Google’s New Cloud Database

Last Thursday, Google introduced a teaser of their new service application called the Google Cloud SQL. This new service will address the needs and be more appealing to business enterprises because of its scalable database platform that is MySQL hosted.

Google Cloud SQL product Manager,  Navneet Joneja said that they have received various requests from Google App Engine users asking for an application that will allow them to create and develop database-run applications. With the new Google Cloud SQL and App Engine, users can now provide developers’ access to developing their own database. It will circumvent the hassle of database administration, management and maintenance.

Justin Griffin of Cisco demonstrated recently how their wireless application can analyze the band and trace physically the radio source signal. This will effectively identify hackers and their devices plus the source of their interference.

Joneja said “Cloud SQL is available free of charge for now, and we will publish pricing at least 30 days before charging for it,” this means that the service will be free hopefully until the end of 2011.

Earlier this May, Google announced their plan to increase the subscription fee for their App Engine cloud platform, which shocked most developers. This announcement resulted to a lot of complaints and outcry from users. Peter Magnusson, Google’s engineering director later apologized for the lapse they did in failing to provide notice to developers on how this new app can affect their subscription rates.

Google, however stood by its original pricing stating that it is the reasonable price to make App Engine compatible for any business use.

App Engine has been successful in the market for the last three years, which led Google to create Premier accounts. These accounts will have access to offline billing and other technical and customer support features.

Cloud SQL runs using MySQL database platform that supports various applications like Java, JDBC and DB-API, for Python applications. CloudSQL is currently exclusive for App Engine applications only.

Microsoft and Apple Highlight Cloud’s Flexibility

NEW YORK, NY–(Sep 5, 2011) – Companies are increasingly looking to cloud computing environments in order to accelerate value in business financials and reduce costs. Cloud computing is highly appealing to today’s organizations, not only because of its projected cost savings but also because of the cloud’s flexibility. The Bedford Report examines the outlook for companies in the Technology Sector and provides stock research on Apple, Inc. (NASDAQ: AAPL) and Microsoft Corporation (NASDAQ: MSFT). Access to the full company reports can be found at:

www.bedfordreport.com/AAPL

www.bedfordreport.com/MSFT

Management Today reports that 37 percent of firms surveyed say they will transfer in excess of 60 percent of their applications to a private cloud environment in the future. While large corporations and businesses are rapidly bringing their applications to the private cloud, co-existing with a public cloud has not been appealing to these organizations. The report finds that a mere 6 percent of those surveyed intend on moving to the full public cloud, based on security concerns.

The Bedford Report releases investment research on the Technology Sector so investors can stay ahead of the crowd and make the best investment decisions to maximize their returns. Take a few minutes to register with us free atwww.bedfordreport.com and get exclusive access to our numerous analyst reports and industry newsletters.

Earlier this summer Microsoft officially launched its main entry in cloud-based services for small businesses, Office 365. The Office 365 plan for Small Businesses is optimized for organizations with 25 users or less and includes Office Web Apps, Exchange Online, SharePoint Online, Lync Online at approximately $6 per user per month.

Also this summer Apple unveiled its much-anticipated iCloud software. The iCloud is a complete suite of services that automatically allows Apple product users to store and retrieve applications in the cloud.

The Bedford Report provides Market Research focused on equities that offer growth opportunities, value, and strong potential return.

Source: Marketwire

4 new platforms for building a business mobile app

In a world where there’s always “an app for that,” more small businesses see the value in creating their own mobile apps. The technical know-how necessary to develop an impressive app and the cost of hiring a professional developer, however, have discouraged the production of many would-be branded applications.

Affordable do-it-yourself alternatives give all companies — even those with minimal tech expertise — a way to create their own apps.

Even the code-illiterate can build passable apps using these four new platforms.

1. Bizness Apps

 

Bizness Apps focuses on industry-specific features. If you’re building an app for a restaurant, for instance, its builder might suggest that you add a menu and a specials feature. If you’re building an app for a gym, it might recommend a weekly workout planner.

It’s a difficult platform on which to customize beyond color choices, but it’s a tool that’s incredibly easy to use.

Platforms: iPhone, iPad, Android, HTML5

Price: $39 per month for the iPhone app plus $10 per month for an iPad, Android or HTML5 app.

2. Mobiflex

MobiFlex, while not the prettiest of the app creators, will integrate with back-end data sources and incorporates functions like the phone’s camera, speech recognition and GPS into its native apps.

There’s a better chance of creating and releasing a useful app with these features, but users also have a steeper learning curve than some of its competitors.

Platforms: Android and iOS

Price: A one-time setup fee of $99 plus a monthly fee of $25 for up to 50 users and two pages.

