Cloud Computing, Part 2: Law, Privacy & Maturity

Written on 9:59:00 PM by S. Potter

At the CEO roundtable event I mentioned in my previous blog post about in Cloud Computing, Part 1 the other major business consideration that came up was how to protect your business' (and/or customers') assets properly. Ultimately anyone that wants to build a solid foundation for their business needs to tackle this well to be successful long-term. One person asked the speaker to elaborate about a recent case where a UK bank used servers in datacenters inside India where a datacenter employee stole customer information and used it to effectively steal money from these people's accounts for his own benefit. This could happen in any country, however, in this case this datacenter employee actually didn't break any laws inside of India (or broke one very minor law that had a very limited penalty). Ultimately this lack of relevant law and regulation in a foreign country is the major risk for a business using offshore datacenter resources. Unfortunately I didn't hear the name of the bank involved to be able to find a news article about this incident, however, the speaker had heard about this incident (it wasn't just a figment of the questioners imagination) and his response (I am paraphrasing here) was:

Countries with the most mature infrastructure, laws, regulations and standards regarding data and information law (as well as privacy) will probably be the places that larger firms will invest in for sensitive and mission critical systems of their organization despite the likely higher cost of building.
As you determine whether you are going to be a cloud consumer or provider in the future, make sure to keep an eye on these risk factors as some executives seem to only focus on the raw bottom line without conducting a thorough risk analysis to see if the cost savings are really worth the higher risks. Choose the best cloud computing partners for all your cost trimming AND risk mitigation needs.

Cloud Computing, Part 1: Delivery Models

Written on 9:10:00 PM by S. Potter

Today I went to a regional CEO Roundtable lunch talk given by Professor Roy Campbell at UIUC on Cloud Computing and why executives of any kind of business should care.

While I am not new to the concepts of cloud computing and multi-tenancy SaaS, since I have consumed various cloud services and designed multi-tenant architectures for two previous clients. However, there was one particular "overview" slide that Professor Campbell showed that got me thinking a little. It was titled Delivery Models.

It was a text slide with bullets, but I think a diagram (or two) could have communicated to the higher-level audience more than most of the first half of his presentation could have (see below and let me know if it is more effective).

I especially liked Professor Campbell's categorization of the Delivery Models. Until this lunch time I had really only considered there to be two cloud delivery models: SaaS and PaaS. I wasn't making a distinction between Amazon services like S3 and EC2 and that of Google's AppEngine. On reflection, I am glad I took two hours out of my busy Friday if only to consider the distinction made in this talk.

In a nutshell the slide has three major bullets:

  • Software as a Service
  • Platform as a Service
  • Infrastructure as a Service

Nice! Google AppEngine, essentially being an application container (that supports various frameworks now), is a platform, whereas S3 and EC2 provide infrastructure on demand.

Now unfortunately this is where Campbell left it. For those of us not unfamiliar with cloud computing, we can see the importance of this distinction so that we can develop a more solid business plan (for those of us that might be interested in using the cloud to generate revenue from). It may also help technically savvy people that aren't familiar with the cloud.

Hope this helps people make a choice between container services like AppEngine or Heroku (platform) and those such as S3 and EC2 (infrastructure) from a consumer side and perhaps those devising business models to focus on their core competencies.

Next time I want to talk about privacy, legal and compliance issues surrounding Cloud Computing as well as how business should weigh the risk of outsourcing their data handling (however that happens) to countries will less mature laws, regulation and oversight. Perhaps cloud governance would be the most appropriate term?

Alan Turing Can Now Rest In Peace

Written on 9:42:00 PM by S. Potter

While I am by no means the biggest fan of the New Labour government in my homeland (mostly due to Blair's sociopathic reign), I have to give Gordon Brown props (or at least his aids) for giving credit to Alan Turing and saying Britain, as a country, fucked up big time (sorry, I really couldn't think of another phrase that matched the intensity - I'll replace it if you suggest a good alternative).

You can read the Downing Street blog post here:
Treatment of Alan Turing was “appalling” - PM

Thanks from this particular graduate from University of the Manchester's Mathematics department who now works as a software engineer who also happens to be gay!

"Ta luv", as the Manc locals would say.

