Cloud Computing and Shared IT Services
A review of Cloud Computing and Shared IT Services in the context of the University of Oxford
Ref: 212.ODIT.PWJ, 9 May 2011, by Paul W. Jeffreys
1. Executive Summary
This document offers a review of Cloud Computing and Shared IT Services in the context of the University of Oxford.
2. Background
In June 2010 the Budget Sub-Committee requested that future projects - especially in connection with the Hierarchical File Server (HFS) back-up and archiving service - more fully explore the options for outsourcing data storage. In response to this a paper (1) was submitted to BSC in October 2010. BSC requested a follow-up report which would give background on and context for cloud computing. It was agreed that the report should be prepared after a University's bid (2) against the University Modernisation Fund (UMF) had been considered. Four UMF awards were made nationally in April 2011, two of which came to Oxford - an award for £1.2m to OUCS and an award of c. £0.5m to the Bodleian Libraries and a consortium of research units.
This paper gives an overview of Cloud Computing and Shared IT Service developments in the context of the University of Oxford.
3. Outsourcing and Shared Services
All Higher Education organisations deploy external functions and services (3) to some extent. Many find it advantageous to enlist third-party providers to work alongside institutional staff.
Outsourcing is where the organisation contracts a third party to deliver a service that it requires. Gartner research finds that more than 50% of enterprises arrange their outsourcing arrangements incorrectly and this results in unsatisfactory services (4). There is relatively little experience of outsourcing IT in Higher Education (HE); EDUCAUSE has produced a useful introductory article (5). University payroll processing is an example of an established outsourced service. There are many examples of outsourcing outside IT within the University.
The shared services model combines the corporate advantages of in-house provision with the efficiency and local autonomy that results from out-sourcing (7). This usually takes the form of IT services being provided to a group of related customers by a service team that exists in the same organisation, but as a distinct entity from the customers themselves.
In November 2005 the Cabinet Office published Transformational Government: Enabled by Technology, which set out the Government's
vision for a long-term transformation of public services. One of the three key recommendations was that Government should move
to a culture of shared services to improve the quality and cost effectiveness of public services. A HEFCE Circular letter, Shared
services: the benefits for higher education institutions (8), addressed shared services in the context of HE.
It stated that, typically, shared services:
describe a model of providing services in a combined or collaborative function, sharing processes and technology.
In the private sector this is usually within the same group of companies, but in other sectors it will most often
be between separate entities. The most sophisticated models involve establishing a completely new organisation, run
and managed as an autonomous business.
The HE sector is coming under increasing pressure to demonstrate that it has organised itself efficiently and effectively. David Willetts, the Minister of State for Universities, has made frequent public references (9) to the importance of universities exploring the shared services agenda, and ensuring that infrastructure and support costs are as well managed as possible.
A University of London Computing Centre review of shared services (10) demonstrates a range of views on shared services within HE. An example of a rather specific HE shared service is the Universities and Colleges Admissions Service (UCAS) which processes applications for all full-time undergraduate courses at UK universities and colleges.
The Government has not addressed issues with VAT recoverability for HE institutions; efficiency savings accrued using resources from private suppliers, therefore, have to be substantial enough to at least cover VAT to bring overall benefits.
The University's Value for Money Committee has recently approved the establishment of a Shared Services Sub-Group (11), to consider opportunities for the clustering, integration, or sharing of support services across the University.
Deployment of shared services embodies one of the University of Oxford's most valued principles - subsidiarity. Many existing IT services are delivered through close collaboration between local and central staff. The Nexus (12) email, calendar and collaborative environment service is an excellent example of such an internal shared service. Other examples are the Hierarchical File Service for back-up and archiving, and the Single-Sign-On facility. Sharing services within the collegiate University can be seen as a microcosm of a national shared services activity.
The University Shared Data Centre (USDC), discussed in a following section, is designed specifically to facilitate and encourage shared IT services within the University.
4. Cloud Computing (13)
Cloud computing is a model of delivering infrastructure, platforms, and applications in which the customer pays to use, rather than own, computational resources. It is particular suited to shared service delivery (14) as fixed (start-up) costs are low, variable costs are typically direct so can be attributed to specific customers, and the provision can be scaled trivially to meet rise and fall in demand.
In its broadest usage, the term cloud computing refers to the delivery of scalable IT resources over the Internet, as opposed to hosting and operating those resources locally, such as on a college or university network. Those resources can include applications and services, as well as the infrastructure on which they operate.
