Who Owns Application Delivery Meta-Data In the Cloud?

Random Feature writes "The Cloud Computing Interoperability Forum (CCIF) is currently discussing cloud portability specifications. It seems crazy to define a standard before we even know who owns what in the cloud because you can only port what you own. For example, if you created a security or acceleration policy for your cloud computing-based app, is the policy yours or the provider's? Who owns meta-data in the cloud?" True portability between clouds seems to hang on the answer.

Re:

[Yetihehe]

I have never seen post content so insightful in relation to it's title.

Who owns it?

[davester666]

Why, the "group of industry stakeholders" does. Sure you can port it from one to another, but you'll have to pay to leave your current provider to switch to another one...unless the other one gives them a kickback.

Under no circumstances do you own your data. You just license it.

Re:

[davester666]

er... "own your metadata"...

You still own all your data, unless the provider happens to have a security breakdown, and posts your data to the intertubes for all to see.

Re:

[arogier]

Ah, but the fights over actual data get played out all the time. The results from those fights are almost predictable. So the next fight must be over the metadata, the data describing the data. Especially considering how many times the metafight over the fight for ownership of the data has already been played.

Re:

[Thinboy00]

whoosh.

Re:

[jo42]

If a server BSODs 'in the cloud', will there be anyone there to see it?

Re:

[e2d2]

I thought ownership was to be OUTLAWED by the WTO?! This will not stand man. This issue will not stand.

article not very good

[stephanruby]

The article was not very clear, plus Joyent was a lousy example to use. Joyent has big names associated with it, because it was started by many well-known independent developers, but it's actually pretty unreliable as far as most hosts are concerned.

I'm sure the Blogosphere can answer that.

[Anonymous Coward]

Or you could leverage some synergistic paradigms or something.

Christ, is there a bee in the room or what?

Re:

[CarpetShark]

Well said :)

Re:

[Anonymous Coward]

The ownership of medical data is a huge problem with providers (even though HIPPA is out there). If you really press techs with start medical record providers, the attitude is simply that the data is theirs

I have worked in the medical computing industry, and I agree that you are right. On the other hand, "we" (being my ex-employer) wouldn't say that we "own" the data, but we are "caretakers" for it. In some sense, that makes it "our" data. We will not share it with others, unless they are HIPAA compliant

Re:

[rainmayun]

As a matter of law, the health care provider typically owns the record, although as with many things it is governed by state law and so may vary.

http://www.med.yale.edu/caim/risk/handbook/rmh_medical_record2.html [yale.edu]
http://www.medbd.ca.gov/consumer/complaint_info_questions_records.html [ca.gov]

Personally, I think this is a point of law that needs to be changed at the federal level. But then, I also think that there should be a privacy amendment to the US constitution.

so... what is the meta data, exactly?

[Animaether]

I'm a complete n00b when it comes to 'cloud computing', but given that the article (behind the 2nd link) starts out to explain that nobody's really sure what 'cloud computing' is just yet, I guess I can't help but shrug at that fact.

I did try to read through the thinly-veiled press release article, but at the end... I'm still unsure what the meta data is.

Say I have a 'cloud computing' app that is uhh.. a bouncing ball. Yes, it shows on the screen of the app user a bouncing ball. That'll do.

Now that app is mine. I can take it from one provider to another (assuming they run the same apps - I suppose a standard would have to define that).
    Now let's say the provider has options to, say, limit access to that app to a certain IP range. Certainly that's meta-data, right? It's not inherent to the app, it's not crucial to the app's workings, it's just additional data related to the app. Is that data mine? I would certainly say so. I go into the provider's control panel, hit 'limit access', enter the IP addresses... I don't think they can claim that the data I entered is now suddenly the provider's to own, and taking that particular meta-data from that provider and to another provider (presuming they have a limit-by-ip thing) shouldn't be any trouble. Again, a standard may apply here for some common tasks/options and exporting this to a common file format (and I really don't care if that's plaintext, XML, a BLOB or whatever - as long as everybody can read/write them) so it can be imported by another provider would be nice.
    But the article seems to be about a bunch of people -at the provider- having a peek at your app and making tweaks in their own 'cloud' to make your app be delivered faster, be delivered more securely, etc. I fail to see how -that- meta-data is yours to own. The 'cloud' isn't yours, the tweaks made to the cloud aren't yours, etc. So maybe you paid them to make those optimizations, great, so pay the people at the other provider to make changes too. That's one of the perils of changing providers / relying on their tweaks in any such business.
    I don't think that not having that meta-data breaks portability, though - it just means your app may not be delivered as fast, or as securely.. your problem for choosing an inferior 'cloud computing' provider.

