Cloud Computing

This post is an introduction to the concept of cloud on IT.

Cloud Essential Characteristics

Cloud essential characteristics:

  1. Resource Pooling
  2. Broad Network Access
  3. Rapid Elasticity
  4. Measured Service
  5. On-Demand Self-Service
  6. Multitenancy

Multitenant is considered within Resource Pooling according to NIST SP 800-145, while ISO/IEC 22123 considers it a different characteristic.

Cloud Logical Model

Cloud logical model layers, according to CCSK v3:

  • Infrastructure
  • Metastructure
  • Infostructure
  • Appistructure

Cloud Service Model

Cloud service models are often known as the SPI stack or SPI tiers:

  1. Software as a Service (SaaS)
  2. Platform as Service (PaaS)
  3. Infrastructure as a Service (IaaS)

In SaaS, you exploit services directly.

In PaaS, you build, develop or run applications over the given resources.

In IaaS, you use a virtual hardware like processors or storage drives.

There are many technologies coining the term “as a Service”, using it as a commercial label. Some examples are:

  • Software as a Service (SaaS)
    • Identity as a Service (IDaaS)
    • Security as a Service (SECaaS)
  • Platform as a Service (PaaS)
    • Function as a Service (Faas) / Serverless architecture
    • Database as a Service
  • Infrastructure as a Service (IaaS)

Cloudwashing refers to the act of selling as a non-cloud service as a cloud service.

Function as a Service (FaaS) / Serverless architecture

Function as a Service (FaaS), more commonly know as serverless architecture, is a sub-type within PaaS.

You can read more about FaaS, most commonly known on this post.

Cloud Deployment Models

Cloud deployment models are:

  1. Public
  2. Private
  3. Hybrid
  4. Community

You can find the cloud deployment models on this post.

Technologies enabling Cloud Computing

Virtualization

Cloud computing often integrates DevOps practices to enable automated and scalable deployment workflows.

DevOps practices include IT configuration management (ITSM), insfrastructure as code (IaC) and continuous integrity/continuous deploymnet CI/CD.

You can read more about DevOps on this post.

Cloud computing is possible thanks to technologies like infrastructure as code (IaC), that allows to managing computer resources through definition files, rather than physical hardware or configuration tools.

Cloud Platform for Content Management System

Cloud platforms for content management systems (CMS):

  • Platform.sh
  • Pantheon
  • Acquia

Cloud Computing Standards

Types of Cloud Computing Standards featured on this post

  • Definitions and Concepts
  • Reference Architectures

Cloud Computing Standard Definitions and Concepts

Cloud computing standard definitions and concepts:

  • ISO/IEC 22123-1 & 22123-2
  • NIST SP 500-145

ISO/IEC 22123-1 & 22123-2

ISO/IEC 22123-1 has the title “Vocabulary”.

ISO/IEC 22123-1:2023 shop

ISO/IEC 22123-2 has the title “Concepts”.

ISO/IEC 22123-2:2023 shop

NIST SP 500-145

NIST SP 500-145 has the title “The NIST Definition of Cloud Computing”.

NIST SP 500-145 official website

Cloud Computing Standard Reference Architectures

Cloud computing standard reference architecture:

  • ISO/IEC 22123-3
  • NIST SP 500-292
  • CSA Enterprise Architecture

ISO/IEC 22123-3

ISO/IEC 22123-3:2023 is about cloud computing reference architecture. You can read more about it on this post.

This standard was preceded by ISO/IEC 17789:2014.

ISO/IEC 22123-3 Shop

NIST SP 500-292

NIST SP 500-292 has the title “NIST Cloud Computer Reference Architecture”.

NIST SP 500-292 document

CSA Enterprise Architecture

CSA Enterprise Architecture (EA) is both a methodology and a set of tools. It is a framework, a comprehensive approach for the architecture of a secure cloud infrastructure, and can be used to assess opportunities for improvement, create roadmaps for technology adoption, identify reusable security patterns, and assess various cloud providers and security technology vendors against a common set of capabilities.

It leverages the following standards:

CSA EA v2 official web

Vendor Cloud Architecture Frameworks

AWS Well Architected Tool

AWS well architected tool website

Azure Well-Architected Framework

Azure Well-Architected Framework website

Google Cloud Architecture Framework

Google Cloud Architecture Framework website

Cloud Security

Information security in the cloud has some singularities. You can read about cloud security on this post.

Cloud Service Providers

A Cloud Service Provider (CSP) is a provider that supplies cloud services.

You can find more information and a list of popular CSPs on this post.

List of Cloud Service Modules

This blog has a dedicated post about common cloud service modules, like storage, monitoring, etc.

You might also be interested in…

External References

  • Function as a Server (FaaS) / Serverless
    • Chapman et al, “CISSP Study Guide 9th Edition”, section “Serverless architecture”, pp. 406; Wiley, 2021

Leave a Reply

Your email address will not be published. Required fields are marked *