03-November, 2011Our 4-H crew went out to the extension office for an afternoon of rocket building.  We built a rockets individually, then went out to the field to launch them.  As the dawn set in, launch time approached.  Mission control (Parker County extension agent Kayla Neill) called for all engineers and 4-Hers on deck to prepare for the launch!

We had a great time building and launching the rockets.  The participants learned interesting facts about space exploration.  I hope we do this one again!

Brooks International has a good list of cloud computing events in 2012. 

Top Cloud Computing Events and Conferences

Events Scheduled for 2012
Cloud Expo 2012 – June 11-14- NYC – http://cloudcomputingexpo.com/

CLOUDCON 2012 – February 13-16, 2012 – Santa Clara, CA – http://www.cloudconnectevent.com/santaclara/

ICNC 2012 – January 30- February 2 – Maui, HI – http://www.conf-icnc.org/

CloudCon Expo – July 11-13, 2012 – San Francisco, CA – http://www.cloudconexpo.com/

Cloud Security Alliance Innovation Conference 2012 – January 26 – Silicon Valley, CA – https://cloudsecurityalliance.org/events/csa-innovation-conference-2012/

Cloud Identity Summit 2012 – July – Vail, CO – http://www.cloudidentitysummit.com/

IDGA 3rd Annual Cloud Computing for DoD & Government – February 21-23 – Washington DC – http://www.cloudcomputingevent.com/Event.aspx?id=619576

2012 Cloud Computing & Virtualization Conference & Expo – http://govcloudconference.com/Events/2011/Home.aspx

Parallels Summit 2012 – Profit from the Cloud – February 14-16 – Orlando, FL – http://www.parallels.com/summit/2012/

Cloud Fair Conference 2012 – April 17 – 19, 2012 – Seattle, WA – http://www.cloudfairconference.com/

Cloud/Gov 2012 – February 16, Washington DC – http://www.siia.net/cloudgov/2012/

Remaining 2011 Events

UP 2011 – Cloud Computing Conference – Mountain View, CA- December 5-9 – http://up-con.com/

CloudBeat2011 – November 30- December 1 – Redwood City, CA – http://venturebeat.com/events/cloudbeat2011/ CIO

Cloud Summit 2011 – December 8-9 – Scottsdale, AZ – http://www.ciocloudsummit.com/

Cloud Security Alliance Congress 2011 – November 16-17 – Orlando, FL – http://www.misti.com/default.asp?page=65&Return=70&ProductID=4985&LS=cloud

CloudCamp 2011 – November 19 – Chicago, IL – http://www.cloudcamp.org

If you would like to add your event to our list please contact Karen@brooksinternational.com.
Source: http://blog.brooksinternational.com/top-cloud-computing-events-and-conferences/

CIO Magazine reports:
Cloud computing, security and the mobile space hold the most growth potential in the coming years, according to IT professionals surveyed by tech staffing firm Modis.

No kidding?
Efficient (and/or affordable), secure, accessible.  I don't really see anything new here.  We did not need a new study to confirm these are potential growth areas.  One can look at the recent and current strategic plans of the FedGov, DoD, and industry leaders to confirm.

Read entire CIO article: http://www.cio.com/article/693125/Study_IT_s_Future_Lies_with_Cloud_Computing_Security_and_Mobile?source=CIONLE_nlt_insider_2011-11-07

Checked out Klout service.  The idea is portray how influential one is within their network and to portray how others influence you.  The data is collected through social networks and give a "score" based on the findings.

The service also identifies 5 topics one is "influential on."  I consider myself well-read in some aspects of technology as well as religion and spirituality.  However, I have never been to Reno nor Yale.  I do not know much about teeth and orthodontology (aside from avoiding the dentist lately).  

I don't have much faith in klout's ability to determine if I am influential or authoritative on a topic.  It's an interesting concept, but in reality, our sphere of influence is much greater than twitter and other social network mediums.

Heidi Grant Halvorson, Ph.D. has a new HBR ideacast on what successful people do differently.

1. Get specific.
2. Seize the moment to act on your goals.
3. Know exactly how far you have left to go.
4. Be a realistic optimist.
5. Focus on getting better, rather than being good.
6. Have grit.
7. Build your willpower muscle.
8. Don't tempt fate.
9. Focus on what you will do, not what you won't do.

Ideacast is here: http://blogs.hbr.org/ideacast/2011/11/what-successful-people-do-diff.html

More at Dr. Halvorson's blog: http://blogs.hbr.org/cs/2011/02/nine_things_successful_people.html

Systems Engineering is an interdisciplinary process that ensures that the customer's needs are satisfied throughout a system's entire life cycle. This process is comprised of the following seven tasks.

1. State the problem. Stating the problem is the most important systems engineering task. It entails identifying customers, understanding customer needs, establishing the need for change, discovering requirements and defining system functions.
2. Investigate alternatives. Alternatives are investigated and evaluated based on performance, cost and risk.
3. Model the system. Running models clarifies requirements, reveals bottlenecks and fragmented activities, reduces cost and exposes duplication of efforts.
4. Integrate. Integration means designing interfaces and bringing system elements together so they work as a whole. This requires extensive communication and coordination.
5. Launch the system. Launching the system means running the system and producing outputs -- making the system do what it was intended to do.
6. Assess performance. Performance is assessed using evaluation criteria, technical performance measures and measures -- measurement is the key. If you cannot measure it, you cannot control it. If you cannot control it, you cannot improve it.
7. Re-evaluation. Re-evaluation should be a continual and iterative process with many parallel loops.

