Public sector cloud computing scenarios
Cloud computing is currently considered to have great potential in mitigating the financial and administrative difficulties of public administrations in Germany. It promises to both optimize the use of IT resources, and encourages a great variety of collaboration options.
On the other hand, concerns with regards to data privacy and security dominate the current discussions around cloud computing. As such, public administrations hesitate to move towards cloud offerings from private-sector enterprises because of such fundamental legal constraints.
Another, closely-related concern is the lack of interoperability between technologies across cloud service providers, an apprehension that goes beyond reasoning about switching costs. Public administrations are obliged to guarantee the continual availability of the services they provide, regardless of the evolving circumstances or business models of private sector IT service providers.
These topics were debated at a roundtable discussion here in Brussels, entitled “Towards an interoperable and open European Cloud”. I gave a talk on work that has been done in this area by Fraunhofer FOKUS, a research institute focused on developing communications solutions in collaboration with Microsoft. Our results have been published in a White Paper that can be downloaded here.
The example from the German public sector served as a basis for the evaluation of benefits and challenges of cloud computing by defining and analysing a number of use-case scenarios The starting point was the analysis of cloud computing definitions and use-cases, as for example the ones provided by the NIST, DMTF, CCUCDG, and Microsoft. This work complements existing use-case descriptions towards an “eGovernment perspective”, which needs to go beyond business models and technical considerations:
To this end, a number of usage scenarios have been identified:
Scenario 1 illustrates how data privacy issues can be resolved by separating personal and non-personal (open) data. Governmental processes which do not rely on personal data can be hosted in public cloud infrastructures. It provides the basis of a prototype implementation.
Scenario 2 shows how a cloud service providing a secure document storage can provide seamless interaction between administrations, enterprises, and citizens, optimize governmental processes by delivering documents in a timely manner, and enable inter-administration processes by the electronic exchange of documents. It is used as a basis for the definition of templates for the description of use-cases and usage scenarios.
Scenario 3 outlines the idea of interweaving governmental and business processes to provide a business incubator for those enterprises. The scenario imposes interesting questions on a collaborative lifecycle management between the various actors.
Usage scenarios also have been introduced as a methodological means to make requirements from the public sector available to industrial standardization processes. Usage scenarios provide a narrative approach to understand those requirements, by adding legal, societal, or organizational contexts to technical use cases. Therefore, they do not only deliver a way to identify gaps in standard frameworks, but also help to steer a discussion between industrial and governmental stakeholders beyond technicalities, and help comprehend interoperability requirements based on concrete data, protocols, and processes. This methodology is intended to be applied as working mode of the working group on cloud computing of the ISO subcommittee on “Distributed application platforms and services”, to which our usage scenarios have been contributed as an initial input.
The use of cloud computing in public administration is ambitious and as mentioned, the many concerns regarding security and data protection still need to be addressed. I believe that these concerns can be dealt with the best through use-case scenarios as they give a variety of concrete examples which allow carrying the discussion of specific issues from a political and legal level down to their technical implementation.
We are pleased to host on our website contributions from external experts and stakeholders and we are grateful for their time and thoughts. The content developed by our guest bloggers is purely the reflections of the author and does not necessarily reflect Microsoft positions.