Blog of a Sentimental Data Digger
Cloud Expo Asia is the most definitive gathering of cloud thought leaders, visionaries and practitioners in the world took at the Suntec Exhibition Centre, Singapore on the 29th and 30th October 2014 and was closed with a record-breaking number of over 9,000 delegates in attendance.
Collocated with Data Centre World Asia, Asia Pacific’s leading event for data centre professionals and CloudAsia, the conference, it brought together operators, enterprises and experts from the cloud computing eco-system in a conference programme. It is an excellent platform for the regional and international cloud computing industry, comprising of a case-study driven programme, a research and innovation programme and a track focused on the latest technology and solutions in Cloud Computing and Data Centre
The highlight of Cloud Expo Asia 2014, focusing on cloud computing which is quickly gaining traction was that global trends suggest cloud computing will pave the road to the future the next phase of growth for enterprises..
Speaking at the opening of CloudAsia 2014, IDA Singapore assistant chief executive, Khoong Hock Yun said that Singapore will look increasingly to the cloud on its journey to be a smart nation. The Cloud will be crucial to achieving Singapore's "Everyone, Everything, Everywhere, All the time" goal of collecting and comprehending data for better services for the nation. He said that every year, cloud computing continues to gain momentum as more companies grasp the nimble, versatile and flexible nature of the cloud. Cloud adoption in Singapore continued to grow strongly last year with cloud spending among enterprises at about S$512 million. This is expected to almost double to about S$1 billion by 2018.
Small and midsize businesses (SMBs) in Singapore are expected to spend S$520 million (US$415.26 million) on cloud this year, putting most of their dollars in infrastructure-as-a-service (IaaS).
IDA consider Cloud Computing Ecosystems as a key to Singapore's Smart Nation Platform, conceived “to tackle difficult urban challenges in areas such as healthcare and energy, we need to capture and analyze massive amounts of data, and use that situational awareness to take meaningful actions.”[i]
Singapore reaffirmed its commitment to the cloud with a number of announcements around the technology like the its Cloud Service Provider Registry (CSP Registry) with near-real-time analytics, and the world's first Multi-Tier Cloud Security Singapore Standard last year to help users gain clarity over security provisioning by CSPs
Singapore has unveiled new initiatives in data analytics and cloud including a data-as-a-service (DaaS) pilot, as the government looks to drive further drive its smart nation ambition.
The IDA announced a new trial aimed at increasing "the visibility of datasets" and enabling content providers to evaluate the quality of their datasets through a set of Data Quality Metrics. "Currently, there is no coherent mechanism for users to easily discover private-sector datasets made available from data providers across the various industry sectors.
"The DaaS platform, also named the Federated Dataset Registry (FDSR), is intended to enable a mechanism to ease dataset discovery," said IDA in a statement. It added that the registry comprises various individual Dataset Registries (DSRs) based on the open source data portal platform, CKAN (Comprehensive Knowledge Archive Network).
There are currently 11 data providers participating in the pilot including DHI Water & Environment, which provides data on water and environment, Hutbitat and StreetSine Singapore, both of which offer real estate data, and Sense Infosys, which provides maritime logistics data.
Scheduled to run until March 31, 2016, the DaaS pilot will allow IDA to gather feedback and assess the platform. To encourage participation, the ICT regulator has roped in Amazon Web Services (AWS) to offer cloud computing services to the first 25 data providers that sign on for the trial. The cloud vendor will provide usage credits worth US$3,000 each to the 25 participants, which can then redeem the credits to host their dataset registries or datasets with AWS.
Participants in the DaaS pilot will operate their own DSR, which will run on their own infrastructure such as a web server or cloud data center. Each registry should carry a dataset catalogue maintained by the data provider, containing details of datasets including meta information and sample datasets.
IDA also urged participating data providers to provide data quality metrics for users who can then assess the quality of the datasets and compare these with other similar data. Users can then contact the data providers should they want access to the datasets to support their mobile apps, for instance, and establish a financial or licensing agreement to do so.
CPS registry allows choosing cloud vendors through registry, standards.
Announced at CloudAsia 2014, the additions will give potential cloud consumers more information on performance and availability of an operator on top of current existing static listings via the registry. This offers interested customers almost real-time analytics on how various cloud services are faring to aid them when making a choice on which CSP to use.
Currently with six vendors in the registry, The CSP Registry was conceived to engender trust through transparency for the benefit of cloud adopters by making available online information about CSPs. This was facilitated by services such as a self-disclosure form and information on a CSP's Multi-Tier Cloud Security Singapore Standard (MTCS SS) certification.
