Projecting Infrastructure to the CLOUD CSG discussion Fall 2012 @ Princeton University.
9
Projecting Infrastructure to the CLOUD CSG discussion Fall 2012 @ Princeton University
-
Upload
cecilia-thompson -
Category
Documents
-
view
218 -
download
1
Transcript of Projecting Infrastructure to the CLOUD CSG discussion Fall 2012 @ Princeton University.
Projecting Infrastructure to theCLOUD
CSG discussionFall 2012
@ Princeton University
What do we mean by Infra?
•Identity integrations•Extending local net to cloud – Amazon VPC•Compute & Storage•Contracts, FERPA, exit strategies, Security•Sole source? Cloud vendors come & go – hedge your bets
What do we mean by Projecting?
• Deciding to engage with a provider• Figuring out how to manage user access• Determining limits of “elasticity”• Figuring out roles, escalation for on-prem
support groups• Figuring out whether/how to be responsible
for institutional data
We are NOT discussing…
What is cloud and all that sort of nonsense
4 discussion areas
• Identity, Federation & Attribute Release• Contracts• Beyond Identity• Skills & Org
Identity Integration
Federated Access anyone?Release directory info!Get your SPs into the federation!•Attribute release perceived to be complex– http://www.cmu.edu/computing/web/
authenticate/web-login/policy.html– Keep it simple. Proves powerful.
•From Iowa CSG – Net+ remains a concern in this area. Advice to vendors being developed.
Contracts…• We spend lots of time on compliance and
security issues. All good.• We don’t spend time contracting for missing
functionality and defining the relationship.– i.e. Groups integrations for Box– CMU/PSU Require joining InCommon, specific
software interop requirements• Collaborations within CSG (and beyond) – has this
been deemed successful? (Google/MS contract)• Is Net+ the answer here?– probably not the only answer?
Beyond Identity
Easy & Hard – 2 Each1. Contract2. Funding & value
proposition3. Payment4. User & stakeholder
communication, documentation, policy changes
5. User support6. De/provisioning accounts
or credentials7. Authentication8. Managing access (admins,
users, groups, sharing)
9. Security, compliance, privacy
10.Data integration11.Backup/restore12.Adequate bandwidth,
availability, capacity13.Logging & monitoring14.Service management
processes: incident, request, change, problem
Are your skills & org structure ok for this?
Yes – which?1.Provisioning – IDM team 2. Cloud strategy team – 3 have it.
No – which & why?1. Deprov2. Most do not have cloud oriented teams