Three organisations come to the forefront in terms of their definitions of the cloud: Gartner, Forrester, and the National Institutes of Standards and Technology (NIST). Although both Gartner (15) and Forrester (16) provide valuable definitions of cloud computing, the NIST definition (17) is concise and uses industry-standard terms (18). NIST defines cloud computing as: a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models (19).
The NIST definition is shown as a block diagram below. It is important to recognise that the essential characteristics relate to all three service models. The NIST cloud computing definition is unpacked in Appendix A.
Figure 1: NIST definition of Cloud Computing
Many commentators emphasise that cloud computing offers self-service possibilities and multi-tenancy (20). One quarter of the Government IT Strategy (21) released earlier this year is focused on 'creating a common ICT infrastructure', within which cloud computing features strongly.
5. Why is Cloud Computing Different and Important?
Cloud computing is considered to be a recent extension of outsourcing models (22). Cloud computing provides institutions with the opportunity to deliver technology infrastructure as a flexible, scalable service that can be procured on demand; it offers the promise of leveraging large economies of scale to reduce the cost of computing. Cloud computing is also potentially a more environmentally sustainable model for computing, with the possibility of moving operations close to sources of cheap and renewable energy.
NIST's five characteristics of the cloud (see Appendix A) help to clarify the distinction between the cloud and outsourcing. The cloud offers: on-demand self-service, location-independent resource pooling, rapid elasticity, ubiquitous network access (based on internet standards), and measured/metered service. The cloud framework allows the organisation to manage the building blocks of IT, provided by other people in the same way they would their in-house infrastructure, but without the challenges that such complex architecture would normally produce. A crucially important aspect of cloud computing is that the services offered must have the capacity to integrate closely with local services.
5.1 Cloud computing within HE Institutions
Cloud computing can be used to deliver high-throughput research computing (23), and there are initiatives around the world to deploy certain HPC workloads in a cloud computing model. JISC and the EPSRC (24) are exploring this for HE through the RAPPORT (25) project where applications from particle physics, bioinformatics and classics will be ported to the community-based and public clouds. Through the UK National Grid Service (UKNGS), the Universities of Oxford and Edinburgh have helped to pilot a specialist Infrastructure as a Service (IaaS) cloud for HEI based research (26).
Many Higher Education establishments have outsourced their student email and calendar services to Google (27) or Microsoft (28). This is uniformly referred to as 'Email in the Cloud' (29). It certainly does have many of the attributes of cloud services defined in Appendix A, but in some respects this is misleading terminology. From the perspective of the user, the email application (Software as a Service (SaaS)) has the five characteristics of the cloud, this is not delivered by true cloud infrastructure (IaaS) but instead by the application suppliers delivering the functionality (in principle, for example, the services could be delivered from a single server). Gartner estimates that 41% of Universities have deployed student email in the cloud globally. Deploying email in the cloud was considered as an option within the Nexus project; however, the divisions insisted that staff email had to be delivered internally, and since many students have staff responsibilities it was considered inappropriate for the University to use email in the cloud for students.
5.2 Cloud computing in the University of Oxford
Cloud computing will become an essential component within the University of Oxford's shared services approach to computing. It will be capable of enabling greater flexibility and improved levels of service, whilst making costs more transparent and increasing institutional efficiency. Many research groups are already using the public cloud for short-term computational provision, and there will be similar opportunities for data management and curation.
For some years the NSMS (30) group within OUCS has offered a shared virtual infrastructure (VI) service (31) that is used by Business Services and Projects (BSP) and by the ICT Support Team. Servers for rent are offered to users from within a virtual infrastructure. OUCS has traditionally worked closely with local staff in delivering IT services to users (for example, Nexus and Weblearn, the Virtual Learning Environment). Operating shared services within an overall principle of subsidiarity (31), therefore, is at the core of OUCS's policy of service delivery, and cloud computing is a new opportunity for and manifestation of this. The Oxford e-Research Centre (OeRC) has delivered a number of IaaS cloud installations, both as part of the UKNGS described above, and also in support of local research communities and centre-based research projects (33).
In the same way that sharing services internally within the University of Oxford can be seen as a microcosm of the national shared services activity, an internal private cloud can be built which is a microcosm of the HE cloud (this is explored in Appendix A). The University of Oxford is seeking to use a hybrid cloud where its private cloud bursts out to the HE or public cloud when appropriate and cost effective to do so. A private cloud (34) will be essential in order that Oxford can accrue all the benefits that cloud computing offers; this is considered further in section 8.2.
