work - up in the cloud- cloud computing and gis - submitted
TRANSCRIPT
Up in the Clouds:Cloud Computing and GISCloud Computing and GIS
Peter Veenstra/Jason CraditWillbros Engineering
Overview
• Technical Overviewo Part I - Terminology - What is the cloud? o Part II - Security - How secure is enough?o Part III – Cloud Computing and GIS – The practical o Part III – Cloud Computing and GIS – The practical
and potential?• Summary and Thoughts
Introduction
• This is not a paper arguing for or against Cloud Computing.
• This is a wide-ranging and complex topic.• New stuff every day• New stuff every day
• Focus is on explaining cloud computing.• Examine current applications and future
applicability of pipeline GIS in the Cloud.
Part I: Cloud ComputingTerminology, Definitions, Rationale
What is Cloud Computing?Cloud:
noun 1. a visible mass of condensed water vapor floating in the atmosphere, typically high above the ground.
verb 2. figurative [trans.] make (a matter or mental process) unclear or uncertain; confuse.“
The first meaning of the term cloud is pretty straightforward.
However, when you add 'computing' to it, you get an approximation of the second definition: something unclear and nebulous.
What is Cloud Computing?Cloud:
noun 1. a visible mass of condensed water vapor floating in the atmosphere, typically high above the ground.
verb 2. figurative [trans.] make (a matter or mental process) unclear or uncertain; confuse.“
The first meaning of the term cloud is pretty straightforward.
However, when you add 'computing' to it, you get an approximation of the second definition: something unclear and nebulous.
51% Of People Think Stormy Weather Affects 'Cloud Computing'
What is Cloud Computing?Intelligence and National Security Alliance
(INSA) defines the cloud as follows:Cloud Computing as an adjective: a
method of computing that provides It capacity in elastic ways to expand to meet user needs and contract when demand decreases.
Cloud:noun 1. a visible mass of condensed water
vapor floating in the atmosphere, typically high above the ground.
verb 2. figurative [trans.] make (a matter or mental process) unclear or uncertain; confuse.“
Cloud Computing as a noun: an infrastructure of on-demand capabilities using virtualized resources. This involves pools of storage, network, processing, and other computational resources that can be efficiently allocated when requested and quickly provisioned in a highly automated fashion.
51% Of People Think Stormy Weather Affects 'Cloud Computing'
What is Cloud Computing?
What is Cloud Computing?
Terminology and Definitions
• Deployment Model:o Public, Private or Hybrid Clouds
• Service Model:o PaaS - Platform as a Service (Build)o PaaS - Platform as a Service (Build)
I need computers to do stuffo IaaS - Infrastructure as a Service (Host)
I need specific computers to host specific softwareo SaaS - Software as a Service (Consume)o IaaS and PaaS is what we use to create SaaS
• Intrastructure Components
What is Cloud Computing?• Cloud computing is IaaS\PaaS business
model. Lease or rent the computers that you need as you need them.
• Not only the computers but the software on top of them (SaaS)
•top of them (SaaS)
• Five characteristics of cloud computing:1. On-demand self-service 2. Ubiquitous network access 3. Location independent resource pooling 4. Rapid elasticity 5. Measured service with pay-per-use
Source: INSA White Paper - ttp://www.insaonline.org/assets/files/White%20Papers/INSA_Cloud_Computing_2012_FINAL.pdf
Reasons for using Cloud Computing• CapEx to Opex – Avoid the IT Cue• Extends capabilities of IT• Focus on business not IT (Getting things done)• Standardization of Infrastructure (Abstraction)• Ubiquitous access (TCPIP)•• Ubiquitous access (TCPIP)• Elastic (Expand to meet demand)• Service based - get billed for what you use• Speed - deployment and access• Cheap(er) (Superior Economics)• On Demand (No long term contracts)• Application and OS Independent• Free of SW/HW Installation (Log in and go)
The Players (some of them…)
The Perfect Storm for Cloud Computing• Hardware – smaller and faster, cheaper• Commoditization• Internet Availability (4G, Fiber, Wireless)• Generation Factor (I wanna …)•
(Technology Innovation x Commoditization) +
(Internet Availability x Commoditization) +
(Generation Factor x Commoditization)
= Perfect Cloud Computing Storm
• Generation Factor (I wanna …)• Software as a service• Knowledge Commoditization
Part II: SecurityDiscussion of Security
Cloud vs. On-Premise Security
• IT Security considerations are the same for in premise or on the cloud!