But, again, maybe one of those 'industry moguls' in the arena of cloud computing can explain what the problem actually seems to be.

Car analogy?

[TheCybernator]

Say I have a 'cloud computing' app that is uhh.. a bouncing ball. Yes, it shows on the screen of the app user a bouncing ball. That'll do.

I would prefer racing cars over bouncing ball.

Re:

[stephanruby]

But, again, maybe one of those 'industry moguls' in the arena of cloud computing can explain what the problem actually seems to be.

The problem is that some guy at Joyent, probably one of the numerous co-owners, thought that their service was being seen as a commodity (which is not true by the way, you can't be seen as a commodity if your service is down all the time). So he wrote an article saying: no, no, we're not a commodity, we're 10% faster, we're 20% more secure, pppphhhllllllllleeeazzzeeeee don't le

Re:

[kumma]

'cloud computing' is hype and a buzzword which is used to obtain credibility, money and publicity. people love to read scifi-like things and the use of such weird words feed that. I would not say that everything that is done under that label is stupid though.

Re:

[SanityInAnarchy]

'cloud computing' is hype and a buzzword which is used to obtain credibility, money and publicity.

That's true. It would be very helpful if it was more clearly defined...

Then again, that hasn't stopped other hypey buzzwords from taking over. Look at AJAX. All the technology was there already, but once we gave it a name, people started thinking about the effect of those pieces as a whole.

I would not say that everything that is done under that label is stupid though.

The question is, can you take those things which are done under that label and give them a better label? If you were to talk about "Utility computing" instead of "Cloud computing", would more people understand you (or at

Re:

[kylemonger]

'cloud computing' is hype and a buzzword which is used to obtain credibility, money and publicity.

That's true. It would be very helpful if it was more clearly defined...

How about we call it "timesharing". There are a bunch of servers running your jobs instead of big iron, but the concept is the same.

Re:

[KeithJM]

How about this -- If you want to know something about your clients (geographical location, how often they use your app, how many times do people have to use it before you can be 80% sure they'll become regular users, how long does that take if you give them a free trial, etc) you need data that your provider probably owns. Also, the app provider may have a way to add value to those pure numbers (they might be able to tell you averages for "bouncing X apps" before you even deploy) based on existing apps. T

Re:

[Stu Charlton]

My honest read of the article is:
- cloud interoperability is important (as you say -- XML, BLOB, plaintext, whatever interface is agreed on, though there's a longer discussion about the implications of what you choose on adoption)
- yet there's a "race to the bottom" of creating a lowest common denominator, looking at very complex things like networking equipment, firewalls and load balancers as mere commodities, when in fact they're pretty complicated.
- most of the cloud interoperability discussion is drivi

Re:

[SanityInAnarchy]

Now let's say the provider has options to, say, limit access to that app to a certain IP range. Certainly that's meta-data, right? It's not inherent to the app, it's not crucial to the app's workings, it's just additional data related to the app.

Yes, I'd assume that's what they're talking about.

And depending on the particular cloud, I'd say it's definitely yours. Say you're on Amazon EC2 -- your entire access to the cloud is going to be through an API. While it's worth reading the agreements, I think you could safely claim that if you wrote a script that generated these particular security policies, and booted this particular configuration of servers, that the script, at least, is your property.

a standard may apply here for some common tasks/options and exporting this to a common file format (and I really don't care if that's plaintext, XML, a BLOB or whatever

The closest thing to a standard right now is Amazon's

Welcome to the 70ies

[DUdsen]

Since there isn't a cloud it's all nonsense, there's a good old fashioned mainframe operator and a customer using the system the law and contracting models for those was laid down in the 70ies and just because the 3270 have given way to the AJAX enabled browser and everyone is talking community we don't have a different situation.