IDA is collaborating with Dynatrace (formerly known as Compuware), who will provide the free use of software tools and expertise for this monitoring, and encourage operators to make pertinent information available on the CSP Registry as well.
IDA on Wednesday also announced that "near real-time analytics" have been added to its Cloud Service Provider (CSP) Registry to provide information on the performance and availability of cloud vendors. The database previously offered only static listings of market players, providing information such as those provided on a self-disclosure form and the vendor's Multi-Tier Cloud Security Singapore Standard (MTCS SS) certification.
The additional analytics will be provided through Compuware, enabling information on the CSPs' availability and performance to be generated in near real-time, said IDA. It added that Compuware will provide free use of its software tools and expertise in monitoring the cloud vendors' performance via the registry.
Khoong Hock Yun, IDA's assistant chief executive, said during his speech Wednesday at the CloudAsia 2014 conference: "Potential cloud adopters can use the registry to compare and contrast different CSPs based on the information published, making it easier for them to decide which CSP is right for their needs."
He added in a statement that the addition of near real-time tools will better enable potential cloud adopters to understand what each provider is offering, as well as encourage greater trust
Security, however, continues to be one of the largest impediments to cloud adoption, Khoong said, which was why the IDA and the Singapore Standards Council, under the aegis of SPRING Singapore, launched the world's first Multi-Tier Cloud Security Singapore Standard (MTCS SS) last year to help users gain clarity over security provisioning by CSPs.
The MTCS SS provides specifications for CSPs to give clarity around their security service levels for customer understanding, while also increasing the level of accountability and transparency from them. Local CSPs which are keen to adopt the MTCS SS can tap on SPRING's Capability Development Grant based on their eligibility to cover up to 70% of qualifying project costs.
"The new accreditation programme provides a stringent set of criteria to ensure that certification bodies conduct good certification practices in accordance with international best practices. CSPs which are certified against the MTCS SS by accredited certification bodies will provide greater assurance on cloud security to cloud users," said Steven Tan, SPRING's group director (Quality & Standards).
While adopting the MTCS is voluntary, certification by a Certification Body will be a requirement for CSPs participating in future public cloud service bulk tenders from the Government. IDA has received 13 industry proposals for its next tender which is currently under evaluation.
"Alongside this is an encouraging takeup of the MTCS SS standard for clarity around CSPs security service levels. All of this will help in Singapore's drive to be a smart nation," he said. Launched last year, the cloud security standard was developed to help local enterprises choose a suitable cloud vendor by providing insights on the level of information security each cloud provider offers with their services.
Khoong expects more MTCS certification to be adopted soon, noting that IDA had received 13 industry proposals from CSPs from its third public cloud services bulk tender in which MTCS certification was a mandatory requirement. He added that Singapore's first liberal arts college, the NUS-Yale College, reportedly was aiming to be certified MTCS Level One for its hybrid cloud running on open technologies.
To further encourage cloud vendors to boost their cloud security competencies, he said the Singapore Accreditation Council (SAC), under the aegis of SPRING, on Wednesday launched an accreditation programme for MTCS certification. "Certification Bodies (CBs) accredited by SAC will have been assessed to meet stringent criteria of conducting good certification practices in accordance with international best practices. SAC accreditation ensures that CBs are competent in providing certification to the MTCS SS.
"As such, CSPs with accredited certification will provide greater assurance on cloud security to cloud users following the stringent certification processes in place to ensure that it meets the MTCS SS."
Khoong added that the cloud security standard is undergoing a review by IDA and the IT Standards Committee to evaluate how it can be further improved, following a second round of industry feedback that will end on November 28.
The Survey of Cloud Computing Adoption conducted at the Expo highlighted key barriers, objectives:
The Republic of Singapore is the largest and fastest-growing cloud and data centre event in Asia.
However, interest in cloud computing is one thing; adoption is a totally different ball game.
EMC Corporation in collaboration with IDG Connect conducted a survey tounderstand the state of cloud computing in Singapore. The survey, which concentrated mainly on hybrid cloud adoption, found that on-premise, private cloud solutions managed by the IT department is the most used model of cloud computing here, with 64 per cent of the respondents saying that their organisations used this model.
According to David Wirt, EMC Asia Pacific and Japan's vice-president for global services, security and/or governance stood out as the most pursued as well as the most important objectives when implementing cloud computing solutions (88 per cent and 61 per cent respectively). Concerns over security, data protection and availability are the most important barriers (45 per cent of respondents agree) to adoption and expansion in use of public cloud computing for most organisations. On the other hand, the cost associated with integrating legacy on premise systems with hybrid cloud infrastructure (29 per cent) is the most prevalent barrier to the adoption of hybrid cloud solutions.
