This post is a daily aggregation of all news links from @onsaas. This post is automatically generated everyday at 11:45PM UTC.
Platform-as-a-Service (PaaS) is one of the buzzwords that’s mentioned often in the cloud computing space. I’ve written a blog post describing IaaS, PaaS and SaaS. In short, PaaS is a platform for delivering applications, similar to a pre-built system with hardware, OS and application stack all built in. In the PaaS case, this system is hosted. All you have to do is “upload” the application code and it should take care of the executing and scaling of it.
A quick survey of the land (by no means comprehensive, I am also including ONLY application platforms, not service-specific platforms such as DabbleDB) shows that there’s a plethora of PaaS players out there, each with their own target audience. Some provide more of a raw execution platform, some provide a full suite of tools for creating applications online. Unfortunately, most of these vendor approaches will lock you into their proprietary platform. If you ever want to move to another platform, you have to rewrite at least a portion of code using the new vendor’s API. Phil Wainewright has written about this in his blog post “A plethora of PaaS options.”
|Bungee Labs||Web applications|
|Google App Engine||Python web applications|
|NetSuite NS-BOS||Business applications|
|Ning||Social networking applications|
|Salesforce Force.com||Business applications|
In one of the CloudCamp SF sessions in July, one of the guys from Microsoft asked whether the OS matters in cloud computing. My answer to that was it depends on the type of application. If it’s a web centric application that has a web front end, uses a database for storage, and doesn’t use any of the low level file IO, then really there’s no need to know what the OS is. In that case, the OS doesn’t matter.
All these vendors have targeted applications that are delivered over the web, and almost all of the vendors listed above try to abstract the OS from the developers so that they don’t have to worry about the underlying infrastructure. As Mosso’s slogan claims, “Code, load and go.”
Even though cloud computing is still in its infancy; however, as it matures, cloud providers will move upmarket to provide additional business value to customers. We will see a rise of cloud application platforms appear on the horizon. Specifically, we will see more domain-specific cloud platforms for different verticals or application types. For example, I can imagine there are developers working on a MMORPG cloud platform (maybe it’s here already if you consider Metaplace to be that) that will provide execution and management (of virtual goods, zones, accounts) for MMO developers; or a data analytics cloud platform that provides all the basic OLAP functions.
Recently we seem to be hearing more and more security exploits aimed at core Internet protocols. In July, Dan Kaminsky revealed a critical exploit aimed at the DNS protocol.
A couple of days ago “[t]wo security researchers have demonstrated a new technique to stealthily intercept internet traffic on a scale previously presumed to be unavailable to anyone outside of intelligence agencies like the National Security Agency.” See Revealed: The Internet’s Biggest Security Hole | Threat Level from Wired.com for more detailed reporting.
According to Wired.com,
The tactic exploits the internet routing protocol BGP (Border Gateway Protocol) to let an attacker surreptitiously monitor unencrypted internet traffic anywhere in the world, and even modify it before it reaches its destination.”
. . .
Anyone with a BGP router (ISPs, large corporations or anyone with space at a carrier hotel) could intercept data headed to a target IP address or group of addresses. The attack intercepts only traffic headed to target addresses, not from them, and it can’t always vacuum in traffic within a network — say, from one AT&T customer to another.
The clever trip the researchers have done is to
use a method called AS path prepending that causes a select number of BGP routers to reject their deceptive advertisement. They then use these ASes to forward the stolen data to its rightful recipients.
All these core protocol exploits have direct impact to cloud computing as the nature of cloud computing is that computing will happen out there on the Internet somewhere. According to the article,
The method conceivably could be used for corporate espionage, nation-state spying or even by intelligence agencies looking to mine internet data without needing the cooperation of ISPs.
Geva Perry put together a list of cloud computing terms that folks have been using over at Thinking Out Cloud: Cloud Computing Terminology. It’s a great list and he also referenced the blogs that the terms were found.
So far he’s got:
- Cloudburst (both negative and positive use)
- Vertical Cloud
- Private Cloud
- Internal Cloud
- Hybrid Cloud
- External Cloud
- Public Cloud
- Cloud Provider
- Cloud Enabler
- Cloud-oriented Architecture
- Cloud Service Architecture
- Virtual Private Cloud
I am going to be making a day trip out to Vegas for The 451 Group‘s ICE Summit in September. Would love to meet up with some of you if you are going to be there for either VMWorld or the ICE Summit. Email me at onsaas -at- gmail if you are interested in connecting.
Thanks and looking forward to it!