What is Cloud Data Management Interface (CDMI)?
The Cloud Data Management Interface (CDMI) is an international standard that defines a functional interface that applications use to create, retrieve, update and delete data elements from cloud storage. Both the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) have adopted CDMI. The Storage Networking Industry Association, also known as SNIA, maintains it.
CDMI is a RESTful API that defines multiple Hypertext Transfer Protocol (HTTP)-based operations for accessing and managing cloud storage. The standard enables client systems to manage data, as well as store and retrieve data.
How CDMI works
The HTTP operations that CDMI enables include -- but are not limited to -- the following actions related to cloud data management:
- discovering a storage system's capabilities;
- allocating and accessing storage containers and objects;
- associating metadata with containers and their objects;
- specifying retention intervals;
- implementing access controls;
- managing users and groups;
- accessing billing information;
- moving data between cloud systems; and
- using protocols such as Network File System or Internet Small Computer System Interface, also known as iSCSI, to export data.
CDMI is an open standard that works alongside Amazon Simple Storage Service and OpenStack Swift. The first CDMI standard -- CDMI v1.0 -- was published on April 12, 2010. Since then, there have been several updates:
- CDMI v1.0.1 was published Sept. 15, 2011.
- CDMI v1.0.2 was published June 4, 2012.
- CDMI v1.1.1 was published March 19, 2015.
- CDMI v2.0.0 was published Sept. 11, 2020.
The CDMI v2.0.0 specification standardizes a number of storage interface operations, including data modifications, namespace representation, versioning, notifications, protocol management, and identity and access controls. ISO and IEC adopted CDMI v1.0.2 in 2012 (ISO/IEC 17826:2012) and CDMI v1.1.1 in 2016 (ISO/IEC 17826:2016).
What is CDMI in cloud computing?
CDMI provides a secure, standards-based interface for managing, accessing and manipulating cloud storage. The interface incorporates a comprehensive object storage model that defines five resource types:
- Data objects store data and associated metadata, providing functionality similar to a file system.
- Container objects provide a structure for organizing children objects, similar to the directories in a file system. These objects can also store metadata specific to the container as a whole.
- Domain objects provide an administrative structure for managing user authentication and supporting accounting processes.
- Queue objects make it possible to queue pieces of data on a first-in, first-out basis. They also maintain the metadata associated with the queue as a whole.
- Capability objects describe the functionality a CDMI server supports and makes that information available to client systems.
Each object gets a globally unique object identifier at the time it is created. Cloud service providers (CSPs) that conform to the CDMI standard must generate these identifiers in a way that minimizes the likelihood they will conflict with identifiers other CDMI systems generate. In addition, Uniform Resource Identifiers should be used within the cloud storage namespace to reference individual objects. A CDMI-compliant implementation should also support multiple types of metadata, including HTTP metadata, data storage and data system metadata, and user metadata.
Applications connecting to cloud storage via CDMI use a control path to manage data and a data path to store and retrieve data. However, CSPs don't have to support the entire CDMI standard. They can implement a subset of it and still be considered conformant as long as they disclose the limitations in their capabilities.
The CDMI standard includes a number of security mechanisms for data protection. It uses the Transport Layer Security protocol to secure communications between the CDMI server and client to prevent unauthorized users from reading or modifying data.
The standard also ensures that CDMI servers and clients can verify one another's identities, while controlling the actions a client can perform on a CDMI server. In addition, CDMI provides authorization and access controls, user and entity authentication, data and media sanitization, malware protection and other safeguards.
Learn about the various cloud security standards and frameworks available that might be useful to your business.