6. Challenges and risks of cloud computing
Cloud computing has brought increased complexity; cloud-based sourcing models add additional layers of consideration, such as where institutional data will be stored, how secure it will be, how access can be controlled, how it will be backed up and curated. Furthermore the cloud complicates the outsourcing decision-making process; cloud computing has the potential to enable individual users to outsource directly.
A recent review (35) by EDUCAUSE found that adoption of cloud computing is broad but shallow. It states: 'Concerns about data security and institutional culture are expected to limit growth for many'. The University of Oxford needs to appraise the security risks, for example in the areas of biomedical sciences, to establish whether the risks are indeed higher in a cloud environment than elsewhere.
As recently as April 2011, Gartner (36) expressed the view that:
Cloud service sourcing is immature and fraught with potential hazards. The hype around
cloud computing services has increased interest, as well as caution, for IT managers trying
to determine where, when and if cloud services can provide valuable outcomes for their businesses.
Cloud computing is driving discontinuity that introduces exciting opportunities and costly challenges.
Organisations need to understand these changes and develop realistic cloud sourcing strategies and contracts that can reduce risk.
In the new cloud services scenario, flexibility, agility and innovation are design principles and, over time, service providers are expected to succeed in delivering on these principles. The market also expects scalability, cost-efficiency and pay-per-use pricing models from cloud services solutions. The University of Oxford needs to prepare itself to use these opportunities, but in a way that safeguards users and offers reliable, secure, accountable, cost-effective services with long-term guaranteed commitment.
The cloud does not necessarily mean service without interruptions or data loss. In February 2011 Google confirmed that about 150,000 Gmail users around the world had their accounts, including every email, application, contact and calendar information, deleted (37). Amazon's break in its EC2 cloud services (38) in April 2011 led The New York Times (39) to comment: 'This is a wake-up call for cloud computing.'
It is possible that future public cloud computing services will enable the University to invest less in capital expenditure for research and administrative computing. At present, however, public offerings do not provide levels of management and administrative capability required to enable them to be delivered as production services for the University.
7. HEFCE's University Modernisation Fund
The public cloud is not designed to be a good fit to the needs of Higher Education (40). A major component of HEFCE's £270m University Modernisation Fund (41) (UMF) is a £20m shared services pilot scheme (42). The letter announcing the pilot states: '£20 million is being allocated to HEFCE in 2010-11 to support universities and colleges in delivering further efficiency and value for money through the development of shared services, collaborative procurement and other innovative ways of reducing support costs while sustaining the quality of frontline teaching and research.' Within this there are three programme areas (43): the development and roll-out of a Flexible Service Delivery Programme; the development of shared data centres; and the development of e-procurement in the HE sector.
In February, HEFCE announced (44) that it would fund shared services in cloud computing
'to deliver efficiencies through shared services in cloud computing infrastructure and applications.'
David Sweeney - HEFCE Director for Research, Innovation and Skills - said:
At a time of pressure on university resources, it is critical that technology is used in a collaborative
and cost-effective way, to deliver services that will benefit the sector. Cloud computing has the potential
to do this in ways which will serve the academic community leading to improvements in research,
teaching and administration.
On 8 February 2011, Ian Lewis (HEFCE) spoke (45) at a UCISA Shared Services Conference where he recounted Gartner's concerns in deploying the cloud and outlined barriers to use. The UMF was seen specifically as a mechanism to help HE institutions address issues that need to be overcome for the cloud to be used more widely. The funding is designed to inject resources in order to: share risk; accelerate timescales; tailor the use of the cloud to specific HE needs; and to help address cultural issues.
JISC was given responsibility to develop a UMF Shared Services and the Cloud Programme (46). The announcement (47) states that:
This programme will invest up to £10 million to establish a shared infrastructure with suppliers
brokered by JANET(UK) and support for research data management provided by the Digital Curation Centre.
The infrastructure will develop into an HE cloud and will support both research data management and enterprise
application deployment . . . Such shared services will allow universities and colleges to benefit
from aggregated purchasing and reduced implementation and hosting costs, as well as through the streamlining of processes.
JISC announced a closed call for projects (48) on 14 February 2011. A bid to develop a Virtual Infrastructure and Database as a Service (VIDaaS) (49) was submitted by OUCS; funding of £1.2m has been awarded for the next 12 months. The Dataflow project (50) was also funded from the same call.