3. AppMakr

If your main objective for creating an app is to distribute content, AppMakr might be a good choice. Publishers such as The Atlantic and Harvard Business Review have made apps using the platform.

Other than adding content through multiple RSS feeds, uploading a photo gallery and sending push notifications, its code-free apps can’t do much. One appealing aspect for content creators, however, is the option to serve ads through several networks.

iSites, Swebapps and App Co offer similar approaches for content distribution apps.

Platforms: iOS

Price: Free

4. Red Foundry

Red Foundry offers options for the intermediate coder and newbie app builder alike. More advanced users can choose to design their apps with an xml-based coding system instead of using the startup’s template.

RSS feeds are the focus of the free version of the product’s point-and-click app builder, though it’s easy to add other extras like photo galleries, maps, social feed and commerce options like a Paypal donate button.

What’s most obviously distinct about the platform is its test-as-you go app,Viz. After you load the program onto your phone, you can use it to test your app as you build it.

The platform also makes widgets that show analytics, social activity and push notifications from your app that you can add to your desktop.

Platforms: iOS products

Price: Basic apps are free; more advanced options start at $39 per month.

Top 5 Cloud Computing Providers

Here is a list of the Top 5 Cloud Computing providers. The key parameters used for comparing these cloud platforms include when the platforms were introduced, support for various operating systems/languages, current adoption levels of the platforms and the overall potential of the platform. A good understanding of the key cloud computing platforms is critical to understand the current state of cloud computing and the overall direction of the industry. This in turn is very useful while making a choice for an appropriate cloud computing platform. Please read the following article Comparing SaaS, PaaS and IaaS to understand some of the terminology used in this article.

Amazon
Clearly the market leader in Cloud Computing and primarily a IaaS vendor.EC2 and S3 are the two most popular services available as part of Amazon Web Services. They also have the most wide variety of services available as part of their cloud platform.
There are indications that Amazon may have a total of 1.8 million deployed instances and showing 10% overall growth in deployments
Indications are they had a total revenue of 220 million USD revenue from their Cloud business
There are around 100,000 customers using Amazon Web Services

Rackspace
Rackspace which has long been one of the largest players in the managed hosting market quickly transformed itself into a highly successful Cloud Computing provider primarily as an IaaS provider. They have two key services Cloud Servers and Cloud Files which are the equivalent of EC2 and S3 from Amazon.
Indicating 100% growth in Cloud Revenues from 2008 to 2009
Added around 40,000 new customers in the last 4 quarters
Cloud Revenue has been 56 million USD in 2009

Salesforce.com
Salesforce.com was one of the earliest Cloud Computing companies to get setup with a specific focus on CRM and functioned as a SaaS company.Salesforce.com first started in 1999 and has grown significantly from its initial launch with a continuous focus on CRM. Force.com was launched in 2007 as a custom application development platform as an entry into the PaaS market but has not been able to garner a significant market due its proprietary platform. Given the specific nature of the platform Amazon and Rackspace have been ranked higher in this list even though Salesforce has a higher revenue.
Total of 55,000 corporate customers and 1.5 million individual subscribers.
Total revenue of .3 billion for 2009

Google
Google made a late entry into the Cloud Computing business with two services, Google Apps which primarily targets the SaaS space and the Google App Engine which provides a PaaS model for businesses and individuals to deploy their Web Apps. They have quickly made a mark with both the platforms and have made significant growth in the overall cloud computing market.
Google Apps has 1 million customers and an approximate revenue of million
Google App Engine does not have any numbers publicly available, since the paid version launched a year back they may need some more time before we get a sense of the adoption.

Microsoft
Microsoft was the last major player to enter into the market and as expected launched a platform Azure based on their Windows/Azure stack. While they have continued to claim that Azure is not tied to .NET, the expectation is the platform will see most adoption from Microsoft shops with a focus on .NET and Windows based technologies and platforms.
Indications are that around 10,000 customers have moved to Azure
Since the launch has been less than 6 months back its a little early to track adoption.
We rank it high due to the high potential of the platform and tight integration with Microsoft based development platforms.

Conclusion
Amazon and Rackspace continue to be the key players in Cloud Computing with a key focus on IaaS as the core service they offer. Given the core expertise of these companies it is unlikely that they will venture into other aspects of the Cloud and they are unlikely to offer SaaS or PaaS services anytime soon. It is highly likely that all growth in the IaaS segment of Cloud Computing will be distributed between these two companies. Microsoft and Google are likely to be key players in the PaaS space clearly segmented between .NET and Java applications. Salesforce on the other hand is likely to remain a player focused purely on the CRM market and primarily as a SaaS provider.