• Confidentialityo Keeping information confidentialo Keeping information confidential
• Integrityo Keeping information unaltered unless authorized
• Availabilityo Ability to have information available when requested
Inherent Security
• Geographically disparate o No ice storm, earthquake, hurricane can bring it
down - impacting availability (if designed appropriately)
Inherent Security
• Geographically disparate o No ice storm, earthquake, hurricane can bring it
down - impacting availability (if designed appropriately)
• Massively redundant infrastructure• Massively redundant infrastructureo Multiple networks, servers hard-drives...etc...
Inherent Security
Inherent Security
• Geographically disparate o No ice storm, earthquake, hurricane can bring it
down - impacting availability (if designed appropriately)
• Massively redundant infrastructure• Massively redundant infrastructureo Multiple networks, servers hard-drives...etc...
• Business Reputationo They have more skin in the game - no ability to hide
security incidents
Cloud security is a shared responsibility• Cloud providers secure their infrastructure better
than youo ISO 27001o FISMA - Moderateo PCI DSS o SAS 70 Type IIo SAS 70 Type II
• YOU own the responsibility for securing the application layer (Hypervisor)o Use private cloud spaceso Encrypted data; in-flight and at-resto Two Point Authentication (2FA)
• Service Level Agreement (SLA)• Security’s weakest link: People
Legal Concerns
• Critical Infrastructures Act of 2002• US Department of Transportation (PHMSA)
subscribes to a voluntary security modelo No current regulations for CyberSec - coming?o No current regulations for CyberSec - coming?o Guidelines available
American Pipeline Institute - ISO 27001/2 Department of Homeland Security
Transportation Sector-Specific Plan (NIST)
• You can implement all of these security standards in the cloudo SOX, ISO 9000, ISO 27000
Security Organizations\Policy
• Cloud Security Council (Alliance Congress)o https://cloudsecurityalliance.org/research/spac/
• InfraGardo http://www.infragard.net/
•o http://www.infragard.net/
• Intelligence and Nation Security Allianceo http://insaonline.org/index.php?id=746
• Pipeline Cloud\Regulations\Cyber Securityo http://www.fas.org/sgp/crs/homesec/R42660.pdf
Security: Final Comments• In 2011 the CIO of the United States called for moving $20 Billion, or
one quarter of all federal IT spending into the cloud. o Department of Homeland Securityo US Citizenship and Immigrationo US Dept. of Justiceo FEMAo FAA
Recovery.govo Recovery.govo US Dept. Agriculture – (Email 27 to 1, Data Portability Built-In)o Intelligence and National Security Alliance (INSA)
"A lot of people are sort of driving this notion of fear around security, and the reason I think that's been amplified, frankly, is because it preserves the status quo.“ “The U.S. also has a rule to pull funding from any IT project that isn't delivering value six months from implementation” -Vivek Kundra, Federal CIO
• Increases competition among providers for Government Services (https://www.apps.gov)
• Amazon GovCloud (http://aws.amazon.com/govcloud-us/)
Source: ComputerWorld - 07/2011 - http://www.computerworld.com/s/article/9218702/Cloud_security_fears_exaggerated_says_federal_CIO
Part III: GIS and the Cloud
Examples, Discussion, & Terminology
What is GIS?• Traditionally pipeline GIS has been
implemented in a server, with a RDBMS, using a data model (networked, linear referencing) X,Y,Z
X,Y,Z
X,Y,Z
X,Y,Z
o Data Warehouse, Business Intelligence, Analytics
• Part of IT• A integration point for other
systems based on ability to manage or be the ‘system or record’ for location
X,Y,Z
GIS in the Cloud• IaaS\PaaS (Cloud Utilization)
o ArcGIS Server for Amazon EC2o Open Geo Suite (Skygone\Amazon EC2)• SaaSo Basic mapping services
ArcGIS Online\Google Earth Fusion Tables\Open Street Map ArcGIS Online\Google Earth Fusion Tables\Open Street Mapo Value added geoprocessing services
ArcGIS Online\Google Earth Builder\Google Maps Engine\MapBox\GeoIQ\CartoDB\eSpatial
http://itouchmap.com/latlong.html http://www.batchgeo.com
o Specialty Applications Socium – Data Validation ESRI Business Analyst – Business Retail Location Digital Map Products – Government and Real Estate
Source: http://www.directionsmag.com/articles/navigating-through-the-nebulous-arena-of-the-cloud/259505
GIS Cloud (A sampling, in alphabetical order…)