Faker, Ruby on Rails Snippet & Generator

Written on 7:07:00 PM by S. Potter

Hey blog readers (if there are any left), I know it has been a while, and I know I have left you high and dry, so today I decided I will share some code and software development thoughts with you. I am moving to a more snippet oriented blog posting style from now on. Previously I preferred long ramblings about the political ideology of programming languages and even how Ann Coulter was _more_ comprehensible when I used my Metafusion Crypto library on her words (actually that was a marketing lie - she sounded just as incomprehensible using Metafusion Crypto as she did when not using it). Of course, this was all in 2006-2007 when blogging was all about spewing small tidbits that taught the reader nothing, so I had to be different and attempt to find a reason for things. Now things are swinging so I am trying to do the opposite from the norm again. Ok, on with it. Over the last week I have been using the Rails 2.3.4 "seed" mechanism, which in essence attempts to provide 80% of seed-fu's features inside Rails core. In addition on my personal projects I have been using machinist as my factory framework of choice (although I am forced to use factory_girl for my clients), through which I was introduced to faker. A beautiful gem indeed. So to cut a long story short, I have found myself doing the following a hell of a lot in my brand new Rails 2.3.4 projects this week: # in db/seeds.rb def load_seed_files! seed_files = Dir["#{RAILS_ROOT}/db/seeds/all/*.rb"] + Dir["#{RAILS_ROOT}/db/seeds/#{RAILS_ENV}/*.rb"] seed_files.each do |file| puts "Loading seed file: #{file}" load(file) end end load_seed_files! # When I add files to the db/seeds/all directory it seed ALL environments # When I add files to the db/seeds/{development,staging,test,production} directories it seeds # for only that environment. Note: I wouldn't recommend using seeds in just staging, test or production generally. If you need seed data in these environments you _probably_ need them in all environments OR (in the case of the test environment) you need to use a factory framework like machinist or factory_girl. Now where is faker? Well it's what I use inside these .rb files where faker comes into play: # Faking a company name >> => "King-Ruecker" >> => "Cartwright, Prosacco and Smith" >> => "Pagac, Adams and Barrows" >> => "Satterfield and Sons" >> => "Blick-Deckow" # Faking a person's name >> Faker::Name.first_name => "Ruthe" >> Faker::Name.first_name => "Jameson" >> Faker::Name.first_name => "Avery" >> Faker::Name.first_name => "Jordan" >> Faker::Name.first_name => "Ruthe" >> Faker::Name.first_name => "Winona" >> Faker::Name.last_name => "Brown" >> Faker::Name.last_name => "Hayes" >> Faker::Name.last_name => "Jerde" >> Faker::Name.last_name => "Lindgren" >> Faker::Name.last_name => "Considine" >> Faker::Name.last_name => "Rodriguez" >> Faker::Name.last_name => "Turner" >> => "Mekhi Lebsack" >> => "Esteban Brown" >> => "Velma Crona" >> => "Rollin Zemlak" >> => "Casper Sanford" # My favorite is coming up with BS (yes, BS is what you think it is): >> => "redefine ubiquitous e-commerce" >> => "synergize viral e-business" >> => "innovate real-time experiences" >> => "aggregate scalable systems" >> => "e-enable back-end functionalities" >> => "implement 24/365 models" So the point of faker, if you haven't already figured out is that it generates data the way you would probably have in production so you are generating meaningful data in your development environment(s) where you want to show your client what the interface will look like with data inside. Now a word of caution: I would not advise you to use this in an end-user facing test environment. I sometimes call that staging or qa, but ultimately it is an environment where real end-users or clients test out the features in a stable environment (not development or continuous integration environment) so they can sign off on your stories. In these environments you should let the user create the data themselves using the admin forms or whatever UI you provide them because you want to see how they will break the system (and we all know they will somehow). It gives you a much better indication of how things will end up working in production, which is very important. Thanks for reading and let me know if this is yet again too rambly? How does it happen? I have the best intentions to just blurt out tidbits with no nuance, yet I always end up rambling on about things and give it a thought process (well sort of). Anyone want to be my editor to strip out all thought and insight so I can be just blog brainless "tip" blog posts like everyone else in the Rails community that wanted to be a micro celebrity (trust me I couldn't handle that kind of paparazzi attention and I don't even have a Macbook Pro to sling over my shoulder in a fashionable messenger bag)? I can't pay you anything, but you could share in my measely $0.63 that Google Adsense pays me each month (actually they don't actually pay until a threshold is met). You could buy one third of an MP3 from iTunes each month. Any takers? What an awesome deal! No really! PS Coming soon a simple generator and Rails application template (or applate as I like to call them) that will set you up with this so you don't have to copy and paste all the time. It'll be on Ta ta. Update: As Damien in the comments pointed out indirectly, I really didn't do Faker justice. Please read the Faker RDocs for more information.