Cloud Operation Models #

The Term Clouds can not only be defined along horizontal layers but orthogonally one need to consider also different operation models. Both schemes are independent so that for example there can be public IaaS and public SaaS Clouds.

Public Cloud #

Starting again with the definition from NIST defining a Public Cloud as an “infrastructure [is] provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider.” This means that the infrastructure is used simultaneously be a potentially very large number of other consumers (“multi-tenancy”). Consumers are not aware or have any knowledge about their fellow consumers and have no control or information if their services run on the same physical hardware, share network connections or similar with other consumers.

Private Cloud

In contrast to the public cloud a private cloud according to NIST is defined as “infrastructure [is] provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units). It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises.” Such an infrastructure is under complete control of the provider who is as the same time the only consumer. Such an infrastructure does not differ from a data protection viewpoint from any virtualised or physical server infrastructure widely used in any business as of today.

Community Cloud #

The definition of the community cloud is different from the private cloud that it is not only one organization operating the cloud but a group of collaborators. NIST defines this type of cloud as “infrastructure [is] provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them, and it may exist on or off premises.”

Hybrid Cloud

The models mentioned above are not excluding each other. Quite often a mixture of the models is applied in particular for different application different infrastructure might be more suitable. The NIST definition says that hybrid cloud “infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds).”

Cloud Features

The main features of a Cloud platform according to the NIST Standard are on-demand self-service, broad network access, resource pooling, rapid elasticiy, and measured service. The exact NIST definitions are pasted below. 

In practise, 'broad network access' means that the X a user gets at an XaaS system can be accessed over network by hundres, thousands or even hundres of thousand users at the same time. 'Measured service' in turn means that the user can check the resources he is using. 'Resource pooling' means that the provider has the capacity to server multiple (many, many) users and is able to sustain the increasing demands of customers. 

The key differentiating factors that differentiate cloud platforms from other forms of hosting providers is the on-demand self-service in combination with the rapid elasticity property. In that sense a user will not only be able to automatically request a resource without human interaction, but also to get the response that request in the order of seconds.

NIST Definitions  #

On-demand self-service: A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider. 

Broad network access: Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops, and workstations). 

Resource pooling: The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or datacenter). Examples of resources include storage, processing, memory, and network bandwidth.

Rapid elasticity: Capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be appropriated in any quantity at any time.

Measured service: Cloud systems automatically control and optimize resource use by leveraging a metering capabilityat some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported, providing transparency for both the provider and consumer of the utilized service