Stop treating the cloud as if it was something unknown and start realising how much it's just the successor to the mainframe and thing stats making sense.

Re:Welcome to the 70ies

[aix tom]

Yep. It's basically the same principle from a technology point of view.

The difference is that 90% of mainframe users understood at least the basic principles of the technology they needed.

These days you can't just sell or rent people the technology they need, you have to wrap it in marketing speech and buzzwords so that they get clouds of happy smoke, too. ;-P

And the "application metadata" they talk about in the article basically just looks like the thing that is done during "installation" on traditional system. E.g. "tuning" the cloud so that the application runs smoothly and securely looks basically just like creating the right users with the right permissions and right ulimits and setting up various parameters of the OS correctly when you install an traditional application on a traditional OS.

So it would seem, if the creator of the application also writes the stuff that is needed to install the application, whether it's a traditional "install script" or "application meta-data" happy smoke, then it is his.

When he doesn't know how to do it and asks the provider to install and tweak his application, then that additional metadata belongs to the providers, and the provider shouldn't have to give that away for free.

Re:

[ukemike]

I read it a different way. I suspect the PP is correct but I was thinking things like document file names, file save times, file size, who accessed the file. Those sorts of metadata could be very sensitive and contentious in a legal case if the document in question is say an incriminating memo.

Re:

[kaiidth]

Amen. Seriously.

The urge for the computer industry to reinvent itself every ten or twenty years ('new words for old! new words for old!') is presumably something to do with the urge to foster that appealing sense of mystique that means that businesses are never quite sure what, if anything, they're spending money on. But the Cloud is a particularly silly example.

The ownership of metadata in general has been fought out in various arenas -- who owns what, who gets to transform it and all that are discussed to

Wait till cloud 2.0 comes out

[edittard]

But the Cloud is a particularly silly example.

the whole thing is quite literally a nebulous concept.

Re:

[Hognoxious]

'new words for old! new words for old!'

Just to start the ball rolling:

High capacity application server = mainframe.
Thin client = dumb terminal.
Colo = DP bureau.

Any more?

Re:

[Hognoxious]

In Soviet Russia gnnnnnn... metadata in the cloud must ... resist [faints]

Re:

[That's Unpossible!]

You're talking about the abstract sense of 'the cloud.'

But in reality, cloud computing is more about having (effectively) unlimited resources available to you: unlimited CPU, unlimited bandwidth, unlimited memory, unlimited disk space. You can scale up, and you typically pay only for what you're using.

Now, we know you don't REALLY have unlimited resources, but the numbers are so high, and the cloud-computing companies are doing pretty well at providing an extremely high upper end, that you can pretend that

Not quite the same.

[SanityInAnarchy]

I agree -- we could use a little less hype. But, this sentence alone:

just because the 3270 have given way to the AJAX enabled browser and everyone is talking community we don't have a different situation.

Actually, that really does.

A dumb terminal, or even a relatively smart terminal, is nowhere near the capabilities of a programmable modern browser. And that's before you factor in things like Google Gears, allowing you to take the same application offline.

So, technically, it is better.

Then there's the fact that you'd be foolish not to provide an API -- in fact, a good REST API will probably be easy to develop both web/AJAX and other client

Re:

[X0563511]

Um, while his first post was offtopic crap, this one isn't.

Please fix this, mods.

I'll quote the important part to make it easy for you:

But I see the discussion goes on who owns the meta-data for an app, I would have to say the security policy owns it. I shut your fucking port off, you no longer deliver your app. The rest doesn't matter. You don't like the provider, get lost.

boring

[ramul]

This is the most boring slashdot submission ive seen Zzzzz. So i've decided to jazz it up with a few emoticons..

^_^ japanese cartoon :) standard smiley (not very edgy any more)
>_> - - - - - c[_] guy staring at coffee mug

 

Re:

[X0563511]

Looks more like he's staring away from the coffee cup. Either that, or the coffee cup just got a "HEAD SHOT!"

Brent Spiner

[auric_dude]

As meta data is derived from data does this mean that Brent Spiner it or just that in the Cloud, the Quadrant or the whole universe?

Re:

[MarkWatson]

That is funny - I would mod you up if I had the points.

