November 30, 2013

1.3.9 Cloud Computing

Cloud Computing

The only thing new about Cloud Computing is the term. The concept has been around since the days of the mainframe computer. This is where the data processing happens somewhere separate from the data consumption.

What is cloud computing? In one of the more bare-bones definition, it is the ability to process information on someone else’s device. For a more comprehensive definition, we go to the NIST definition. The National Institute of Standards and Technology (NIST) published its final definition of Cloud Computing in September 2011:

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

The NIST cloud computing definition and guideline was crafted, with public input, for use by U.S. Federal agencies.

Let’s dissect the NIST definition to gain a better understanding of what they call cloud computing:

 The authors of the NIST definition of cloud computing (above) highlight five essential characteristics, three service models, and four deployment models for cloud computing.

Characteristics of Cloud Computing

NIST formally defines the terms we highlighted in the figure above.

On-demand self-service: “A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider.”

Broad network access: “Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops, and workstations).”

Resource pooling: “The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand.”

Rapid elasticity: “Capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly outward and inward commensurate with demand.” For example, users can quickly add additional CPU when demand increases and scale down and use fewer CPU resources when demand subsides.

Measured service: “Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts).” I.e. resource usage per user is tracked and is made available to the user on demand.

Deployment Models

Cloud Types Properties
Private Cloud Commissioned for the exclusive use of a single organization.
Owned and managed by that organization and/or a third party.
Can have multiple consumers, e.g. business units
May exist on or off premise
Community Cloud Commissioned for exclusive use of a community (multiple organizations) with a shared concern or purpose.
Owned and managed by the community and/or a third party.
May exist on or off premise
Public Cloud Available to the general public
Owned and managed by a service provider organization.
Exists on the premise of the service provider.
Hybrid Cloud Composition of two or more distinct cloud infrastructures.
Bound together by standard or proprietary technology yet otherwise remain distinct.
Enables data and app portability, e.g. the temporary consumption of resources on a partner cloud infrastructure (cloud bursting).

Service Models

The cloud service provider can provide a variety of services to the client. The NIST definition of cloud computing identifies three service sets or delivery models:

1. Infrastructure as a Service (IaaS): “The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications.” Bring your own middleware… everything else from the operating system to the hardware can be provided to the client. Examples of IaaS offerings include: Amazon Web Services, DropBox and GoGrid

2. Platform as a Service (PaaS): “The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools supported by the provider.” Bring your own application and data, everything else can be provided. Examples of PaaS offerings include:, Windows Azure and RackSpace.

3. Software as a Service (SaaS): “The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser (e.g., web-based email), or a program interface.” Bring your own… nothing. Input your data and the service provider manages everything. Some examples of SaaS offerings include: Microsoft Office365, Google apps and

Here is a popular illustration of the above information:

Cloud Principals

There are a number of users and principals in the cloud computing ecosystem. Here are five major categories:
Principals Description
Cloud Consumer Maintains a business relationship with, and uses service from, Cloud Providers; the client.
Cloud Provider Responsible for making a service available to Cloud Consumers; the service provider.
Cloud Auditor Can conduct independent assessment of cloud services, information system operations, performance and security of the cloud implementation.
Cloud Broker Manages the use, performance and delivery of cloud services, and negotiates relationships between Cloud Providers and Cloud Consumers.
Cloud Carrier Provides connectivity and transport of cloud services from Cloud Providers to Cloud Consumers.