WHAT IS THE CLOUD - AMIA | Informatics Professionals

WHAT IS THE CLOUD “Cloud is a style of computing where scalable and elastic IT-related capabilities are provided as a service to customers using Inter...

2 downloads 771 Views 3MB Size
“Cloud is a style of computing where scalable and elastic IT-related capabilities are provided as a service to customers using Internet technologies. Intense hype surrounds cloud computing, making it difficult to understand vendor options and strategies.” – Gartner

WHAT IS THE CLOUD

Cloud Essential Characteristics 









Self-service- service consumers directly provision computing resources Broad access- computing resources available over the network on a variety of devices (PC, mobile, other services) Resource pooling- multi-tenancy and location independence Elasticity- computing resources can be elastically provisioned (and returned) Measured service- usage can be monitored, controlled and reported.

Source: NIST SP 800-145 The NIST Definition of Cloud Computing

Cloud Service Models 

Infrastructure as a Service (IaaS)- Raw access to resources (e.g., data storage, virtualization)  “Ops without hardware”



Platform as a Service (PaaS)- Access to preconfigured applications and systems.  “Dev without ops”



Software as a Service (SaaS)- Access to a complete service or program (e.g., customer relationship management)  “Business without devs”

Source: NIST SP 800-145 The NIST Definition of Cloud Computing; “Cloud Architecture at Netflix” / @CodingFabian

Cloud Deployment Models 

Private  E.g., Healthcare System



Community  E.g., Laboratory Orders and Results using the APHL Cloud



Public  E.g., BioSense 2.0 on the Internet GovCloud



Hybrid  Mix of the above  Surge capacity  Load balancing

Source on the different models: NIST SP 800-145 The NIST Definition of Cloud Computing

WHY THE CLOUD

Benefits and Mandates 

  

Reduce costs Increase agility Better auditing, monitoring through virtualization For government agencies, it’s an executive mandate  Federal Cloud Computing Strategy, 2/8/2011  “Cloud First”  “Shared Services First”

Source: Federal Cloud Computing Strategy

IMPORTANT CONSIDERATIONS

System Security and Information Privacy 

  

Integrity – Data is not improperly modified Confidentiality – Data is not improperly disclosed Availability – Data access is not disrupted System rating – high water mark  Low  Moderate  High

System Security and Information Privacy 

CDC / HHS Certification & Accreditation / Security Assessment and Authorization  NIST SP 800-37  All CDC Information Systems (Cloud and non-Cloud)  Federal Information Security Management Act (FISMA)



Data is protected based on Federal Information Processing Standard (FIPS) 199-impact level: Low, Moderate, High



Confidentiality, Integrity, Availability

EXAMPLES

BioSense 2.0 

  

Deployment Model: Public Cloud Service Model: PaaS Hosted by Amazon AWS GovCloud Collaboration, Analysis, Surveillance Platform     

 

CDC Other jurisdictions Other Federal Agencies Private (e.g., healthcare providers, pharmacies, national labs, etc.) Public Access via Data.gov and Google Public Data Explorer

“Moderate” C&A Developed by Division of Informatics Solutions & Operations (DISO)

BioSense 2.0 



Distributed, Safe and Secure Environment Internet GovCloud hosted on Amazon infrastructure under cooperative agreement with the ASTHO  Received Authorization to Operate (ATO) from CDC subsequent to completing the Certification and Accreditation (C&A) process.  Accredited at a FISMA-MODERATE level which incorporates the use of National Institute of Standards and Technology (NIST) Special Publications (computer security guidance) in its Certification and Accreditation (C&A) processes, ex: • NIST SP 800-18: Guide for Developing Security Plans for Federal Information Systems • NIST SP 800-37: Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach • NIST SP 800-53: Recommended Security Controls for Federal Information Systems and Organizations

 Annual Uptime Percentage of at least 99.95%.

Public Health Surveillance Platform (PHSP) and Shared Services 

  

Deployment Model: Public Cloud Service Model: SaaS Hosted by Amazon AWS GovCloud Collaboration, Reporting, Analysis, Surveillance Service  governmental access and contribution (e.g., local, state, federal, international, etc.)  private access and contribution (e.g., healthcare providers, vendors, etc.)  public access (Data.gov, Google Public Data Explorer, CDC Wonder, etc.) and contribution (e.g., Open Source community, hackathons, etc.)



“Moderate” and “High” C&A

OPPORTUNITIES

Public Health Surveillance Platform (PHSP) and Shared Services • PHSP is a multi-tiered architecture for the public health surveillance – Supports data submissions in multiple formats through many channels – Language-neutral data services – Data analysis and human curation – Analytical tools and services – Integration with other programs and software platforms, including: • • • • •

National notifiable diseases, Syndromic surveillance, Electronic laboratory reporting, Immunization, Social media and unstructured news reports.

• Collaborative and iterative approach that involves incremental improvements over time

Public Health Surveillance Platform (PHSP) and Shared Services 



Initial release on March 22nd, 2012 Platform Bazaar :: an open and free online directory of technologies for posting, browsing and evaluating existing or new options  Allow Free (Open Source or Open Access) and Commercial offerings to describe themselves  Recommend funders to use this to evaluate the landscape  Recommend jurisdictions to use and evaluate technology investments

Summary 







Cloud Configuration depends on System or Platform Needs & Requirements Security Controls and Procedures Dependent on System, Platform, Information privacy and Cloud Provider Multiple provider options for Low or Moderate Data and Systems Emerging market options for High Data and Systems

BACK SLIDES

BioSense 2.0 Environment BioSense 2.0 Environment

Shared Spaces Jurisdiction Hospital Public-Access http://biosense2.org | [email protected]

Linux virtual machine

data.biosen.se Apache PHINMS VPN Mirth

secure FTP NwHIN (Direct Project, Connect, etc.

credentials, metadata

Email

Direct

Payload* Data Elements

Response Data Extractor /

Loader

* Payload

Admin Dist

CONNECT

Response

*Payload consists of xml, csv, HL7 2.x and CDA

Response

data.biosen.se

(mirth)

Linux virtual machine

www.biosen.se

BioSense 2.0

Example of Use: Sporting Events Feature: Ad-hoc sharing among multiple jurisdictions during a sporting event (e.g., Super Bowl 2012). Utility: Prepare and maintain situation awareness by monitoring specific events of concern using informal sources in addition to healthcare utilization.

Example of Use: Sporting Events Feature: Ad-hoc sharing among multiple jurisdictions during a sporting event (e.g., Super Bowl 2012). Utility: Prepare and maintain situation awareness by monitoring specific events of concern using informal sources in addition to healthcare utilization.

Example of Use: Sporting Events Feature: Ad-hoc sharing among multiple jurisdictions during a sporting event (e.g., Super Bowl 2012). Utility: Prepare and maintain situation awareness by monitoring specific events of concern using informal sources in addition to healthcare utilization.

PHSP Example – Case Notification Summary NETSS Flat Files NBS Master Message (XML)

Receive

Acknowledge

Event Report from State

Data Analysis

HL7 Messages

Receiving: 1) Parse 2) Validate 3) Store

NEDSS Database and Message Archive

Access Interface (API) Simplifying and unifying how NEDSS data is accessed

MMWR Reporting

Message Monitoring & Error Analysis

PHSP Example – Case Notification Summary