What is the first step of application security? What is this step regardless of whether the process involved is DevOps or traditional silos? We have heard many answers before, such as architecture, code analysis, hardening, risk analysis, etc. But we have not really talked about the intersection of the user, application, data, and system. Perhaps this is part of architecture, but I see this as a need for all applications. Security must be able to protect the data and, simultaneously, the user. Security is about the traditional availability, confidentiality, and integrity as well as privacy these days. Continue reading Application Security: What Is the First Step?
There is an old saying, “the definition of insanity is to repeat the same thing over and over and expect a different result.” The way many enterprises are approaching the cloud, insanity would be a great way of classifying it. When we look across most enterprises, we see a collection of technologies from every era of computing. We have just about every vendor solution imaginable—often multiple versions of products from the same vendor—and a hodgepodge of architectures that makes spaghetti look organized.
For over a year now, a large number of industry experts have been asking questions like “is PaaS becoming just a feature of IaaS?,” “is PaaS dying?,” “do you really need a PaaS?,” and “is PaaS dead?” This has raised great deal of passionate debate in Twitter-land and other social media outlets, although supporters of stand-alone PaaS solutions are mostly those who are employed by vendors of those solutions. Continue reading The War on PaaS
The twenty-first century has brought with it the rise of virtualization and cloud computing, along with the ascent of social media. Nowadays, it appears that a solid majority of people have participated in some sort of social media outlet, such as Facebook, Twitter, Yammer, SocialCast, and SnapChat, just to name a few. There is no arguing that there aren’t a number of good things about social media, like the ability to more easily keep in touch with family and friends, but have you ever considered the idea of using social media to keep in touch with your servers? Could having social servers be beneficial in your environment?
One of the great advantages of the public cloud is its elasticity, the ability it gives systems to provision and deprovision resources as workloads increase and decrease. Much has been written about how building RESTful services is crucial to deploying elastic services in the cloud. I concur that writing code loosely coupled with the underlying infrastructure and abstracting things like business rules, business processes, and systems configurations into independent modules is a key to elasticity. What I have not seen discussed enough is how we should be abstracting the different types of server farms away from each other to eliminate tightly coupled dependencies between compute resources. Continue reading Designing for Elasticity
I recently spent a fruitless afternoon on the public PaaS version of Cloud Foundry. In this post, I document an equally fruitless afternoon spent on Red Hat’s OpenShift. It think it is fair to say that OpenShift has some advantages over Cloud Foundry for public PaaS. OpenShift feels more comfortable, its integration of a build server introduces a lot of flexibility into its deployment, it makes it easier to know what is going on, and it seems to have more documentation and more discussion on the forums. However, once you veer away from the standard use case, it doesn’t work terribly well. Ultimately, I failed to get it to do what I wanted, but maybe it was just too hard.