This process can be summarized with the acronym SIMILAR (Bahill and Gissing, 1998).
Source: http://www.sie.arizona.edu/sysengr/whatis/whatis.html

John Roberts and Wasim Al-Hamdani presented on cloud security in the InfoSecCD '11 Proceedings of the 2011 Information Security Curriculum Development Conference.
Interesting resources in the bibliography section:

1. Y. Chen, V. Paxson, and R. Katz. What's New About Cloud Computing Security? Technical Report UCB/EECS-2010-5, Berkeley, 2010  
2. Pianese, F., Bosch, P., Alessandro, D., Janssens, N., Stathopoulos, T., and Steiner, M. 2010. Toward a Cloud Operating System. Network Operations and Management Symposium Workshops (NOMS Wksps).  
3. Jensen, M., Schwenk, J., Gruschka, N., and Iacono, L. 2009. On technical Security Issues in Cloud Computing. IEEE International Conference on Cloud Computing.  
4. Geer, D. 2009. The OS Faces a Brave New World. IEEE Computer Society Volume 42, issue 10 p. 15--17.  
5. Ertaul, L. and Singhal, S. 2009. Security Challenges in Cloud Computing. California State University, East Bay. Academic paper http://www.mcs.csueastbay.edu/~lertaul/Cloud%20Security%20CamREADY.pdf  
6. T. Ristenpart, E. Tromer, H. Shacham, and S. Savage. "Hey, You, Get Off of My Cloud! Exploring Information Leakage in Third-Party Compute Clouds." ACM CCS 2009  
7. A. Cavoukian, "Privacy in the clouds", in Springer Identity in the Information Society, Published online: 18 December 2008. http://www.ipc.on.ca/images/Resources/privacyintheclouds.pdf
   
   Source: http://dl.acm.org/citation.cfm?id=2047458&CFID=57421764&CFTOKEN=12463119
   

12 Initiatives Outlined by the Comprehensive National Cybersecurity Initiative (CNCI) launched by President George W. Bush
in National Security Presidential Directive 54/Homeland Security Presidential Directive 23 (NSPD-54/
HSPD-23) in January 2008.

1. Initiative #1. Manage the Federal Enterprise Network as a single network enterprise with Trusted Internet Connections.
2. Initiative #2. Deploy an intrusion detection system of sensors across the Federal enterprise
3. Initiative #3. Pursue deployment of intrusion prevention systems across the Federal enterprise.
4. Initiative #4: Coordinate and redirect research and development (R&D) efforts.
5. Initiative #5. Connect current cyber ops centers to enhance situational awareness.
6. Initiative #6. Develop and implement a government-wide cyber counterintelligence (CI) plan.
7. Initiative #7. Increase the security of our classified networks.
8. Initiative #8. Expand cyber education.
9. Initiative #9. Define and develop enduring “leap-ahead” technology, strategies, and programs.
10. Initiative #10. Define and develop enduring deterrence strategies and programs.
11. Initiative #11. Develop a multi-pronged approach for global supply chain risk management.
12. Initiative #12. Define the Federal role for extending cybersecurity into critical infrastructure domains.

http://www.whitehouse.gov/sites/default/files/cybersecurity.pdf

Ariel Tseitlin and Yury Izrailevsky from Netflix share their approach to cloud adoption using "Simian Army" suite of tools.
Below are the definition of the various tools Netflix engineers created:

Chaos Monkey, a tool that randomly disables our production instances to make sure we can survive this common type of failure without any customer impact.

Latency Monkey induces artificial delays in our RESTful client-server communication layer to simulate service degradation and measures if upstream services respond appropriately. In addition, by making very large delays, we can simulate a node or even an entire service downtime (and test our ability to survive it) without physically bringing these instances down. This can be particularly useful when testing the fault-tolerance of a new service by simulating the failure of its dependencies, without making these dependencies unavailable to the rest of the system.

Conformity Monkey finds instances that don’t adhere to best-practices and shuts them down. For example, we know that if we find instances that don’t belong to an auto-scaling group, that’s trouble waiting to happen. We shut them down to give the service owner the opportunity to re-launch them properly.

Doctor Monkey taps into health checks that run on each instance as well as monitors other external signs of health (e.g. CPU load) to detect unhealthy instances. Once unhealthy instances are detected, they are removed from service and after giving the service owners time to root-cause the problem, are eventually terminated.

Janitor Monkey ensures that our cloud environment is running free of clutter and waste. It searches for unused resources and disposes of them.

Security Monkey is an extension of Conformity Monkey. It finds security violations or vulnerabilities, such as improperly configured AWS security groups, and terminates the offending instances. It also ensures that all our SSL and DRM certificates are valid and are not coming up for renewal.

10-18 Monkey (short for Localization-Internationalization, or l10n-i18n) detects configuration and run time problems in instances serving customers in multiple geographic regions, using different languages and character sets.

Chaos Gorilla is similar to Chaos Monkey, but simulates an outage of an entire Amazon availability zone. We want to verify that our services automatically re-balance to the functional availability zones without user-visible impact or manual intervention.

I like the approach of the Simian Army to simulate failures and keep systems healthy, responsive, and available.  Two follow-on thoughts:

1. Is the Simian Army a suite of COTS tools, homegrown scripts, or a combination of COTS customized.
2. What are the results of testing and simulation using these tools?

Would be great to see this in a case study format or detailed journal paper.
Entire post (Netflix) - http://techblog.netflix.com/2011/07/netflix-simian-army.html?m=1