Top 7 threats to cloud computing

1 Abuse and nefarious use of cloud computing((IaaS, PaaS) -- 
The easiness of registering for IaaS solutions and the relative anonymity they offer attracts many a cyber criminal. IaaS offerings have been known to host botnets and/or their command and control centers, downloads for exploits, Trojans, etc. There is a myriad of ways in which in-the-cloud capabilities can be misused - possible future uses include launching dynamic attack points, CAPTCHA solving farms, password and key cracking and more
Remediation - 
-Stricter initial registration and validation processes.
-Enhanced credit card fraud monitoring and coordination.
-Comprehensive introspection of customer network traffic.
- Monitoring public blacklists for one’s own network blocks

2 Insecure interfaces and APIs (IaaS, PaaS, SaaS) -
As software interfaces or APIs are what customers use to interact with cloud services, those must have extremely secure authentication, access control, encryption and activity monitoring mechanisms - especially when third parties start to build on them..
Remediation-
-Analyze the security model of cloud provider interfaces.
- Ensure strong authentication and access controls are implemented in concert with encrypted transmission.
- Understand the dependency chain associated with the API

3 Malicious insiders (IaaS, PaaS, SaaS) -
The threat of a malicious insider is well-known to most organizationsThis threat is amplified for consumers of cloud services by the convergence of IT services and customers under a single management domain, combined with a general lack of transparency into provider process and procedure. For example, a provider may not reveal how it grants employees access to physical and virtual assets, how it monitors these employees, or how it analyzes and reports on policy compliance.
Remediation-
-Enforce strict supply chain management and conduct a comprehensive supplier assessment.
-Specify human resource requirements as part of legal contracts.
-Require transparency into overall information security and management practices, as well as compliance reporting.
-Determine security breach notification processes.

4 Shared technology issues (IaaS)-
Sharing infrastructure is a way of life for IaaS providers. Unfortunately, the components on which this infrastructure is based were not designed for that. To ensure that customers don't thread on each other's "territory", monitoring and strong compartmentalization is required, not to mention scanning for and patching of vulnerabilities that might jeopardize this coexistence.
Remediation -
Implement security best practices for installation/configuration.
-Monitor environment for unauthorized changes/activity.
-Promote strong authentication and access control for administrative access and operations. Enforce service -level agreements for patching and vulnerability remediation.
-Conduct vulnerability scanning and configuration audits.

5 Data loss or leakage( IaaS, PaaS, SaaS)-
There are many ways to compromise data. Deletion or alteration of records without a backup of the original content is an obvious example. Unlinking a record from a larger context may render it unrecoverable,
as can storage on unreliable media. Loss of an encoding key may result in effective destruction. Finally, unauthorized parties must be prevented from gaining access to sensitive data. The threat of data compromise  increases in the cloud, due to thenumber of and interactions between risks and challenges which are either unique to cloud, or more dangerous because of the architectural or operational characteristics of the cloud environment.
Remediation - 
-Implement strong API access control.
-Encrypt and protect integrity of data in transit.
-Analyzes data protection at both design and run time. Implement strong key generation, storage and management, and destruction practices. Contractually demand providers wipe persistent media before it
is released into the pool.
-Contractually specify provider backup and retention strategies.

6 Account or service hijacking(IaaS, PaaS, SaaS)  -
Account or service hijacking is not new. Attack methods such as phishing, fraud, and exploitation of software vulnerabilities still achieve results. Credentials and passwords are often reused, which amplifies the impact of such attacks. Cloud solutions add a new threat to the landscape. If an attacker gains access to your credentials, they can eavesdrop on your activities and transactions, manipulate data, return falsified information, and redirect your clients to illegitimate sites. Your account or service instances may
become a new base for the attacker. From here, they may leverage the power of your reputation to launch subsequent attacks.
Remediation - 
-Prohibit the sharing of account credentials between users and services. Leverage strong two-factor authentication techniques where possible.
-Employ proactive monitoring to detect unauthorized activity.
-Understand cloud provider security policies and SLAs

7 Unknown risk profile ( IaaS, PaaS, SaaS) - 
One of the tenets of Cloud Computing is the reduction of hardware and software ownership and maintenance to allow companies to focus on their core business strengths. This has clear financial and operational
benefits, which must be weighed carefully against the contradictory security concerns — complicated by the fact that cloud deployments are driven by anticipated benefits, by groups who may lose track of the
security ramifications. Versions of software, code updates, security practices, vulnerability profiles, intrusion attempts, and security design, are all important factors for estimating your company’s security posture.
Information about who is sharing your infrastructure may be pertinent, in addition to network intrusion logs, redirection attempts and/or successes, and other logs. Security by obscurity may be low effort, but it can result in unknown exposures. It may also impair the in-depth analysis required highly
controlled or regulated operational areas.
Remediation -
-Disclosure of applicable logs and data.
-Partial/full disclosure of infrastructure details (e.g., patch
levels, firewalls, etc.).
-Monitoring and alerting on necessary information