1Spatial - http://www.1spatial.com/Amazon - http://aws.amazon.com/Amazon Map API - https://developer.amazon.com/sdk/mapssignup.htmlCartoDB - http://cartodb.com/CloudMade - http://cloudmade.com/DigitalMap - http://www.digmap.com/ESpatial - https://www.espatial.com/ESRI – http://www.esri.com/ … http://www.arcgis.com/about/GeoCommons - http://geocommons.com/GeoCommons - http://geocommons.com/GeoIQ - http://www.geoiq.com/Geoloqi - https://geoloqi.com/GIS Market Place - https://www.thegismarketplace.com/Google – https://www.google.com/Leaflet - http://leaflet.cloudmade.com/MapBox - http://mapbox.com/MapShaper - http://mapshaper.com/test/MapShaper.swfOGR Simple Feature Libarary - OGR Simple Feature Library - http://www.gdal.org/ogr/OpenGeo Suite – http://opengeo.org/products/suite/cloud/Open Streetmap - http://www.openstreetmap.org/QGIS Cloud - http://qgiscloud.com/SkyGone Cloud - http://skygoneinc.com/Socium - http://www.socium.co.uk/
Pipeline GIS Cloud Potential• Staging and Deployment, Rapid Development• Operational GIS• Operational Data Store (ROV\ILI)• Situational Awareness (Story Board, Media, Risk)• Visualization (Wow!, Lightweight)• Scalable Map Services•• Scalable Map Services• Real Time Data Integration (Scada, ILI, Tracking)• Geo-Collaboration (VGI, Tag, Parse, Target - RISK)• Street View (3D View, Altered Reality - HCA)• Non SQL Databases (10Gen\MongoDB)• Data Verification (MAOP, RISK, What we don’t know …)• …
Source: http://www.informationisbeautiful.net/
Pipeline GIS Cloud Potential{"ok": 1,"results": [{"ADJEFFECTIVEAREAFPR": "","ALTSERIESEVENTID": "{599c60cc-303f-4e17-a879-cecb888936ee}","CLVALIDITYTOLERANCE": 0,"WIDTHIN": 1.1019999980926514,"ACTIVITYNAME": "1804_GreenCastle to NorthYork_HRMFL_2008","FEATURETYPE": "Metal Loss","INTERNALEXTERNAL": "External","B31GFPR": "","SUBTYPE": 1,"DEPTHPERCENT": 13,"STATION": 1043844.4,"ILIDATALINKID": "","USWELDFT": 6.565,"EFFECTIVEAREABURSTPSI": "","HISTORICALSTATE": "Current","PROCESSFLAG": "","MODB31GFPR": "",
"MODB31GBURSTPSI": "","OBJECTID": 1107,"LASTMODIFIED": {"$date": 1267574400000},"ADJMODB31GFPR": "","LONGITUDE": "","GROUPEVENTID": "","REMARKS": "","OPERATIONALSTATUS": "Active","MODIFIEDBY": "U123912","CREATEDBY": "U123912","CREATEDDATE": {"$date": 1267574400000},"Y": 4841713.534124777,"X": -8543827.866135158,"EFFECTIVEFROMDATE": {"$date": 1267574400000},"JOINTLENGTH": 38.5,"GROWTHRATE": "","ADJDENTDEPTHPERCENT": "","EVENTID": "{97C7A0FF-5F57-4BDC-8515-BCC58930E6D8}","ALTSTATION": 1041389.4,
Source: http://www.informationisbeautiful.net/
"MODB31GFPR": "","VENDORDISTANCE": 333649.797,"B31GBURSTPSI": "","ORIENTATION": " 06:15","ANOMALYREMEDIATED": "No","ADJEFFECTIVEAREABURSTPSI": "","SUBTYPENAME": "Anomaly","ALTITUDE": "","CIRCBENDSTRAINPERCENT": "","ADJB31GFPR": "","MODB31G85DLBURSTPSI": 1925.3190000000002,"EXTSTRAINPERCENT": "","CLEDITRESPONSE": "1","ADJMODB31G85DLFPR": "","EFFECTIVETODATE": "","EFFECTIVEAREAFPR": "","LENGTHIN": 0.8270000219345093,"LONGBENDSTRAINPERCENT": "","ADJFIG4REPAIRBYDATE": 2038,"ADJDEPTHPERCENT": "","WALLTHICKNESS": 0.31200000643730164,"ACTIVITYEVENTID": "{BB6EA173-5D9A-4C1E-908B-8379156800A5}",
"ALTSTATION": 1041389.4,"ILIDATAID": "333649.797-2008-11662","MAXTOTALSTRAINPERCENT": "","DENTDEPTHPERCENT": "","MODB31G85DLFPR": 2.056999921798706,"ILITOOLTYPE": "","FIG4REPAIRBYDATE": 2041,"ADJB31GBURSTPSI": "","ADJMODB31G85DLBURSTPSI": "","STATIONSERIESEVENTID": "{D308A309-E74D-42F4-8ADB-785F0DE23063}","MTSMASRATIO": "","JOINTNUMBER": 75390,"VENDORSORTID": 11662,"SEAMORIENTATION": "","LATITUDE": "","ADJMODB31GBURSTPSI": "","VENDORNOTES": "*EXT ML","_id": {"$oid": "5074ab4823e5651a08ee402d"},"ORIGINEVENTID": ""}
Pipeline GIS Cloud Potential• Staging and Deployment, Rapid Development• Operational GIS• Operational Data Store (ROV\ILI)• Situational Awareness (Story Board, Media, Risk)• Visualization (Wow!, Lightweight)• Scalable Map Services•• Scalable Map Services• Real Time Data Integration (Scada, ILI, Tracking)• Geo-Collaboration (VGI, Tag, Parse, Target - RISK)• Street View (3D View, Altered Reality - HCA)• Non SQL Databases (10Gen\MongoDB)• Data Verification (MAOP, RISK, What we don’t know …)• …
Source: http://www.informationisbeautiful.net/
Smart Phones and Location-based Services
• 50% of all US Adults have smart-phones or tablets
• Vendors are making plays for location based services companiesservices companies
• People are experimenting with new ways to utilize location
Source: http://www.fastcompany.com/3001809/5-reasons-location-smartphones-killer-map
Wrap-UP
Thoughts• Part of this is cloud utilization• Geo-Services• Data structures and models could potentially become
less relevant as long as people can get to their data and can present it coherently (storage vs. processing and can present it coherently (storage vs. processing and structure vs. agility – noSQL)
• Access to and querying of data will become key - human language constructs.
• Change the paradigm of application development and delivery (Software as a Service).
• Data must be discoverable, accessible, and exploitable (Large Data, Rapid Dissimination, Broad User Base)
How to start moving into the cloud
• Identify restrictions and gray areas• Start running experiments with Software-as-
a-Service (SaaS)• Do your next development project in the • Do your next development project in the
cloud• Talk with your core enterprise software
vendors to understand their plans for the cloud
Source: What Every CEO Needs to Know about the Cloud: Harvard Business Review, 2011: http://hbr.org/search/R1111J(http://hbr.org/2011/11/what-every-ceo-needs-to-know-about-the-cloud/ar/1)
Moving to the Cloud• This isn’t a GIS or IT or Legal Decision – It is
a C-Level Decision – it will be about business• Do they want to build another GIS or operate
a pipeline?• Delegating to the IT Department isn’t • Delegating to the IT Department isn’t
nessecarily the right idea• Expect un-anticipated Cloud Benefits• Typical concerns of security are red-herrings
Source: What Every CEO Needs to Know about the Cloud: Harvard Business Review, 2011: http://hbr.org/search/R1111J(http://hbr.org/2011/11/what-every-ceo-needs-to-know-about-the-cloud/ar/1)
Key Sources (in alphabetical order …)
Amazon Web Services: http://aws.amazon.com/ArcGIS Online: http://www.arcgis.com/about/features.html#reach-your-usersArc GIS Online Help: http://resources.arcgis.com/en/help/main/10.1/index.html#//016w00000036000000Data Governance: http://www.sas.com/resources/whitepaper/wp_50387.pdf
Directions Magazine – Channel on Cloud Computing - http://www.directionsmag.com/channels/cloud-computing/
GIS and the Cloud: http://www.directionsmag.com/articles/navigating-through-the-nebulous-arena-of-the-cloud/259505Google Data Centers: http://www.google.com/about/datacenters/gallery/#/all’
Google Fusion Tables: http://www.google.com/fusiontables/Home/Google Fusion Tables: http://www.google.com/fusiontables/Home/Google Map Engine: http://www.google.com/enterprise/mapsearth/products/mapsengine.htmlGoogle Security and Privacy: http://static.googleusercontent.com/external_content/untrusted_dlcp/www.google.com/en/us/a/help/intl/en-
GB/admins/pdf/ds_gsa_apps_whitepaper_0207.pdf
INSA White Paper - ttp://www.insaonline.org/assets/files/White%20Papers/INSA_Cloud_Computing_2012_FINAL.pdf
NIST: http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf
NoSQL Databases: http://www.10gen.com/static/downloads/nosql_bi.pdf
Pipeline CyberSecurity: Federal Policy: http://www.fas.org/sgp/crs/homesec/R42660.pdf
Pipeline GIS Data Governance: http://eaglemap.com/pipeline-executives/What Every CEO Needs to Know about the Cloud: Harvard Business Review, 2011: http://hbr.org/search/R1111J (http://hbr.org/2011/11/what-
every-ceo-needs-to-know-about-the-cloud/ar/1)
Visualization: http://www.informationisbeautiful.net/2012/announcing-the-information-is-beautiful-awards-shortlist/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+InformationIsBeautiful+%28Information+Is+Beautiful%29
Security: http://www.computerworld.com/s/topic/17/Security