Cloud Computing and SOA Convergence in Your Enterprise: A Step ...
Cloud Computing and SOA Convergence in Your Enterprise: A Step ...
Cloud Computing and SOA Convergence in Your Enterprise: A Step ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
56 Chapter 3 Def<strong>in</strong><strong>in</strong>g the <strong>Cloud</strong>s for the <strong>Enterprise</strong><br />
The advantage of <strong>in</strong>tegration-as-a-service is that you can access pretty<br />
pricy <strong>in</strong>tegration software functionality for the price of a rental agreement.<br />
Moreover, many of the <strong>in</strong>tegration-on-dem<strong>and</strong> providers have very sophisticated<br />
software delivered through a browser that leverage the new rich Internet<br />
application technology such as AJAX.<br />
The downside is that there are many firewall mediation issues to deal<br />
with. Many systems you may want to <strong>in</strong>tegrate do not have Port 80–compliant<br />
<strong>in</strong>terfaces <strong>and</strong> protocols, mean<strong>in</strong>g they cannot speak outside of the firewall<br />
to the remote, on-dem<strong>and</strong> <strong>in</strong>tegration server. Thus, many <strong>in</strong>tegration-ondem<strong>and</strong><br />
providers leverage software that has to exist beh<strong>in</strong>d the firewall to<br />
mediate the differences <strong>in</strong> the local, native <strong>in</strong>terfaces <strong>and</strong> turn them <strong>in</strong>to<br />
someth<strong>in</strong>g that can be sent outside of the firewall, typically Web Services<br />
that leverage Port 80–compliant Simple Object Access Protocol (<strong>SOA</strong>P).<br />
Thus, you end up with an on-premise footpr<strong>in</strong>t that dim<strong>in</strong>ishes the value of<br />
an <strong>in</strong>tegration-on-dem<strong>and</strong> solution.<br />
Security-as-a-Service<br />
Security-as-a-service, as you may have guessed, is the ability to deliver core<br />
security services remotely over the Internet. While the security services provided<br />
today are often rudimentary, more sophisticated services, such as identity<br />
management, are becom<strong>in</strong>g available.<br />
Security-as-a-service is a tough sell consider<strong>in</strong>g that security is typically<br />
a weak po<strong>in</strong>t of cloud comput<strong>in</strong>g. Provid<strong>in</strong>g security on dem<strong>and</strong> seems like<br />
an unnatural act. However, there are times when security delivered out of the<br />
cloud makes sense, such as for secur<strong>in</strong>g a cluster of cloud resources you are<br />
leverag<strong>in</strong>g with<strong>in</strong> your enterprise or even between enterprises. Thus, you can<br />
enforce security hierarchies between physical organizations out of the cloud<br />
or perhaps have cloud-delivered on-dem<strong>and</strong> encryption services or identity<br />
management solutions.<br />
The downside is rather obvious, consider<strong>in</strong>g that most look at security<br />
as someth<strong>in</strong>g that needs to be controlled <strong>and</strong> thus not outsourced. However,<br />
as time goes on <strong>and</strong> security on dem<strong>and</strong> becomes more sophisticated, <strong>and</strong> as<br />
more corporate data <strong>and</strong> applications reside <strong>in</strong> the clouds, then there will be<br />
an uptake <strong>in</strong> security-as-a-service.