architecture
–
–
–
–
Actors
Deployment Models
Service Models
Cloud Service Management
 ISO/IEC 20000 blended in a formal ITSM standard that is
philosophically centered on the customer's perspective of IT's
contribution to the business
ICA CON 2012
23
Final Remark
 By employing Cloud Computing to the design or new
change services, the impact on the delivery of IT
services could be significant
ICA CON 2012
24