Wednesday, April 8, 2009

Google's Cloud Bridges your Data Center

Interesting announcement from Google yesterday in which they unveiled several new features for their Google App Engine platform. Most notable App Engine now includes supports for Java as well as several java related standards such as the Java Servlet API, JDO and JPA, javax.cache, and javax.mail. When it comes to an Open Cloud, Google seems to be saying action speaks louder then words and I applaud them for this!

I have been lucky enough to be given access to review some of the new App Engine features. For me the inclusion of Java is the least exciting of the new features. The most exciting aspects are the addition of hybrid cloud components that let you use a combination of cloud based resources as well as traditional data center centric resources.

These features include;
  • Access to firewalled data: grant policy-controlled access to your data behind the firewall.
  • Cron support: schedule tasks like report generation or DB clean-up at an interval of your choosing.
  • Database import: move GBs of data easily into your App Engine app. Matching export capabilities are coming soon, hopefully within a month.
The core piece to this hybrid model is the Google Secure Data Connector (SDC) which they describe as a client tool that you can use with Google Apps Premier Edition or Education Edition to connect gadgets, applications, and spreadsheets to data that is protected by a corporate firewall.

SDC forms an encrypted connection between your data and Google Apps. SDC lets you control who in your domain can access which resources using Google Apps.

SDC works with Google Apps to provide data connectivity and enable IT administrators to control the data and services that are accessible in Google Apps. With SDC, you can build private gadgets, spreadsheets, and applications that interact with your existing corporate systems.

The following illustration shows SDC connection components.

Secure Data Connector Components

The steps are:

  1. Google Apps forwards authorized data requests from users who are within the Google Apps domain to the Google tunnel protocol servers.
  2. The tunnel servers validate that a user is authorized to make the request to the specified resource. Google tunnel servers are connected by an encrypted tunnel to SDC, which runs within a company's internal network.
  3. The tunnel protocol allows SDC to connect to a Google tunnel server, authenticate, and encrypt the data that flows across the Internet.
  4. SDC uses resource rules to validate if a user is authorized to make a request to a specified resource.
  5. An optional intranet firewall can be used to provide extra network security.
  6. SDC performs a network request to the specified resource or services.
  7. The service verifies the signed requests and if the user is authorized, returns the data.

#DigitalNibbles Podcast Sponsored by Intel

If you would like to be a guest on the show, please get in touch.