Public Authorities should consider, when they plan their Cloud strategy, the deferent service categories of Cloud Computing [[i]]:
- Software-as-a-Service (SaaS): The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser (e.g., web-based email), or a programming interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.
- Platform-as-a-Service (PaaS): The capability provided to the consumer is to use the provider’s development platform (programming languages, libraries, services, and tools) in order to create, test and host new applications. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application-hosting environment.
- Infrastructure-as-a-Service (IaaS): The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources in order to build a customized computing environment. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, and deployed applications; and possibly limited control of selected networking components (e.g., host firewalls).
The figure on the right depicts the various control responsibilities that cloud customers and providers have in IaaS, PaaS, and SaaS environments [[ii]].
SaaS is not applied in case that the Public Authorities want to deploy their existing applications to a Cloud Environment. In that case, they have to select between IaaS and PaaS. To decide which of the two options (IaaS or PaaS) they will follow, the Public Authorities should evaluate the pros and cons of each solution. On the one hand, the IaaS offers excellent flexibility, as it does not require architectural changes to the applications and full control of the resources used for the deployment. However, it increases the deployment complexity, as the application owners must take care of installing and configuring all the components for high availability and scalability. On the other hand, the PaaS “hides” the complexity of the underlying infrastructure and allows developers to deploy their web applications to the cloud without having to take care of the infrastructure. However, the applications may require significant changes to comply with the PaaS principles and take full advantage of high availability and scalability features. In particular, as application instances are ephemeral and can be started, stopped or fail at any time, they must be stateless and share nothing. All persistent data must go to external services (e.g. databases, file storage, message queues and caches) [[iii]].
The STORM CLOUDS approach
The STORM CLOUDS Platform enhances the IaaS solution with two modules that provide the high-availability and scalability features in a way that is transparent to the application owners. By accompanying the IaaS layer with the Data Service layer and Access layer, the data and the HTTP traffic management are delegated to the platform while the application’s business logic is still contained on the VM(s). This approach offers great flexibility as it does not require architectural changes to the applications but also keeps the deployment complexity low because the application owner “leverages” the high-availability and scalability features of the platform. The only drawback of this solution comparing with the SaaS is that the application owners are not entirely independent from platform administrators as the later should configure the high-availability and scalability features per application.
The following table summarises the different application migration options supported by SCP [[iv]].
|Full IaaS||All the application components are deployed on VM(s) explicitly managed by the application owner||+ No architectural change of the application
+ Full control on the resources used for the deploymen
|– High deployment complexity because the application owner must take care of installing and configuring all the components for high availability and scalability|
Data Service Layer
|Data and HTTP traffic management are handled by the platform, while the application business logic is still deployed on VM(s)||+ No architectural change of the application
+ Less deployment complexity because the application owner ‘leverages’ the high-available and scalable features of the platform layers
|– Because of the centralized administration of the shared functions (e.g. data service layer), application owners cannot deploy their applications in full autonomy|
Data Service Layer
|Data Service Layer Applications are hosted on the PaaS Layer and use the Data Service Layer for storing data||+ No infrastructure management required by the user (the platform does it for her)||– Applications may require significant changes to comply with PaaS principles|
[iv]Battarra M, et al., Storm Clouds Platform: A Cloud Computing Platform for Smart City, Applications in Smart Cities and Cloud Computing Special Issue, Journal of Smart Cities