8. Way ahead for Shared Services and the Cloud in the University of Oxford
The computing model deployed in the University (51), which fully recognises the importance of subsidiarity, is based on a shared services model. The federal structure of the University leads to many benefits, but institutional risks result from the fragmented structure. Cloud computing offers the potential to reduce risks by leading to increased structure and consistency of operation.
8.1 The University Shared Data Centre - Hub of IT Shared Services
The University Shared Data Centre (52) (USDC) has been designed to provide a highly resilient, energy-efficient, low-carbon-footprint, and secure location from which to operate a range of shared services for the collegiate University. The range includes: co-locating services; extending the local network virtually into the data centre; facilitating virtual services where applications are operated on shared infrastructure but with sufficient local control; serving local applications on a range of managed platforms; and running and operating managed services for users. Although it is understood that co-location will be required in some cases, shared infrastructure and shared platforms are strongly recommended in order that economies of scale and other benefits can be realised.
The model for future computing in Oxford is one in which infrastructure is shared within an efficient central location whilst local autonomy for delivering applications is preserved.
8.2 Cloud computing, private cloud and UMF
The set of shared services offered through the USDC will include cloud-based services. A private cloud (see Appendix A) provides a mechanism for delivering self-service shared services that are dynamically adjustable and use a shared infrastructure. In addition, the private cloud offers a connection point or staging post beyond the boundaries of the University in order to benefit from increased economies of scale and greater efficiencies. This fits very well with the HEFCE model promoted through the UMF.
By sharing infrastructure within the USDC, fluctuating user demand will average out enabling hardware to operate close to capacity, and therefore efficiently and cost effectively.
Oxford's private cloud will have another essential role. It will serve as a staging post to the HE cloud (also funded through the UMF) and in due course to the public cloud. Applications operating on the private cloud will be designed to 'burst out' to the HE or public clouds when appropriate and when this is more cost effective. The private cloud will be used to deliver a full production service for users across the University. The VIDaaS project will also deliver an innovative SaaS - a self-service database-creation application for researchers. Through VIDaaS, Oxford will be at the vanguard of national shared IT services within a cloud environment.
Building on both the UKNGS and JISC's FLexible Services for the Support of Research (FLeSSR) cloud activities, OeRC will expand its IaaS cloud services for research with a large-scale Amazon-compatible service, which will be made available to users through the Oxford Supercomputing Centre. This will connect with other nationally important e-infrastructures, including a future EU e-infrastructure that will be the backbone for international research. The University must have a watching brief on Cloud computing; the opportunity for shared services with other leading research Universities could offer efficiencies and allow Oxford to leverage expertise elsewhere.
8.3 Developing the University's Vision for Shared Services and the Cloud
The USDC will be brought into production in MT 2011 and the VIDaaS project has recently been launched. These two activities represent a new chapter of delivery of IT production services for the University.
It is intended to use a half-day workshop this summer to begin to develop a vision for shared IT services and the cloud within the University, and subsequently to produce a document to record the conclusions.
9. Conclusions
An overview of shared IT services and cloud computing has been given.
Shared services combine the corporate advantages of in-house provision with the efficiency and local autonomy of out-sourcing. This usually takes the form of IT services being provided to a group of related customers by a service team that exists in the same organisation, but as a distinct entity from the customers themselves. HEFCE is promoting shared services to improve the quality and cost effectiveness of public services, and has provided resources to encourage their development and uptake through the University Modernisation Fund. In the University of Oxford's federated structure a particular form of shared services operates where a service is operated centrally but responsibility for delivery is shared with local staff. Shared services are at the core of many activities and reflect the importance of the principle of subsidiarity and the federal nature of the institution. The University Shared Data Centre is designed specifically to facilitate and encourage shared IT services in the University, and has a particular focus on promoting shared infrastructure.
Cloud computing is a model for delivering infrastructure, platforms, and applications in which the customer pays to use, rather than own, computational resources. It delivers scalable and dynamically adjustable resources over the Internet on a self-service basis. Cloud computing is not a shared service per se, although many, including HEFCE, perceive the approach as having similarities with shared services. Within the University of Oxford's federal structure, cloud services offer a promising approach to deliver shared services that offer good integration with local services. This is best embodied in the creation of a private cloud, operated by the University, which is aligned with the way services are provided and consumed from an organisational point of view. Use of cloud-based IT services is likely to grow rapidly in coming years, and while the potential is large, there are appreciable challenges which need to be understood and addressed in order that progress can be made. A suite of services must be made available to enable users to make full use of cloud computing services to meet their diverse requirements. The VIDaaS project will offer Oxford an opportunity to ensure that the University is well placed to benefit from the cloud, and from the UMF investment in shared services.
