Cloud Zone is brought to you in partnership with:

JP Morgenthal is an internationally renowned thought leader in the areas of IT transformation, modernization, and cloud computing. JP has served in executive roles within major software companies and technology startups. Areas of expertise include strategy, architecture, application development, infrastructure and operations, cloud computing, DevOps, and integration. He routinely advices C-level executives on the best ways to use technology to derive business value. JP is a published author with four trade publications. Hist most recent is “Cloud Computing: Assessing the Risks”. JP hold both a Masters and Bachelors of Science in Computer Science from Hofstra University. Jp is a DZone MVB and is not an employee of DZone and has posted 34 posts at DZone. You can read more from them at their website. View Full User Profile

Resiliency is a Key Cloud Characteristic

  • submit to reddit

Just finished reviewing the latest draft update to the National Institute of Standards and Technology (NIST) publication 800-145 “The NIST Definition of Cloud Computing”. This publication is rapidly becoming the accepted defintion within the US Federal government of Cloud Computing and, for the most part, it’s a rather decent treaty of the topic and capture of the key taxonomy. However, the listed essential characteristics of this document have always seemed lacking to me, but until today, I couldn’t quite put my finger on what I believed was missing—Resiliency. The NIST publication lists on-demand self-service, broad network access, resource pooling, rapid elasticity and measured services as the five key essential characteristics that comprise the Cloud Computing model. Indeed, in the paragraph that precedes this list, they even state, “This cloud model promotes availability…” Yet, how is availability promoted if one of the key essential characteristics is not resiliency?

Resiliency is the ability of the Cloud to provide availability in face of catastrophic failure of individual components and facilities. Without this one defining factor, I would argue, it would be inappropriate for any business or government to choose Cloud Computing as an alternative option. While it’s true that within providers, such as Amazon, Rackspace, Joyent, you can model Continuity-of-Operations (COOP) into your systems, these providers leave the design and deployment of this option as an exercise to the consumer, while I argue that it should be inherent in the service package.

This raises the question for me, is NIST’s defintion merely a lowest common denominator of the available service provider offerings on the market today rather than setting the expectation for what a consumer should expect from a Cloud provider? If so, that would be disappointing to learn that our government thought leaders are simply mouthpieces for the vendors. I believe NIST needs to set the bar high with it’s expectations of what defines Cloud Computing and resiliency, failover and COOP should all be key essential characteristics of that entity.

Indeed, I’ll go so far as to say that this should be the default state of the Cloud and offer options to consumers to mark things as volatile at a reduced cost versus the alternative approach that is assumed now that everything is volatile and persistent needs to be specifically designed into the deployed Cloud solution. After all, don’t we already expect this from Cloud providers, such as Google and Facebook? We don’t expect one day we will log on to one of these provider’s services and receive the message, “sorry, we crashed and all your data is gone,” so, why should we believe this is not a tenant worthy of defining the Cloud?


Published at DZone with permission of Jp Morgenthal, author and DZone MVB.

(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)