This post is an introduction to the concept of cloud on IT.
Cloud Essential Characteristics
Cloud essential characteristics:
- Resource Pooling
- Broad Network Access
- Rapid Elasticity
- Measured Service
- On-Demand Self-Service
- Multitenancy
Multitenant is considered within Resource Pooling according to NIST SP 800-145, while ISO/IEC 22123 considers it a different characteristic.
Cloud Logical Model
Cloud logical model layers, according to CCSK v3:
- Infrastructure
- Metastructure
- Infostructure
- Appistructure
Cloud Service Model
Cloud service models are often known as the SPI stack or SPI tiers:
- Software as a Service (SaaS)
- Platform as Service (PaaS)
- Infrastructure as a Service (IaaS)
In SaaS, you exploit services directly.
In PaaS, you build, develop or run applications over the given resources.
In IaaS, you use a virtual hardware like processors or storage drives.
There are many technologies coining the term “as a Service”, using it as a commercial label. Some examples are:
- Software as a Service (SaaS)
- Identity as a Service (IDaaS)
- Security as a Service (SECaaS)
- Platform as a Service (PaaS)
- Function as a Service (Faas) / Serverless architecture
- Database as a Service
- Infrastructure as a Service (IaaS)
Cloudwashing refers to the act of selling as a non-cloud service as a cloud service.
Function as a Service (FaaS) / Serverless architecture
Function as a Service (FaaS), more commonly know as serverless architecture, is a sub-type within PaaS.
You can read more about FaaS, most commonly known on this post.
Cloud Deployment Models
Cloud deployment models are:
- Public
- Private
- Hybrid
- Community
You can find the cloud deployment models on this post.
Technologies enabling Cloud Computing
Virtualization
Cloud computing often integrates DevOps practices to enable automated and scalable deployment workflows.
DevOps practices include IT configuration management (ITSM), insfrastructure as code (IaC) and continuous integrity/continuous deploymnet CI/CD.
You can read more about DevOps on this post.
Cloud computing is possible thanks to technologies like infrastructure as code (IaC), that allows to managing computer resources through definition files, rather than physical hardware or configuration tools.
Cloud Platform for Content Management System
Cloud platforms for content management systems (CMS):
- Platform.sh
- Pantheon
- Acquia
Cloud Computing Standards
Types of Cloud Computing Standards featured on this post
- Definitions and Concepts
- Reference Architectures
Cloud Computing Standard Definitions and Concepts
Cloud computing standard definitions and concepts:
- ISO/IEC 22123-1 & 22123-2
- NIST SP 500-145
ISO/IEC 22123-1 & 22123-2
ISO/IEC 22123-1 has the title “Vocabulary”.
ISO/IEC 22123-2 has the title “Concepts”.
NIST SP 500-145
NIST SP 500-145 has the title “The NIST Definition of Cloud Computing”.
NIST SP 500-145 official website
Cloud Computing Standard Reference Architectures
Cloud computing standard reference architecture:
- ISO/IEC 22123-3
- NIST SP 500-292
- CSA Enterprise Architecture
ISO/IEC 22123-3
ISO/IEC 22123-3:2023 is about cloud computing reference architecture. You can read more about it on this post.
This standard was preceded by ISO/IEC 17789:2014.
NIST SP 500-292
NIST SP 500-292 has the title “NIST Cloud Computer Reference Architecture”.
CSA Enterprise Architecture
CSA Enterprise Architecture (EA) is both a methodology and a set of tools. It is a framework, a comprehensive approach for the architecture of a secure cloud infrastructure, and can be used to assess opportunities for improvement, create roadmaps for technology adoption, identify reusable security patterns, and assess various cloud providers and security technology vendors against a common set of capabilities.
It leverages the following standards:
- TOGAF (enterprise IT architecture framework)
- ITIL (IT service management)
- SABSA (IS architecture framework)
- Jericho
Vendor Cloud Architecture Frameworks
AWS Well Architected Tool
AWS well architected tool website
Azure Well-Architected Framework
Azure Well-Architected Framework website
Google Cloud Architecture Framework
Google Cloud Architecture Framework website
Cloud Security
Information security in the cloud has some singularities. You can read about cloud security on this post.
Cloud Service Providers
A Cloud Service Provider (CSP) is a provider that supplies cloud services.
You can find more information and a list of popular CSPs on this post.
List of Cloud Service Modules
This blog has a dedicated post about common cloud service modules, like storage, monitoring, etc.
You might also be interested in…
External References
- Function as a Server (FaaS) / Serverless
- Chapman et al, “CISSP Study Guide 9th Edition”, section “Serverless architecture”, pp. 406; Wiley, 2021