Bob Gourley, Crucial Point CTO and former DIA CTO, just posted Cloud Computing and Net Centric Operations on his website CTOvision . In it he outlines how the OSD and ASD NII strategy to enable net-centric operations has benefited from the advent of cloud computing. Of particular note is his list of key principles for OSD implementation of cloud computing:
- The importance of mission-focused engineering. This key point is already embodied in the ASD NII Strategic Plan, but is worth restating to keep it at the forefront of all IT discussions in the department.
- The continual need for security, including data confidentiality, integrity and availability. All DoD computing approaches must be engineered to be in total consonance with DoD guidelines to assure DoD information, information systems and information infrastructure. Cloud Computing, when engineered right, makes dramatic, positive changes to the mission assurance posture of DoD. Cloud computing enables stronger end point security and better data protection. It also enables the use of thin clients and the many security benefits they provide.
- The need for always instantaneously available backup of data in the cloud. Ensured availability under all circumstances is a key benefit of smart cloud computing approaches.
- The continual need for open source and open standards. Most cloud infrastructure today is based on open source (Linux, Solaris, MySQL, Glassfish, Hadoop) and this positive trend will help in net centric approaches. According to the IDC Group, open source software (OSS) is "the most significant, all-encompassing and long-term trend that the software industry has seen since the early 1980's" Gartner projects that by 2012, 90 percent of the world's companies will be using open source software. This all indicates open source and open standards should be a key principle for DoD cloud computing and other net centric approaches.
- The continual need to evaluate both low barrier to entry and low barrier to exit. As approaches to cloud computing are evaluated, too frequently the cost of exiting an approach is not considered, resulting in lock-in into a capability that may soon be inefficient. Cloud computing capabilities should be adopted that do not result in lock-in.
- The need for open standards. Cloud computing contributions to net centric operations increase interoperability as the code, API's and interfaces for cloud computing are secure but are widely published for all participants to interface with. OSD involvement in open source and open standards communities should continue and be accelerated, since increasingly cloud computing open standards are being discussed and designed by open standards bodies like W3C, OASIS, IETF and the Liberty Alliance. Document and other formats used by OSD cloud computing activities will be open and available for all authorized users on all devices.
- The need to understand the cost of "private clouds". For at least the near term, DoD will remain a provider of "private cloud" capabilities where security dictates ownership levels of control over compute power. This fact means DoD must continually engineer for change and technology insertion, which underscores the need for low barriers to exist in design criteria.
I hope that our decision makers heed his wise council.