The Budget Sub-Committee is asked to:
Appendix A: NIST Description of the Computing Cloud
The National Institute of Standards and Technology (NIST) defines cloud computing as:
model for enabling convenient, on-demand network access to a shared pool of configurable computing resources
(e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with
minimal management effort or service provider interaction. This cloud model promotes availability and is composed
of five essential characteristics, three service models, and four deployment models.
The five characteristics, three service models, and four deployment models are shown schematically in Figure 1 in the main body of this document, and are often represented by the NIST Visual Model which is shown in Figure 2.
Figure 2: Visual Model of NIST Working Definition of Cloud Computing
The cloud separates application and information resources from the underlying infrastructure, and the mechanisms used to deliver them. Cloud enhances collaboration, agility, scaling and availability, and provides the potential for cost reduction through optimised and efficient computing. More specifically, cloud describes the use of a collection of services, applications, information, and infrastructure comprised of pools of compute, network, information, and storage resources. These components can be rapidly orchestrated, provisioned, implemented, decommissioned, and scaled up or down, providing for an on-demand or self-service utility-like model of allocation and consumption.
Five Characteristics of the Cloud
The five characteristics of the NIST model apply to all three service models.
- A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service's provider.
- When an institution develops or deploys a new application, it might have to order a server, wait for the vendor to ship it, install the server in the data centre, provision an IP address for the server, set up the DNS for the new IP address, install the operating system, etc. With cloud-based services, many of these steps can be eliminated. Interaction with the service provider is minimised, and with a few clicks of a button, an application can be up and running in a matter of minutes.
- Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g. mobile phones and laptops).
- Many people believe that having a resource available via the Internet is the defining characteristic of the cloud, but it is just one of the five characteristics.
- The provider's computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources, but may be able to specify location at a higher level of abstraction (e.g. country, state, or datacentre). Examples of resources include storage, processing, memory, network bandwidth, and virtual machines.
- Capabilities can be rapidly and elastically provisioned, in some cases automatically, to scale out quickly, and rapidly released to scale in quickly. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be purchased in any quantity at any time.
- Cloud systems automatically control and optimise resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g. storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported, providing transparency for both the provider and consumer of the utilised service.
Three Service Models for the Cloud
The three types of cloud-based services are Software as a Service (SaaS), Platform as a Service (PaaS), and infrastructure as a Service (IaaS). Although computing resources may be delivered through one of these three models, it does not necessarily mean full 'cloud' provision.
Virtual private servers are also IaaS, but virtual private servers do not possess the five characteristics of the cloud.
(i) Cloud Software as a Service (SaaS)
- The capability provided to the consumer is to use the provider's applications running on a cloud infrastructure. The applications are accessible from various client devices through a thin client interface such as a web browser (e.g. web-based email). The consumer does not manage or control the underlying cloud infrastructure, including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.
- The Database as a Service provision within VIDaaS is an example of a cloud SaaS.
(ii) Cloud Platform as a Service (PaaS)
- The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly application hosting environment configurations. This is typically provided through a pay-per-use business model.
- The NSMS 'Virtual Machine (VM) for rent' service shares some characteristics with a cloud PaaS.
(iii) Cloud Infrastructure as a Service (IaaS)
- The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly limited control of select networking components (e.g. host firewalls).
- The NSMS virtual infrastructure provided for BSP and ICTST shares some characteristics with a cloud IaaS.
Four Deployment Models for the Cloud
Just as there are multiple ways to deploy a system on a server, there are multiple ways to deploy a system in the cloud. The four deployment models described in the NIST definition of cloud computing are public cloud, community cloud, private cloud, and hybrid cloud.
- The cloud infrastructure is operated solely for an organisation. It may be managed by the organisation or a third party, and may exist on premise or off premise.
- Oxford is developing a private cloud through the VIDaaS project.
- The cloud infrastructure is shared by several organisations and supports a specific community that has shared concerns (e.g. mission, security requirements, policy, and compliance considerations). It may be managed by the organisations or a third party and may exist on premise or off premise. Payments for use of the cloud might be made via dues to the consortium or through some other equitable pricing schema.
- UMF resources will be used to develop a Higher Education community cloud.
- The cloud infrastructure is made available to the general public or a large industry group and is owned by an organisation selling cloud services. Users of a public cloud sign up with the cloud provider and make payments based on the provider's pricing schema. Examples include Amazon Web Services and Google applications.
