THE NIST DEFINITION OF CLOUD COMPUTING

I stumbled on a article that led me to the NIST’s plethora of documents. One interesting document was its definition of cloud computing. The document was titled – “The NIST Definition of Cloud Computing”

Now for those who may be unaware – like I was – NIST stands for National Institute of Standards and Technology is a non-regulatory agency of the United States Department of Commerce.

Cloud computing is one of those terms that has been modified and honestly – heavily abused. Marketing has made it a catchy term so I have my neighbor brag about his music on the cloud but has no clue what cloud is really about. I have heard senior architects and technologists talk of cloud but most seem to have their own variations/versions of it.

So what is cloud computing? The NIST defines it as follows –

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction

It further talks about the essential characteristics of cloud computing.

1. On-Demand Self-Service – Being able to provision resources on your own and when needed without any intervention.

2. Broad Network Access – Being able to access your resources over a broad range of devices

3. Resource Pooling – Being able to provide a multi tenant environment where a customer is in his own virtual silo while physical resources are being shared.

4. Rapid Elasticity – Being able to increase resources on demand and on the fly – and usually automatically.

5. Measured Service – Being able to monitor and measure the resource utilization accurately and providing transparency for the customer.

Now that we understand what cloud computing is – lets look at how this can be deployed in different deployment models.

There are three ways – according to NIST – that cloud computing can be services or consumed.

1. Software as a Service (SaaS) – This allows the end customer access to the application running on the vendor’s cloud infrastructure. Examples of this kind of Services are Vitara, Salesforce etc. You will access the application typically using a web browser or an application that will connect to the vendor’s infrastructure over the web.

2. Platform as a Service (PaaS) – This allows the end customer to deploy applications running on the vendor’s cloud infrastructure by a means of a programming language, libraries or services. The vendor usually provides a API for the consumer and his developer team to use and deploy workloads on the vendor’s infrastructure as needed.

3. Infrastructure as a Service (IaaS) – This allows the end customer to not only deploy applications as needed on their cloud infrastructure but also manage other critical components such as operating systems, storage and application settings and to a limited firewall settings. It is a good habit not to allow complete firewall access to the end customer – it just becomes too easy for them to bring themselves down.

Now that we know what the core components are for Cloud computing and the different ways it can be consumed – lets look at four different ways that it can be deployed.

1. Private Cloud – The cloud infrastructure is consumed by just one customer and he/she owns it in entirety. This means no sharing of resources between multiple customers and maintaining a single tenant environment. One of the main reasons to do this is compliance – for example HIPAA compliance requirements.

2. Community Cloud – As per NIST – “The cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them, and it may exist on or off premises.”

3. Public Cloud – The cloud infrastructure is provisioned for open use by the general public. It may be owned and maintained by one or more cloud providers however anyone with a credit card can spin up a server in a matter of seconds.

4. Hybrid Cloud – This is an interesting one and was an obvious evolution. The cloud infrastructure is a combination of two or more cloud deployment technologies – such as Private, community or Public cloud. They remain unique entities however are bound by possibly third party technologies that enables data and application portability. For example Agility platform, IBM Smart cloud orchestrator and VMware’s vCloud Automation Center – are a few among many.

The NIST document can be found here.

Let me know if you have any questions 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *

Post Navigation