130 likes | 396 Vues
Defense Information Systems Agency. A Combat Support Agency. DISA’s Transformation to a Platform Service Provider . DISA Computing Services August 2011. Platform Service Definition. Software as a Service (SaaS). Forge.Mil. E-Mail. Platform as a Service (PaaS). ERP. Web Services.
E N D
Defense Information Systems Agency A Combat Support Agency DISA’s Transformation to a Platform Service Provider DISA Computing Services August 2011
Platform Service Definition Software as a Service (SaaS) Forge.Mil E-Mail Platform as a Service(PaaS) ERP WebServices Infrastructure as a Service(IaaS) RACE CapacityServices Cloud Service Models DISA Cloud Services On-demand self-service End-user application is delivered as a service instead of on-site software installations. Platform and infrastructure are abstracted. Broad network access Application platform or middleware as a service on which custom applications and services can be deployed. Resource pooling Rapid elasticity Physical infrastructure is abstracted to provide computing, storage, and networking as a service, avoiding the expense and need for dedicated systems Measured Service The Air Force Platform Service falls within the PaaS layer of the Cloud Model From NIST: The capability provided by PaaS to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications
Platform Benefits Provide standardized development environment with pre-integrated services allowing developer to focus on business logic Remove IT infrastructure burden from developers Reduce development costs (H/W, S/W, administration) Allow developers to focus on application development Help application PMO better manage costs and schedule No lab infrastructure startup No waste of resources due to over provisioning Provide a fast and inexpensive path to production Provide dynamic resource allocation Share situational awareness for platform services Provide utility-based billing 3
Platform Hosting Model • DISA provides Hardware, Basic and Database infrastructure & support • ITIL based operations model • Runtime Environment and Shared Services defined by DISA • Initial capability includes DISA infrastructure plus adoption of IIB authentication and MDE services • Follow-on capability adds jointly confirmed shared services • Custom hosting for unique applications that leverage IaaS and shared services • Customer builds and delivers Custom Code for DISA to execute in Runtime Environment • DISA provides path-to-production lifecycle services 4
PaaS v1.0 Decomposition Air ForceApps App App App CustomerApps App App App PaaS Self Service SLM Shared SA Utility Billing CommonOps PaaS STS Specific Customer Facing Elements Technology Components
Approach for an Enterprise Platform Service Two Platform as a Service (PaaS) Offerings General purpose cloud platform model Secure Token Service (STS) to support Air Force Enterprise Level Security (ELS) Elastic, Self-service, Utility Pricing, Rapid Deployment of Apps Web Apps / Services, ERP Apps JBoss Open Source for 95+% of all Java Applications
PaaS Path To Production Develop Test Execute Operate • Standardized platform from development through production • More controlled than commercial for safe, secure cloud services • Easier to access than DoD production • Smooth path to production with security validation • Meets DoD standards for secure computing • Enterprise Portal will provide access to all services • Orchestration tools will support more mature cloud services • Location independent capabilities for production services Platform as a Service C&A Verification RuntimeEngine Platform Developer Kit SharedSituationalAwareness Test Tools DynamicElasticity ITILOps Model Shared SOA Services SID CapacityServices Shared Dev / Test Servicesfor Application Development Rapid, standard, self-service capabilities 7
PaaS Feature Overview Industry competitive capabilities with strong security and faster acquisition
PaaS Service Catalog PaaS PaaS STS High Availability Clustering Additional Storage Exposure Services • PaaS Bundle • Operating Environment • 2 Cores, 2 GB Memory • Storage – 10GB • Network infrastructure • Web & JEE Containers • PBAC Access Management • Ozone Widget Framework • Oracle Database PaaS Catalog • PaaS STS Bundle • Operating Environment • 2 Cores, 2 GB Memory • Storage – 10GB • Network infrastructure • Web & JEE Containers • STS Access Management • AF Metadata Environment • Oracle Database Note: Example only
Type accreditation for PaaS Goal: Significantly reduce C&A timeline • Concept grounded on principal of reciprocity between developed applications and DISA’s platform execution environment • Implies that accreditation authorities for the PaaS platform (DISA) and the developed web services and applications will reciprocate on acceptance of each others accreditation work • Customer will accept accreditation of DISA platform type accreditation • DISA will accept customer’s certification of net-worthiness • Approach • CSD will develop a DIACAP package for type accreditation of the PaaS execution environment • The customer’s development, testing and fielding process will need to ensure rigor for application code (above the line system) • Acceptance of above the line and below the line IA work will be reciprocal