Beth Pariseau had an interesting comment today regarding the use of Cloud Storage API standards, following on from a SNIA summit on the subject.
As usual, SNIA have got a hold of the wrong end of the stick. Standardizing on Amazon’s API is just crazy. In fact, at this stage, attempting to create a standard API is completely pointless.
What’s really needed, is to standardise on:
Security Model – users want consistency of security across cloud storage providers. The security model needs to be consistent to provide ease of access, integration with technologies like Active Directory or LDAP.
Access Method – standardisation on the use of XML, REST, SOAP, FTP or other protocols to access storage.
After that, then the discussions can be had as to what should also be put into a standard cloud infrastructure. Vendors need the flexibility to differentiate their offerings, but some things are going to be the same, whoever the vendor is.
In fact, it would make more sense for SNIA to develop a set of minimum “standards” against which vendors can comply. So, for security, does the vendor provide:
- Active Directory integration
- LDAP integration
- Role-based access controls
- Entity-level security application
This is only an example; but rather than attempt to standardise on the access methods and mechanics, SNIA should be working to deliver a “cloud storage charter mark” for vendors to match up to. Then SNIA might be providing us something useful.