"Flexibility, the ability to scale IT capacity up or down as required to match business
requirements is another key factor in determining the IT investment in Singapore businesses," Mr. Wirt said.
The survey showed that almost all organisations have a defined cloud computing usage and
governance policy (as many as 95 per cent of the respondents agreed) which is an indication that businesses realise the benefits of public and private cloud technologies. "Even so, security and governance remain key concerns for businesses in the adoption process."
Industries dealing with large amounts of data, such as banking and finance, insurance and healthcare are the most forward thinking in terms of cloud adoption. In contrast to the banking sector, industries such as legal, construction and commercial transport still do not feel the urgency to use cloud services.
Singapore is among the most mature countries in Asia in terms of cloud computing adoption
with the Singapore government making conscious effort to promote cloud computing in the city-state, Mr. Wirt noted. "However, on a global level Singapore is still behind some leading cloud adopters, such as the US, the UK and Germany."
The Conference focused on a few selected topics, like energy efficiency, for example.
The current state of affairs in Cloud Ecosystems adopts practical “standard today – regulations tomorrow approach” .
The Green Grid, a not-for-profit international consortium with a balanced mix of more than 200 member companies globally sees its purpose in bridging the gap between the positive impact of the growing digital universe and efficient ICT ecosystems with critical metrics, models, and best practices. The Green Grid is developing meaningful, user-centric metrics to help IT and facilities to manage better their computing resources, tools to help implement efficient computing. The Consortium is heavily engaged in promotion and training about standards, measurement methods, best practices, and technologies; collaborating with governments and other standards makers around the world to drive effective and accountable resource efficiency across the entire ICT ecosystem.
Among those the projects:
Making the foundation for future directions, working on
The Green Grid is proactively collaborating with Governments and Standards Bodies globally. For example:
In United States: Federal Data Center Consolidation (FDDC) Efforts; Energy Efficient Government Technology Act; US Department of Energy; US Environmental Protection Agency
In Japan – MIIT and GIPC; In China – MIIT, CCSR and with iDA in Singapore
Massive discussion were dedicated to the topics of Security, like advanced Persistent Threats, Data security and Compliance, Exposure of sensitive information, Security of cloud providers, Balancing Security and Risk in a Cloud Connected Enterprise.
Singapore continues to Enhance Cyber Security with a Five-Year National Cyber Security Masterplan 2018.
Anil Karmel; Founder and CEO, C2 Labs; Co-Chair, NIST Cloud Security Working Group spoke on the main pain points of the modern ICT: the Cloud, a powerful ROI with real security challenges; BYOD with mobile application management resulting in security and privacy concerns; Social, an agency data inadvertently ends up on public social networks via geotagging.
The mosaic effect of balancing time to market, cost concerns, security, manageability and risk in the move to a cloud-connected enterprise is being address with Certification/ SS 584:2013; The world’s first Multi-Tier Security Standard (MTSC), launched on 13 Nov 2013, provides opportunities, enabling certified Cloud Service Providers to specify security levels that they can offer to their users. Certification under SS 584 a requirement for CSPs participating in future public cloud services bulk tenders from Singapore Government. MTCS standard aims to foster and encourage the adoption of sound risk management and security practices for Cloud Computing by providing relevant cloud computing security practices and controls for cloud environments. The Contractor is required to be certified for the Services proposed under MTCS standard as per certification scheme defined at IDA website, which assures the required security to the customer. Contractor is to state and describe clearly the scope of certification when completing the table 5 of Annex II in Part 3. The submitted certification information such as certificates, statement of applicability, and self-disclosure may be published at a public website to be decided later.
The InfiniCortex introduce the concurrent supercomputing across the globe utilising trans-continental InfiniBand and Galaxy of Supercomputers
The project was originally motivated by a joint A*STAR, NUS, NTU, SUTD and NRF proposal comprised of two parts:
National Supercomputing Centre (NSCC)
· New 1‐2+ PetaFLOP Supercomputer
· Recurrent investment every 3‐5 years, pooling of upper‐mid to high tier compute resources at A*STAR & IHLs
· Co‐investment from primary stakeholders
Science, Technology and Research Network (STAR‐N). A high bandwidth network to connect the distributed compute resources providing high speed access to users (both public and private) anywhere, supporting transfer of large data‐sets (both locally and internally, to deepen local and international network connectivity.
The InfiniCortex Components
C. Interesting presentation: Territorial Innovative Clusters of the Regions of Russia by AIRR (Association of Innovative Regions of Russia) presenting a great overview of what is going on in Russia.
It is impossible in a short article to present all the topics covered at this conference therefore, after mentioning a few discussion I am posting a link to the presentations: Conference Programme[iii]