- The cloud infrastructure is a composition of two or more clouds (private, community, or public) that remain unique entities but are bound together by standardised or proprietary technology that enables data and application portability (e.g. cloud bursting for load balancing between clouds).
- The VIDaaS project is working with the Digital Curation Centre, Eduserv and JANET(UK) to connect its private cloud to the HE cloud and the public cloud.
Endnotes
2. The Virtual Infrastructure Database as a Service project: http://vidaas.oucs.ox.ac.uk/
3. ECAR: http://www.educause.edu/Resources/AlternativeITSourcingStrategie/177700
4. http://www.jiscinfonet.ac.uk/InfoKits/creating-an-mle/technology-options/outsource-buy-build-or-integrate
5. http://www.educause.edu/ir/library/pdf/EQM0212.pdf
6. A Study of shared services in UK Further and Higher Education is available at: http://www.jisc.ac.uk/whatwedo/programmes/programme_jos/ssprev.aspx
The Government is seeking efficiency savings through increased shared services within higher education as 'Too many universities try to do too much in-house' (David Willetts, Universities UK conference, September 2010): http://tinyurl.com/3xxfzax)
The Shared Services Advisory Group estimates that shared services can generate a 20-30% cost reduction in the public sector. (Shared Services in the Higher Education Sector, Report for HEFCE by KPMG, July 2006, available at: http://www.hefce.ac.uk/pubs/rdreports/2006/rd15_06/rd15_06.pdf )
The Confederation of British Industry (CBI) estimates that savings of 20% could be 'readily achieved' through increased shared service usage in higher and further education. (Confederation of British Industry, Time for action - Reforming public services and balancing the budget, May 2010): www.policyexchange.org.uk/assets/Higher_Education_Austerity_2.pdf
7. ITIL refers to a 'shared services unit' as a type-II service provider, where type-I is an internal provider (in-sourcing) and type-III is an external provider (out-sourcing).
8. http://www.hefce.ac.uk/pubs/circlets/2006/cl20_06/
9. In their recent announcement on efficiency (Efficiency 2011-15: Ensuring Excellence with Impact, RCUK March 2011), the Research Councils have emphasized the importance of ensuring that funding is efficiently used. "This means driving down the costs and overheads of research whilst maintaining and safeguarding the excellent research for which we are renowned". Research organizations will be categorized into efficiency groupings in future, and indirect cost recovery rates will be capped (with rate reductions to be applied at between 0 and 5%, depending on grouping) accordingly.
10. Part of the ULCC 'Future of Technology in Education' series: http://tinyurl.com/3fdq7c9
11. The SSS-G will review services that are the direct responsibility of UAS departments, and those which are delivered in partnership with departments, faculties, and divisions. There will also be scope to examine those areas of activity that overlap significantly with the colleges such as student support and in particular IT. The group will have its first meeting in Trinity Term 2011.
12. Nexus: http://www.oucs.ox.ac.uk/nexus/ Note, however, that if the Nexus service were delivered entirely from the centre, it would not be a shared service. It is the model for service delivery, in close cooperation with local IT staff, and with the capacity for local management and administration control, that makes it a shared service.
13. A helpful review of definitions for cloud computing is available at: http://knol.google.com/k/ashwin-manjunatha/cloud-computing-definitions-mp3/100z03x9pqbop/1#
14. Note that cloud computing is not a shared service per se, but is a means of delivering services.
15. Daryl C. Plummer, Thomas J. Bittman, Tom Austin, David W. Cearley, and David Mitchell Smith, Cloud Computing: Defining and Describing an Emerging Phenomenon, Gartner, June 17, 2008: http://www.gartner.com/DisplayDocument?id=697413
16. Frank E. Gillett with Eric G. Brown, James Staten, and Christina Lee, 'Future View: The New Tech Ecosystems Of Cloud, Cloud Services, and Cloud Computing: Understanding, Segmenting, and Competing in the Next Computer Revolution', Forrester Research, August 28, 2008: http://www.forrester.com/rb/Research/future_view_new_tech_ecosystems_of_cloud,/q/id/45073/t/2
17. Cloud Computing, National Institute of Standards, Computer Security Division, Computer Security Resource Center, May 11, 2009: http://csrc.nist.gov/groups/SNS/cloud-computing/index.html
18. Dmitry Sotnikov, 'Cloud Definitions: NIST, Gartner and Forrester', CloudEnterprise.info, August 4, 2009: http://cloudenterprise.info/2009/08/04/cloud-definitions-nist-gartner-forrester/
19. Peter Mell and Tim Grance, The NIST Definition of Cloud Computing, ver. 15, National Institute of Standards and Technology, Information Technology Laboratory, October 7, 2009:
20. A principle in software architecture where a single instance of software runs on a server, serving multiple client rganisations (or tenants), by partitioning its data and configuration virtually.
