Cloud Security Authors: Elizabeth White, Liz McMillan, Yeshim Deniz, Dana Gardner, Peter Silva

Related Topics: @CloudExpo, Microsoft Cloud, Silverlight

@CloudExpo: Article

Microsoft Windows Azure Distilled

Windows Azure's concepts of Web Role and Worker Role is absolutely, totally, and unequivocably a game-changer in cloud computing

As I spend more time with the CTP I will be posting more detailed, in-depth walkthroughs of the technologies as well as code samples (hopefully I'll get approved for my Azure hosting account soon *hint* *nudge* *wink*!!). For now, I'm just going to do a high-level breeze-by of the main aspects of Azure.

Windows Azure

Put simply - Windows Azure is a technology that will allow developers to build applications in the cloud. The GUI for the application is in the cloud, the back-end processes that are running are running in the cloud, and the central data store for the application is in the cloud. The great part about this is that you can run it all locally, test it, play with it and vet it. Then you can upgrade it so it's running locally but using cloud storage. When you're finally set that your app is ready for primetime, you can push the app to the cloud and continue using cloud storage. 

On a lower level, Windows Azure allows you to build and publish these things called Web Roles and Worker Roles. A Web Role is nothing more than a bunch of code that has been bundled up and pushed into the cloud that responds to HTTP(S) requests. These Web Roles, at least in this CTP, are ASP.NET applications but it looks as though you'll be able to do Ruby on Rails, PHP (god forbid), Python, or whatever you like. I'm hoping for a VS 2008 plugin that lets me build ASP.NET MVC Beta 1 apps that can be published as Azure Web Roles. A Worker Role is a piece of .NET code that is running in the background.

Traditionally one of the biggest problems people have, from hobbyists to developers for huge corporations, is that external hosting facilities only work well if your ASP.NET app is 100% self-contained and requires no additional services and no background processing, etc. Windows Azure lets you develop apps in cloud AND push your services into the cloud AND store your data in the cloud. Keep in mind that a Silverlight application counts as a web application ;) Starting to see the possibilities here?

.NET Services

Apple's MobileMe slogan was at one point "Exchange for the rest of us". .NET Services can be thought of as "Biztalk Services (in the cloud) for the rest of us". The bottom line is that .NET Services are a cloud-centric way of solving many of the problems of distributed applications. There are three main pieces of .NET Services:

  • Access Control
  • Service Bus
  • Workflow
While access control is certainly nice, and it is done using tokens and claims (more on that in another blog post... tokens, STS, claims, and authentication is a pretty dry topic and needs a good sample when talking around it), the thing that interests me here the most is the Service Bus. The Service Bus allows you to create these publicly exposed endpoint URIs for services. You can then host that service from some application on some desktop. Any client that knows the public URI for that service can then connect to that desktop application and consume the service - regardless of whether that client is on a 10.* or 192.168.* subnet, behind firewalls, in a Starbucks, or whatever. The "cloud" is providing a relay service through which clients in a distributed application can communicate with each other. One of the relay types that I am REALLY looking forward to experimenting with is the P2P relay, which I would assume allows me to have a globally registered peer mesh, allowing all of my app clients to talk to each other, no matter where they are in the world (note: this assertion has yet to be proved, I'm just dreaming big at this point). Workflow is also pretty big if you've been using WF now. Think of this as the WF integration that BizTalk was going to get, but plugged into the cloud.

SQL Services

I'm sure a lot of data guys are going to be pretty excited about this, but for me it's pretty straightforward. SQL data (in a slightly different shape and form than if you were storing it in your own SQL 2008 Server in your enterprise) in the cloud. I can imagine big concerns around privacy, encryption, and reliability will crop up around SQL services in the cloud.

Live Services

Live Services isn't really all that new, they're just being re-branded underneath the Azure umbrella. This is all of the goodies that you get with the Live APIs like contacts, calendars, e-mail, identity, etc.

