Common Understanding Wiki
A Common Knowledge Source of Terms and Definitions
Cloud Actors #
The NIST Cloud Computing Reference Architecture defines five different actors related to cloud computing: consumer, provider, auditor, broker, carrier.
Cloud Provider #
A person, organization, or entity responsible for making a service available to interested parties. A Cloud Provider acquires and manages the computing infrastructure required for providing the services, runs the cloud software that provides the services, and makes arrangement to deliver the cloud services to the Cloud Consumers through network access
Primary Cloud Provider #
A Primary Provider offers services hosted on infrastructure that it owns. It may make these services available to Consumers through a third party (such as a Broker or Intermediary Provider), but the defining characteristic of a Primary Provider is that it does not source its service offerings from other Providers.
Cloud Consumer #
"A person or organization that maintains a business relationship with, and uses service from, Cloud Providers. A cloud consumer browses the service catalog from a cloud provider, requests the appropriate service, sets up service contracts with the cloud provider, and uses the service. The cloud consumer may be billed for the service provisioned, and needs to arrange payments accordingly."
What is not covered here is the end user that consumes the possibly enriched service offered by the Cloud Consumer. In SaaS, the Cloud Consumer is often identical with the end user. However, in business environments this is not always the case. Using the example of GMail, only the paying entity is the Cloud Customer (e.g. IT department) while many other employees may use the mailing service as end users.
Cloud Auditor #
A party that can conduct independent assessment of cloud services, information system operations, performance and security of the cloud implementation. A cloud auditor is a party that can perform an independent examination of cloud service controls with the intent to express an opinion thereon. Audits are performed to verify conformance to standards through review of objective evidence. A cloud auditor can evaluate the services provided by a cloud provider in terms of security controls, privacy impact, performance, etc.
Cloud Broker #
"As cloud computing evolves, the integration of cloud services can be too complex for cloud consumers to manage. A cloud consumer may request cloud services from a cloud broker, instead of contacting a cloud provider directly. Hence the broker is an entity that manages the use, performance and delivery of cloud services, and negotiates relationships between Cloud Providers and Cloud Consumers." Brokers provide three different types of services to the Cloud Comsumer.
Mediating Broker #
A cloud broker enhances a given service by improving some specific capability and providing value-added services to cloud consumers. The improvement can be managing access to cloud services, identity management, performance reporting, enhanced security, etc.
Aggregating Broker #
A cloud broker combines and integrates multiple services into one or more new services. The broker provides data integration and ensures the secure data movement between the cloud consumer and multiple cloud providers.
Arbitraging Broker #
Service arbitrage is similar to service aggregation except that the services being aggregated are not fixed. Service arbitrage means a broker has the flexibility to choose services from multiple agencies. The cloud broker, for example, can use a credit-scoring service to measure and select an agency with the best score.
Cloud Carrier #
An intermediary that provides connectivity and transport of cloud services from Cloud Providers to Cloud Consumers. Cloud carriers provide access to consumers through network, telecommunication and other access devices.