21. http://www.cabinetoffice.gov.uk/resource-library/uk-government-ict-strategy-resources
22. A review of cloud computing as an extension of an outsourcing model for computing is given in an EDUCAUSE report, Alternative IT Sourcing Strategies: From the Campus to the Cloud: http://net.educause.edu/ir/library/pdf/EKF/EKF0905.pdf
23. http://www.sramanamitra.com/2010/10/08/boundaries-between-hpc-and-cloud-computing-vanishing/
24. EPSRC has a 'Research in the cloud' programme: http://www.epsrc.ac.uk/pubs/mags/connect/2011/81/Pages/cloud.aspx
25. Robust Application Porting for HPC in the Cloud: http://cloudresearch.jiscinvolve.org/wp/2011/03/08/rapport-robust-application-porting-for-hpc-in-the-cloud/
26. A specialist IaaS cloud service, supported by Oxford and Edinburgh, has been operational for 2 years, and has already demonstrated rapid uptake within the research community (>100 users on each cloud within the first three months alone). This has also shown a previously unforeseen breadth of user communities that have made use of the system, including supporting students in MSc courses at three different institutions. Within the next three to six months this service will be broadened beyond the current partners to include IaaS cloud installations from five other UK HEIs including Manchester, Imperial and Reading universities as a nationally available federated resource.
27. http://mail.google.com/mail/help/intro.html
28. http://www.microsoft.com/education/solutions/liveedu.aspx
29. http://www.cloudemail101.org/
30. http://www.oucs.ox.ac.uk/nsms/
31. http://www.oucs.ox.ac.uk/nsms/services/vm.xml#consult-management
32. The University of Oxford Strategic Plan, http://www.admin.ox.ac.uk/pras/planning/strategicplan/, states in paragraph 13: 'Closely connected with collegiality is the concept of subsidiarity - the principle that decisions should be taken at the lowest level appropriate to the matter in hand. Thus, for example, deciding what to research is a matter for individuals and, where relevant, research groups. It becomes a matter for departments and faculties, divisions and the University as a whole only when support is required, most obviously through the allocation of resources. Subsidiarity also applies to teaching and to administration.'
33. This includes the JISC funded Flexible Services for the Support of Research project (FLESSR) which is a collaboration between Oxford, Reading, STFC and Eduserv, and is creating two exemplar research supporting use cases as well as the infrastructure services to support the creation of user focused hybrid clouds. OeRC is also hosting an energy industry focused cloud project funded by EPSRC looking into the application of strong authentication technologies that will mean the cloud computing model is appropriate within industries that have extremely significant data privacy and audit requirements. Of the groups that are currently using the e-Research supported Cloud, several already have funding that they would consider spending using a University private cloud that mimics the interfaces of the public cloud, thereby enabling expansion to larger resources if required. 34. Note that whilst the cloud is not a shared service per se, a private cloud delivered in the University would be a shared service due to the organizational way it is provided and consumed (as opposed to the technology itself).
35. ECAR key findings: http://net.educause.edu/ir/library/pdf/EKF/EKF0905.pdf
36. Frank Ridder, Research Vice President at Gartner, also made the following comments: 'Traditional IT services often find organisations locked in, fighting with rigid delivery or hesitation to change when engaged in traditional IT services deals. Innovation seldom materializes and solutions fail to scale, and service providers often struggle with their profits' and 'Organisations need to ensure they understand the short-and long-term implications of cloud services, on the demand and supply side, as well as on the sourcing life cycle itself'.
37. http://crave.cnet.co.uk/software/gmail-error-wipes-accounts-of-up-to-150000-users-50002948/, and http://news.bioscholar.com/2011/02/google-accidentally-wipes-accounts-of-150000-gmail-users.html. Amazon has published a detailed report on the incident at: http://aws.amazon.com/message/65648/
38. http://aws.amazon.com/ec2/
39. http://www.nytimes.com/2011/04/23/technology/23cloud.html?_r=1
40. This is evident from the business models of the private cloud suppliers. Amazon's model is to deploy spare resources, Microsoft's is to deliver their software services over the Internet.