Summary and Vision

So..what does all this stuff mean anyway? What's in it for you? In the short term what it means is that developers are going to start finding that they have been given a ridiculous amount of power. This is more than just Microsoft hosting your code in some central data centers... This is Microsoft abstracting away the notions of data centers, virtual machines, or even physical CPU cores (well, that abstraction is coming later). If you want to build an internet application, and you want to build it quickly and easily and you know that your app needs to run "out there", and you don't have the resources to do it yourself, or have your own data center, then you're going to find that Azure may just be that enabling force that we've all been missing for so long.

Windows Azure's concepts of Web Role and Worker Role is absolutely, totally, and unequivocably a game-changer in the world of cloud computing. The best thing we've had prior to this were cloud-hosted VMs that had a predefined stack (e.g. ASP.NET or J2EE or PHP or Cold Fusion, etc) to which we could upload our code and hope it all worked. There are always problems in managing configuration files of hosted apps and your hosted app NEVER behaves the same way while hosted as it does on your home PC. With Windows Azure, they're saying - quit worrying about the physical logistics - build your app, write your logic, use (cloud) data, and fahgeddaboudit. If the price is comparable - where are you going to host your back-end services? Amazon's EC2 or Azure, especially if you want to write your back-end services in .NET? 

If the prices are comparable, are you going to write your cloud app to use S3 data or SQL Services or Azure cloud storage?

Even just a few years ago, people didn't live on their computers - they thought of them the same way they thought of their graphing calculators - only they were more powerful. Now, people live on their computers. Moreover, they live online. They live connected. They live attached to the cloud. The problem is that right now, developers don't live attached to the cloud. 

Before cloud services, picture a meeting between a couple hobbyists who are thinking of building an app. They say, "Ok, we're going to need a web app.. but, we'll need some services and some central storage." At that point, they're forced to lease space in a data center, paying up front before anyone is even using their app, or they're forced to make COMPROMISES in their app's DESIGN to accomodate limitations of hosting companies.

With cloud services like Azure, those same people in that room talking about big ideas for big apps can now simply concern themselves with what they want their app to do instead of how they're going to manage the logistics.

-- That said, this is all on probably a 1.5 to 2 year time frame before this stuff is fully baked and they've got critical mass adoption. There is a lot of promise in Azure. Here's to hoping they pull it off.

links: digg this  del.icio.us  technorati  reddit 

More Stories By Kevin Hoffman

Kevin Hoffman, editor-in-chief of SYS-CON's iPhone Developer's Journal, has been programming since he was 10 and has written everything from DOS shareware to n-tier, enterprise web applications in VB, C++, Delphi, and C. Hoffman is coauthor of Professional .NET Framework (Wrox Press) and co-author with Robert Foster of Microsoft SharePoint 2007 Development Unleashed. He authors The .NET Addict's Blog at .NET Developer's Journal.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

