Openness in the cloud depends on open source code, open data and open APIs, according to Marten Mickos, chief executive of infrastructure-as-a-service software provider Eucalyptus Systems.

When it comes to bugs and vulnerabilities, open source code is significantly more robust than closed source, said Mickos, who was previously CEO of MySQL. The latest Scan report by development testing company Coverity found that open source projects have an average of 0.45 defects per 1,000 lines of code, compared to 0.64 for proprietary codebases.

“People think it's because everybody gets to test your code, but that's only part of the truth,” said Mickos. “Even more it's the shame factor. When developers know that every line of code will be visible to the audience, they won't release it until it's ready.”

Mickos said that the pace of the market today means that cloud computing platforms must be open. He said the best way to build a strong platform for the future is to build it so open that everybody can participate and help improve it, and everybody can determine that there is nothing suspicious going on.

“When the cloud is open, you will know if anybody is watching over you, checking you, sucking information out of the system,” he said. “The bad guys will always get in but, by opening it, you can enlist help from the good guys.”

It is also vital that individuals and companies using the cloud have free and open access to their own data, said Mickos.

“With a bank, you can withdraw your money at any time, and when you withdraw it there's no money left there. But sometimes with cloud services they don't let you withdraw your data, and sometimes when you do they keep a copy.”

Mickos said open data does not mean that everybody should expose their data. Rather, the customer should be able to see what data is stored in the cloud, and be able to delete it if they so desire.

Meanwhile, the long-term success of cloud computing relies on having open APIs that allow customers to migrate their workloads between on-premise, private cloud and public cloud environments, according to Mickos.

Amazon recently announced it would throw its weight behind Eucalyptus' efforts to support Amazon Web Services' APIs, allowing customers to move workloads between their existing IT environments and the AWS cloud using the same management tools across both environments.

According to experts, some businesses had previously been reluctant to use Amazon's APIs because their legal departments were worried about potential intellectual property violations. Some were also concerned that Amazon could make changes to its APIs that could break interoperability with Eucalyptus.

“We work with AWS to improve the compatibility of the API, and we also do joint go-to-market actions,” said Mickos. “It is good for us but it is also good for Amazon. Their customers were asking about on-premise and they had no response before. Now they have a response. You must have a full range of offerings when you start dealing with enterprise customers.”

OpenStack also supports some of Amazon's APIs. However, OpenStack is unlikely to bridge a similar deal with Amazon, according to Mickos, because it was created as a competitor to AWS. OpenStack does have the advantage of being able to offer users more options of public clouds, however, whereas AWS is the only option for Eucalyptus users.

In the long term, Eucalyptus aims to give customers as many alternatives as possible, helping them to protect their existing and future investments.

“The key to avoiding lock-in is keeping your options open,” said Mickos. “It gives customers enormous negotiation power.”