Paradigm Shift

[WiiWii]

Intellectual property is a thing of the past. To consider this technology with that perspective is to take 10 steps backwards. A better question would be how representative is the sample that constitutes the cloud of various regional or national scales. To reach the most interested potential consumers would be to provide this usage data to companies providing services at these levels. To use such an archaic model in managing this type of technology would be highly ineffective. Business really needs to ca

Greetings, Friend

[Hal_Porter]

My name is Anne Umbongo. I am the widow of deposed African Dictator Umbongo Umbongo. Before he lost power my husband owned application delivery meta data in the cloud, which he acquired after a Russian businessman had an unfortunate accident. He intended to display it as a trophy outside his palace in his new capital of Umbongonia which he was building in the desert with funds from the UN, EU etc.

I will sell you application delivery meta data in the cloud for a good price!

Who cares?

[Hognoxious]

Who cares who owns thingummyjig whatever-it-was in the cloud?

Did I miss the memo?

[millennial]

Maybe it's just me, but I have no clue what 'the cloud' is.

Re:

[SysArchBR]

That I can answer: 'the cloud' is that big white or grey thing flying in the sky... if it's getting darker, run to a shelter, it'll rain...

What? The people here are talking about other kind of cloud?

Hmmmm... maybe I should buy some new books...

Portability? We dn't need no stink'in portability

[MarkWatson]

Seriously, are we talking about portability between services like Amazon Web Services and Google App Engine? Why? They offer different platforms, capabilities, and support different application spaces. (BTW, AWS rocks!)

On the other hand, I insist on a migration path off of a cloud service: not too much trouble with AWS because you install whatever you want on their servers, and you could lease alternative servers (but loose support for Simple Storage Service, Simple Queue Service, etc.). So yes, if you real

It's just configuration data!

[unixan]

There's usually no inherent copyright (or other legal) interest in configuration of an ADC (application delivery controller) than there is in the configuration of the routers or switches that inhabit the very same network environment. (An exception to this would be script programming, but I've encountered very few copyright claims regarding ADC scripting.)

Now, if a customer doesn't have their own ADC but does have a vital interest in being able to our-live the relationship with their provider, obviously th

Hey, this one is simple -

[BigGerman]

Whoever understands what the hell "Application Delivery Meta-Data in the Cloud" is, owns it.

why does that matter?

[DragonTHC]

why does anyone have to own that?

It's necessary to all interested parties. Why can't it be freely available to all who need it and secret from those who don't?

Re:

[nsaneinside]

It's the western mentality.
"Hey, does this belong to anyone?"
-> "It's mine."
"Oh. ...Can I use it?"
-> "No, because it's mine and I might want to use it. And besides, you might break it."
"Oh."

Ownership is one of the core concepts of western culture.

Enough razzle dazzle already!

[thethibs]

The Cloud is aptly named. I've read TFA and several levels of links from there and I'm no more informed than when I woke up this morning.

"Portability" is a concept, not a thing, so these folk need to explain what it is they want to port. "Metadata" isn't an answer. Metadata is data about data, so what data about what data about which phenomena are they talking about?

The other thing I'd like to know is, in what way is "the Cloud" distinct from a distributed server architecture, or what was once called a network application framework?

"Cloud"

[Luscious868]

The word cloud in this context is a stupid buzz word that we can all do without.

Who owns application delivery meta-data in the clo

[cjacobs001]

I did not read all previous posts, but, wOw!!?? Everyone who is concerned about the incidence of identity theft, and or fraud, and or the use of YOUR own personal information by an unauthorized person or organization who uses that information against you, or in such a manner that the result of their use\manipulation of YOUR data hurts you or your desires and or goals, especially financially, knows that we should secure all information not intentionally placed by YOU into the public domain, inclu

It is all in the data

[dataquality]

I do not really care where the app sits, my computer, your computer, their computer on the ground or in the clouds but I really care about "my data". If the metadata belongs to the app provider they are a "joint owner" of my data - ouch. I am happy to pay license fees to whoever provides the app I am using at the time but I want to keep my data separate from the app. Portable data is the way to go after all it will be around a lot longer than the app - users need to require that the apps they use can expor