@ThingsExpo Stories
The Open Connectivity Foundation (OCF), sponsor of the IoTivity open source project, and AllSeen Alliance, which provides the AllJoyn® open source IoT framework, today announced that the two organizations’ boards have approved a merger under the OCF name and bylaws. This merger will advance interoperability between connected devices from both groups, enabling the full operating potential of IoT and representing a significant step towards a connected ecosystem.
November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Penta Security is a leading vendor for data security solutions, including its encryption solution, D’Amo. By using FPE technology, D’Amo allows for the implementation of encryption technology to sensitive data fields without modification to schema in the database environment. With businesses having their data become increasingly more complicated in their mission-critical applications (such as ERP, CRM, HRM), continued ...
SYS-CON Events announced today that Embotics, the cloud automation company, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Embotics is the cloud automation company for IT organizations and service providers that need to improve provisioning or enable self-service capabilities. With a relentless focus on delivering a premier user experience and unmatched customer support, Embotics is the fas...
Intelligent machines are here. Robots, self-driving cars, drones, bots and many IoT devices are becoming smarter with Machine Learning. In her session at @ThingsExpo, Sudha Jamthe, CEO of IoTDisruptions.com, will discuss the next wave of business disruption at the junction of IoT and AI, impacting many industries and set to change our lives, work and world as we know it.
SYS-CON Events announced today that Cloudbric, a leading website security provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Cloudbric is an elite full service website protection solution specifically designed for IT novices, entrepreneurs, and small and medium businesses. First launched in 2015, Cloudbric is based on the enterprise level Web Application Firewall by Penta Security Sys...
Smart Cities are here to stay, but for their promise to be delivered, the data they produce must not be put in new siloes. In his session at @ThingsExpo, Mathias Herberts, Co-founder and CTO of Cityzen Data, will deep dive into best practices that will ensure a successful smart city journey.
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
SYS-CON Events announced today that MathFreeOn will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. MathFreeOn is Software as a Service (SaaS) used in Engineering and Math education. Write scripts and solve math problems online. MathFreeOn provides online courses for beginners or amateurs who have difficulties in writing scripts. In accordance with various mathematical topics, there are more tha...
Successful digital transformation requires new organizational competencies and capabilities. Research tells us that the biggest impediment to successful transformation is human; consequently, the biggest enabler is a properly skilled and empowered workforce. In the digital age, new individual and collective competencies are required. In his session at 19th Cloud Expo, Bob Newhouse, CEO and founder of Agilitiv, will draw together recent research and lessons learned from emerging and established ...
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, will discuss the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, will discuss how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team a...
Virgil consists of an open-source encryption library, which implements Cryptographic Message Syntax (CMS) and Elliptic Curve Integrated Encryption Scheme (ECIES) (including RSA schema), a Key Management API, and a cloud-based Key Management Service (Virgil Keys). The Virgil Keys Service consists of a public key service and a private key escrow service. 

@ThingsExpo has been named the Top 5 Most Influential Internet of Things Brand by Onalytica in the ‘The Internet of Things Landscape 2015: Top 100 Individuals and Brands.' Onalytica analyzed Twitter conversations around the #IoT debate to uncover the most influential brands and individuals driving the conversation. Onalytica captured data from 56,224 users. The PageRank based methodology they use to extract influencers on a particular topic (tweets mentioning #InternetofThings or #IoT in this ...
More and more brands have jumped on the IoT bandwagon. We have an excess of wearables – activity trackers, smartwatches, smart glasses and sneakers, and more that track seemingly endless datapoints. However, most consumers have no idea what “IoT” means. Creating more wearables that track data shouldn't be the aim of brands; delivering meaningful, tangible relevance to their users should be. We're in a period in which the IoT pendulum is still swinging. Initially, it swung toward "smart for smar...
Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.
With an estimated 50 billion devices connected to the Internet by 2020, several industries will begin to expand their capabilities for retaining end point data at the edge to better utilize the range of data types and sheer volume of M2M data generated by the Internet of Things. In his session at @ThingsExpo, Don DeLoach, CEO and President of Infobright, discussed the infrastructures businesses will need to implement to handle this explosion of data by providing specific use cases for filterin...
In past @ThingsExpo presentations, Joseph di Paolantonio has explored how various Internet of Things (IoT) and data management and analytics (DMA) solution spaces will come together as sensor analytics ecosystems. This year, in his session at @ThingsExpo, Joseph di Paolantonio from DataArchon, will be adding the numerous Transportation areas, from autonomous vehicles to “Uber for containers.” While IoT data in any one area of Transportation will have a huge impact in that area, combining sensor...
What happens when the different parts of a vehicle become smarter than the vehicle itself? As we move toward the era of smart everything, hundreds of entities in a vehicle that communicate with each other, the vehicle and external systems create a need for identity orchestration so that all entities work as a conglomerate. Much like an orchestra without a conductor, without the ability to secure, control, and connect the link between a vehicle’s head unit, devices, and systems and to manage the ...
Ask someone to architect an Internet of Things (IoT) solution and you are guaranteed to see a reference to the cloud. This would lead you to believe that IoT requires the cloud to exist. However, there are many IoT use cases where the cloud is not feasible or desirable. In his session at @ThingsExpo, Dave McCarthy, Director of Products at Bsquare Corporation, will discuss the strategies that exist to extend intelligence directly to IoT devices and sensors, freeing them from the constraints of ...