Cloud computing and Grid computing

Cloud computing is the use of a 3rd party service(Web Services) to perform computing needs. Here Cloud depicts Internet . With cloud computing, companies can scale up to massive capacities in an instant without having to invest in new infrastructure. Cloud computing is benefit to small and medium-sized businesses. Basically consumers use what they need on the Internet and pay only for what they use. Cloud computing incorporates infrastructure as a service (IaaS), platform as a service (PaaS) and software as a service (SaaS) as well as Web 2.0 Cloud computing eliminates the costs and complexity of buying, configuring, and managing the hardware and software needed to build and deploy applications, these applications are delivered as a service over the Internet (the cloud).

Grid computing is a form of distributed computing whereby resources of many computers in a network is used at the same time, to solve a single problem. Grid systems are designed for collaborative sharing of resources. It can also be thought of as distributed and large-scale cluster computing Grid computing is making big contributions to scientific research, helping scientists around the world to analyze and store massive amounts of data by sharing computing resources 

Cloud   — Full private cluster is provisioned

— Individual user can only get a tiny fraction of the total resource pool

— No support for cloud federation except through the client interface

— Opaque with respect to resources

•Grid

— Built so that individual users can get most, if not all of the resources in a single request

— Middleware approach takes federation as a first principle

— Resources are exposed, often as bare metal

 

 

Types of Virtualization

Operating System Virtualization -
 The use of OS-level virtualization or partitioning (such as LPARs, VPARs, NPARs,Dynamic System Domains, and so on) in cloud architectures can help solve some of the core security, privacy, and regulatory issues that could otherwise hinder the adoption of cloud computing.For example, OS virtualization such as that provided by Solaris. Containers makes it possible to maintain a one-application-per-server deployment model while simultaneously sharing hardware resources. Solaris Containers isolate software applications and services using software-defined boundaries and allow many private execution environments to be created within a single instance of the Solaris OS. Each environment has its own identity, separate from the underlying hardware, so it behaves as if it’s running on its own system, making consolidation simple, safe, and secure. This makes it possible to reduce the administrative overhead and complexity of managing multiple operating systems and improve utilization at the same time.

Platform Virtualization -
 Platform virtualization allows arbitrary operating systems and resulting application environments to run on a given system. There are two basic models for this system virtualization: full virtualization, or a complete simulation of underlying hardware, and paravirtualization, which offers a “mostly similar” model of the underlying hardware. These are implemented as Type 1 hypervisors, which run directly on hardware, and Type 2 hypervisors, which run on top of a traditional operating system. Each of the top virtualization vendors offers variations of both models. It’s important to realize that there are design and performance trade-offs for any model of system virtualization.Generally, the more abstract the OS is made  from the underlying hardware, the less hardware-specific features can be accessed. Increased OS abstraction can also increase the potential for performance reduction and limitations.

Network Virtualization -
 Load-balancing techniques have been a hot topic in cloud computing because, as the physical and virtual systems within the cloud scale up, so does the complexity of managing the workload that’s performed to deliver the service. Load balancers group multiple servers and services behind virtual IP addresses. They provide resource-based scheduling of service requests and automatic failover when a node fails. While hardware balancers may outperform software-based balancers, their flexibility is always limited. Engineers end up either writing software that interacts with hardware via a suboptimal user interface or using a large number of computers to solve the problem. A significant challenge in cloud computing networking is not just the provisioning of individual virtual network interfaces to a given virtual environment, but also the increasing need of cloud infrastructures to offer a more complicated virtual private datacenter, which provisions a set of different system roles and the logical interconnections between those roles.

Application Virtualization- 
There is also a software angle to “containers” within the cloud. The Web container technology implemented in the cloud greatly impacts developer productivity and flexibility.The Web container is the part of the application server that manages servlets, JavaServerTM Page (JSP) files, and other Web-tier components. But not all Web container technologies are created equal. Apache Tomcat, for example, is a popular open-source Web container technology, but it has limitations for developers who want to go beyond Web-tier applications. If an application needs to use persistence, clustering, failover, messaging, or Enterprise Java Beans (EJBTM), these capabilities have to be added to Tomcat one by one, whereas the GlassFish™ Project provides an integrated collection of Java EE containers that delivers all of these capabilities. Today, most cloud computing offerings concentrate on platform virtualization, and the developer chooses the OS and development platform. But increasingly public clouds and certainly private clouds will offer higher-level development environment programming abstractions. Over time, we might expect the level of abstraction that the developer interfaces with to move gradually upward as more functionality percolates down into the platform.