41. http://www.hefce.ac.uk/finance/fundinghe/places/
42. http://www.hefce.ac.uk/pubs/circlets/2010/cl07_10/
43. The three UMF programme areas are:
a. The development and roll-out of the Flexible Service Delivery Programme, currently being developed by the Joint Information Systems Committee (JISC), under which higher education institutions would join up their corporate support, information and academic IT systems.
b. The development of shared data centres - centralised repositories, either physical or virtual, for the storage, management and dissemination of data and information organised around a particular body of knowledge or a particular business.
c. Procurement - the development of e-procurement in the higher education sector so that contract information is more accessible, allowing more efficient purchasing processes.
44. http://www.hefce.ac.uk/news/hefce/2011/cloud.htm.
45. Presentation available at: http://www.ucisa.ac.uk/en/groups/exec/Events/2011/sharedservices/Programme.aspx.
46. http://www.jisc.ac.uk/whatwedo/programmes/umf.aspx.
47. The Shared IT infrastructure strand includes:
a) A broker will be established to aid institutions in the procurement of trusted shared virtual server and data centre capacity and capability. It will act both within the higher education (HE) sector and between the HE sector and commercial suppliers. This will be set up under the auspices of JANET(UK). A core virtual server infrastructure (a 'cloud') will be set up to offer cost effective data management and storage services to HE institutions. It will be deployed in data centres starting with a pilot at Eduserv, which will work in collaboration with the Digital Curation Centre (DCC) and application developers from c) below.
Up to £3.5 million will be invested in this aspect of the shared IT infrastructure programme, including funding to develop a sustainable financial model for the brokerage beyond the life of the UMF.
b) The DCC will be developing data management tools, in particular its on-line data management planning tools which are designed to satisfy
the demands of funders for clear data management plans in grant applications and during project implementation. It will support the requirements of funders in the UK and NSF in the USA initially. The DCC will further develop its training and support capability in particular its workshop programme. Up to £15m will be invested in this work.
c) Up to a further £4.9 million will be invested in developing HE research data management applications to be deployed under the Software as a Service (SaaS) model in the shared services environment.
48. Background information provided in the JISC UMF Cloud Computing Programme included the following statements:
- This call forms part of the Universities Modernisation Fund commitment to a shared information services programme, which is to establish a coherent shared virtual server and storage environment leading onto cloud based services for the sector at a national level. JANET(UK) will broker suitable suppliers to deliver the service and the Data Curation Centre (DCC) will establish a well ordered set of data management policies, practices, services and tools (including on-line data management planning and registries of available datasets) that will be deployed on it. This call seeks to fund the deployment of applications that can be delivered on the shared platform and exploited by researchers who need a well ordered, low cost, flexible and easy to use service within which to manage and process their research data.
- Key outputs and outcomes across the UMF Shared Information Services Programme include: Shared applications and tools for research data management across disciplines and institutions, together with initial supporting infrastructure where necessary. Sustainable shared infrastructure services to supplement or replace institutional ICT capacity for researchers or provide capacity to support the applications and tools above.
- The objective of the funding available under this closed call is to provide robust capability for managing research data in a shared, virtual infrastructure. Applications need to follow the Software as a Service model and the conditions under which UMF funding is made available mean that time is of the essence and so risk must be minimised and speed of delivery maximised. For this reason, the call primarily targets work such as the refinement of systems scoped and developed within the context of the JISCMRD Programme and for which a strong case can be made for their suitability to be delivered as SaaS to a wide range of researchers.
50. The Dataflow project, with members from the Bodleian Libraries, OULS, Zoology and Oxford e-Research Centre, aims to provide virtual appliances to departments and research groups that will aid and support their compliance with RCUK data management rules as well as significantly streamline methods by which research data may be stored and curated by the Bodleian. Services will be created to allow researchers to interact with institutional data repositories quickly and easily which will significantly lower a perceived barrier to these centrally supported services currently.
51. http://www.ict.ox.ac.uk/odit/ITcoordination/model.xml
52. The University Shared Data centre, http://www.oucs.ox.ac.uk/datacentres/USDCproject/, has been designed to meet current data centre standards (TIA-94), is designed as a green data centre (as far as practically possible) and makes use of CHP trigeneration technologies for heat recycling/cooling, as well as aisle containment to ensure optimal cooling within the data centre space itself. The data centre design was informed by external specialists with a focus on green aspects.
53. The Appendix is based on the article at: http://www.educause.edu/EDUCAUSE+Quarterly/EDUCAUSEQuarterlyMagazineVolum/CloudComputingExplained/206526.