According to NIST, Cloud computing is:"a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources such as networks, servers, storage, applications, and services. The services can be rapidly provisioned and released with minimal management effort or service provider interaction."
NIST further defines cloud computing with 5 characteristics, 3 service models, and 4 deployment models
NIST says that cloud computing can be recognized by the following characteristics:
- On-demand self-service
- Broad network access
- Resource pooling
- Rapid elasticity
- Measured service
To support cloud computing, organizations lean on reliable datacenters that provide agile resource allocations through abstractions. Cloud customers don't need to know what the wires and servers behind the scenes look like. Each cloud customer is carved a piece of the datacenter pie that appears to be an isolated silo of data. Behind the scenes, however, what they are using may be several resources lumped together, and those resources may be shared between multiple customers. This is where the analogy of "tenants" comes in, where you have a landlord renting space to multiple tenants who each have their own key to their apartment, but are really using the apartment owner's space. If an apartment owner wants to knock out a wall and make one large apartment out of two smaller ones, he certainly could.
NIST defines three models of resource allocation through the cloud methodology:
- IaaS (Infrastructure as a Service): virtualized infrastructure means the raw servers and network that the tenant can then install operating systems and applications on top of. Very open ended
- PaaS (Platform as a Service): vitualized software platforms in which tenants can develop applications
- SaaS (Software as a Service): virtualized applications that are available to the tenant using the cloud model
Each of these is really abstracting more and more. Infrastructure abstracts only the hardware. Platform abstracts the underlying operating system environment. Software abstracts even the platform so that all you work with is the software.
|Each form of "As-a-service" builds on the one before it|
Major cloud vendors have also put out another model:
- XaaS (Anything or Everything as a Service): Cloud based services under the big three above that are more specific in nature:
- Storage as a Service (Doesn't get to be SaaS because that's already taken: Cloud based data storage
- DRaaS (Data Recovery as a Service): Backup/Restore solutions via the cloud
- UCaaS (Unified Communication as a Service - voice/video/chat
All of these models have the following characteristics:
- Low barriers to entry make "as a Service" offering appealing to small and medium sized businesses
- Simple Infrastructure - tenants need little other than an internet connection
- Device independence - most cloud technologies are available for access across a wide array of operating systems and devices
- Location independence - remote access is assumed in these models
- Low capital expenditure - as infrastructure is owned by the provider.
- Scalability allows growth and large corporations to utilize datacenter scale technologies
- Multitenancy enables the provider to allocate resources amongst many users without them being aware of their coexistence.
NIST defines the following Deployment Models:
- Public Cloud: Any of the "as-a-service" models deployed for public consumption (usually for a subscription fee)
- Private Cloud: Any of the "as a service" models deployed for intra-business use only (ie, you have access to your resources or software from anywhere, any device, etc., but only as long as you are an employee, because the infrastructure is managed by the business)
- Community Cloud: Think of it as a shared private cloud, or a limited public cloud. Governments or Universities, for example collaborating together with shared "as-a-service" resources and infrastructure that only they can access.
- Hybrid Cloud: A company may choose to deploy their own private cloud infrastructure for some resources that need to follow a compliance model dictated by regulation, but also partake of public cloud subscriptions that are available. This conglomerate would be known as a Hybrid cloud.
• The NIST Definition of Cloud: http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf