Page 140 - Cloud Essentials
P. 140

confiscated that hosts both part of your legitimate service as well as an

                     illegal service.
                      The risk that network connectivity between consumers and providers is
                     interrupted or impaired.


                  Another item to consider is fate sharing; one malevolent cloud customer
               could  misuse  the  cloud  infrastructure  (for  example,  sending  spam  email),
               which could result in a cloud provider network (which might include your

               organization)  being  blacklisted.  Assuming  your  organization  uses  hosted
               email, the result would be legitimate mail from within your organization not
               reaching its destination—a serious impediment.


               Service Level Agreement
                 Services  rendered  by  cloud  providers  are  accompanied  by  an  SLA.

               Important  components  of  an  SLA  are  a  description  of  the  functionality
               offered,  for  example,  e-mail  service;  the  uptime  that  is  guaranteed,  for
               example,  99.5  percent;  the  speed  with  which  the  service  operates,  for
               example, web pages load within two seconds and email is delivered within
               two minutes; and a financial paragraph that explains the cost structure and
               penalties. Cloud SLAs might include clauses related to where data will be

               physically  stored  and  replicated  or  perhaps  which  disaster  recovery
               procedures will be followed.


               Legal Implications   A service provider executes a number of processes on
               behalf of the customer, such as accepting logins from users. It might actually
               also  handle  identity  provisioning.  Legal  uncertainties  can  arise  around
               accountability for these processes. Suppose that somebody gains access to

               the service, without having the right to do so. Who is responsible for any
               resulting damages? Resolving these issues requires a mixture of technical
               measures, appropriate auditing and logging, and contractual agreements.


               Licensing      With  cloud  services,  traditional  licensing  models  can  fail
               because they are tied to a quantitative measure that is no longer relevant or
               even desirable. Often software would have license costs that recurred on a
               yearly basis tied to the number of CPUs that were installed. When servers

               are elastically commissioned and decommissioned on an hourly basis, this
               becomes  inconvenient.  In  recent  times,  IaaS  providers  have  worked  with
               vendors  to  tie  the  licensing  cost  to  metrics  that  are  more  practical.  For
               example,  the  Microsoft  Server  2012  operating  system  has  a  Datacenter
               edition that allows an unlimited number of licensed virtual machines running



                                                          140
   135   136   137   138   139   140   141   142   143   144   145