Cloud Computing

This post is an introduction to the concept of cloud on IT.

In the context of cloud computing, a bucket is a basic storage container.

Cloud Essential Characteristics

Cloud essential characteristics:

  1. Resource Pooling
  2. Broad Network Access
  3. Rapid Elasticity
  4. Measured Service
  5. On-Demand Self-Service
  6. Multitenancy

Multitenancy is considered within Resource Pooling according to NIST SP 800-145, while ISO/IEC 22123 considers it a different characteristic.

Cloud Logical Model

Cloud logical model layers, according to CCSK v3:

  • Infrastructure
  • Metastructure
  • Infostructure
  • Appistructure

Cloud Service Model

Cloud service models are often known as the SPI stack or SPI tiers:

  1. Software as a Service (SaaS)
  2. Platform as Service (PaaS)
  3. Infrastructure as a Service (IaaS)

In SaaS, you exploit services directly.

In PaaS, you build, develop or run applications over the given resources.

In IaaS, you use a virtual hardware like processors or storage drives.

There are many technologies coining the term “as a Service”, using it as a commercial label. Some examples are:

  • Software as a Service (SaaS)
    • Identity as a Service (IDaaS)
    • Security as a Service (SECaaS)
  • Platform as a Service (PaaS)
    • Function as a Service (Faas) / Serverless architecture
    • Database as a Service
  • Infrastructure as a Service (IaaS)
    • Containers as a Service (Caas)
    • Compute as a Service (CaaS)

Cloudwashing refers to the act of selling as a non-cloud service as a cloud service.

Function as a Service (FaaS) / Serverless architecture

Function as a Service (FaaS), more commonly know as serverless architecture, is a sub-type within PaaS.

You can read more about FaaS, most commonly known on this post.

Container as a Service (CaaS)

Container as a Service (CaaS) is considered to be in the middle of PaaS and IaaS. According to the book “CCSP Practice Test Third Edition”, chapter 1 question 43, “CaaS is a subcategory of IaaS for computing resources provided as a service”.

Cloud Deployment Models

Cloud deployment models are:

  1. Public
  2. Private
  3. Hybrid
  4. Community

You can find the cloud deployment models on this post.

Technologies enabling Cloud Computing

By leveraging virtualization, the cloud provider does not have to deploy an entire hardware device for every new user.

If the cloud provider had to purchase a new box for every user, the cost of cloud services would be as much as running a traditional environment (or likely cost even more), and there would be no reason for any organization to migrate to the cloud, especially considering the risks associated with disclosing data to a third party.

Cloud computing often integrates DevOps practices to enable automated and scalable deployment workflows.

DevOps practices include IT configuration management (ITSM), insfrastructure as code (IaC) and continuous integrity/continuous deploymnet CI/CD.

You can read more about DevOps on this post.

Cloud computing is possible thanks to technologies like infrastructure as code (IaC), that allows to managing computer resources through definition files, rather than physical hardware or configuration tools.

Cloud Data Centers

This section focuses on cloud data center security.

There is an informal saying that the cloud data centers characteristics should be “ping, power, pipe“, that means:

  1. Ping: meaning remote access for a customer to racked devices in the data center
  2. Power: meaning electrical utilities
  3. Pipe: meaning connectivity to an internet service provider/the internet

Uptime Institute Data Center Tiers

Uptime Institute Data Center Tiers:

Tier No.Short DescriptionUptime percentageMax. downtime
1Full equipment99.671
2Redundant equipment99.741
3Redundant communications and power paths99.9821,6 hours
4Adds fault tolerance99.995
Uptime Institute Data Center Tiers

You can review this external link to the official Uptime Institute data center tier description.

Cloud Computing Standards

Types of Cloud Computing Standards featured on this post

  • Definitions and Concepts
  • Reference Architectures

Cloud Computing Standard Definitions and Concepts

Cloud computing standard definitions and concepts:

  • ISO/IEC 22123-1 & 22123-2
  • NIST SP 500-145

This list does exclude the cloud computing security standards.

ISO/IEC 22123-1 & 22123-2

ISO/IEC 22123-1 has the title “Vocabulary”.

ISO/IEC 22123-1:2023 shop

ISO/IEC 22123-2 has the title “Concepts”.

ISO/IEC 22123-2:2023 shop

NIST SP 500-145

NIST SP 500-145 has the title “The NIST Definition of Cloud Computing”.

NIST SP 500-145 official website

Cloud Computing Standard Reference Architectures

Cloud computing standard reference architecture:

  • ISO/IEC 22123-3
  • NIST SP 500-292
  • CSA Enterprise Architecture

ISO/IEC 22123-3

ISO/IEC 22123-3:2023 is about cloud computing reference architecture. You can read more about it on this post.

This standard was preceded by ISO/IEC 17789:2014.

ISO/IEC 22123-3 Shop

NIST SP 500-292

NIST SP 500-292 has the title “NIST Cloud Computer Reference Architecture”.

NIST SP 500-292 document

CSA Enterprise Architecture

CSA Enterprise Architecture (EA) is both a methodology and a set of tools. It is a framework, a comprehensive approach for the architecture of a secure cloud infrastructure, and can be used to assess opportunities for improvement, create roadmaps for technology adoption, identify reusable security patterns, and assess various cloud providers and security technology vendors against a common set of capabilities.

It leverages the following standards:

CSA EA v2 official web

Vendor Cloud Architecture Frameworks

AWS Well Architected Tool

AWS well architected tool website

Azure Well-Architected Framework

Azure Well-Architected Framework website

Google Cloud Architecture Framework

Google Cloud Architecture Framework website

Cloud Platform for Content Management System

Cloud platforms for content management systems (CMS):

  • Platform.sh
  • Pantheon
  • Acquia

Cloud Security

Information security in the cloud has some singularities. You can read about cloud security on this post.

Cloud Service Providers

A Cloud Service Provider (CSP) is a provider that supplies cloud services.

You can find more information and a list of popular CSPs on this post.

List of Cloud Service Modules

This blog has a dedicated post about common cloud service modules, like storage, monitoring, etc.

You might also be interested in…

External References

  • Function as a Server (FaaS) / Serverless
    • Chapman et al, “CISSP Study Guide 9th Edition”, section “Serverless architecture”, pp. 406; Wiley, 2021

Leave a Reply

Your email address will not be published. Required fields are marked *