Cloud Computing

Concepts and Models

1
Concepts and Models
 4.1 Roles and Boundaries
 4.2 Cloud Characteristics
 4.3 Cloud Delivery Models
 4.4 Cloud Deployment Models
4.1. Roles and Boundaries
 Cloud Provider
 Cloud Consumer
 Cloud Service Owner
 Cloud Resource Administrator
 Organizational Boundary
 Trust Boundary
Cloud Provider
 The organization that provides cloud-based IT resources is
the cloud provider.
 The cloud provider is further tasked with any required
management and administrative duties to ensure the on-
going operation of the overall cloud infrastructure.
 Cloud providers normally own the IT resources that are
made available for lease by cloud consumers; however,
some cloud providers also “resell” IT resources leased
from other cloud providers.
Cloud

Consumer
A cloud consumer is an organization (or a human) that has a formal contract
or arrangement with a cloud provider to use IT resources made available by
the cloud provider.
 cloud consumer uses a cloud service consumer to access a cloud service.
 organizations or humans shown remotely accessing cloud-based IT resources
are considered cloud consumers.

Figure 4.1 A cloud consumer (Organization A) interacts with a cloud service from a cloud provider
(that owns Cloud A). Within Organization A, the cloud service consumer is being used to
access the cloud service.
 Cloud Service Owner
 The person or organization that legally owns a cloud service is called a cloud
service owner.

Figure 4.2 A cloud consumer can be a cloud service owner when it deploys its own service in a cloud.
Cloud Service Owner (cont..)

Figure 4.3 A cloud provider becomes a cloud service owner if it deploys its own cloud service,
typically for other cloud consumers to use.
 Cloud Resource Administrator
 A cloud resource administrator is the person or organization responsible for
administering a cloud-based IT resource (including cloud services).

Figure 4.4 A cloud resource administrator can be with a cloud consumer organization and administer
remotely accessible IT resources that belong to the cloud consumer.
Cloud Resource Administrator
 cloud resource administrator can be (or belong to) the cloud consumer or
cloud provider of the cloud within which the cloud service resides.

Figure 4.5 A cloud resource administrator can be with a cloud provider organization for which it can
administer the cloud provider’s internally and externally available IT resources.
Organizational Boundary
 An organizational boundary represents the physical perimeter that surrounds a
set of IT resources that are owned and governed by an organization.

Figure 4.6 Organizational boundaries of a cloud consumer (left), and a cloud provider (right),
represented by a broken line notation.
 Trust Boundary
 A trust boundary is a logical perimeter that typically spans beyond physical
boundaries to represent the extent to which IT resources are trusted

Figure 4.7 An extended trust boundary encompasses the organizational boundaries of the cloud provider
and the cloud consumer.
4.2. Cloud Characteristics
 Six specific characteristics are common to the
majority of cloud environments:
 on-demand usage
 ubiquitous access
 multitenancy (and resource pooling)
 elasticity
 measured usage
 Resiliency (NIST is excluded)
On-Demand Usage
 A cloud consumer can unilaterally access cloud-based IT resources giving the
cloud consumer the freedom to self-provision these IT resources or on-
demand usage.

Ubiquitous Access
 Ubiquitous access represents the ability for a cloud service to be widely
accessible.
 Establishing ubiquitous access for a cloud service can require support for a
range of devices, transport protocols, interfaces, and security technologies.
Multitenancy
 Characteristic of a software
program that enables an
instance of the program to
serve different consumers
(tenants) whereby each is
isolated from the other, is
referred to as multitenancy.

Figure 4.8 In a single-tenant

environment, each cloud consumer
has a separate IT resource instance.
Multitenancy (cont..)
 Multitenancy allows
several cloud consumers
to use the same IT
resource or its instance
while each remains
unaware that it may be
used by others.

Figure 4.9 In a multitenant environment, a

single instance of an IT resource, such as a
cloud storage device, serves multiple
consumers.
Elasticity
 Elasticity is the automated ability of a cloud to transparently scale IT
resources, as required in response to runtime conditions or as pre-determined
by the cloud consumer or cloud provider.
 Elasticity is often considered a core justification for the adoption of cloud
computing.

Measured Usage
 measured usage characteristic represents the ability of a cloud platform to
keep track of the usage of its IT resources, primarily by cloud consumers.
 Can charge a cloud consumer only for the IT resources actually used and/or
for the timeframe during which access to the IT resources was granted.
 is closely related to the on-demand characteristic.
 Measured usage is not limited to tracking statistics for billing purposes. It also
encompasses the general monitoring of IT resources and related usage
reporting
 Resiliency
 Resilient
computing is a
form of failover
that distributes
redundant
implementations
of IT resources
across physical
locations.
 resiliency can
refer to redundant
IT resources within
the same cloud
(but in different
physical locations)
or across multiple
clouds. Figure 4.10 A resilient system in which Cloud B hosts a redundant implementation of
Cloud Service A to provide failover in case Cloud Service A on Cloud A becomes
unavailable.
4.3. Cloud Delivery Models
 A cloud delivery model represents a specific, pre-packaged combination of IT
resources offered by a cloud provider.
 Three common cloud delivery models have become widely established and
formalized:
 Infrastructure-as-a-Service (IaaS)
 Platform-as-a-Service (PaaS)
 Software-as-a-Service (SaaS)
Note:
 Many specialized variations of the three base cloud delivery models have
emerged, each comprised of a distinct combination of IT resources. Some
examples include:
 Storage-as-a-Service
 Database-as-a-Service
 Security-as-a-Service
 Communication-as-a-Service
 Integration-as-a-Service
 Testing-as-a-Service
 Process-as-a-Service
Infrastructure-as-a-Service (IaaS)
 IaaS delivery model represents a self-contained IT environment comprised of
infrastructure-centric IT resources that can be accessed and managed via
cloud service-based interfaces and tools.
 Can include hardware, network, connectivity, operating systems, and other
“raw” IT resources.
 Are typically virtualized and packaged into bundles that simplify up-front
runtime scaling and customization of the infrastructure.
 General purpose of an IaaS environment is to provide cloud consumers with a
high level of control and responsibility over its configuration and utilization.
 Used by cloud consumers that require a high level of control over the cloud-
based environment they intend to create.
 IaaS environments are generally offered as freshly initialized virtual instances.
 A central and primary IT resource within a typical IaaS environment is the
virtual server.
 Virtual servers are leased by specifying server hardware requirements, such
as processor capacity, memory, and local storage space.
 Infrastructure(hardware)-as-a-Service (IaaS)

Figure 4.11 A cloud consumer is using a virtual server within an IaaS environment. Cloud consumers are
provided with a range of contractual guarantees by the cloud provider, pertaining to characteristics
such as capacity, performance, and availability.
Platform-as-a-Service (PaaS)
 PaaS delivery model represents a pre-defined “ready-to-use” environment
typically comprised of already deployed and configured IT resources.
 Common reasons a cloud consumer would use and invest in a PaaS
environment include:
 The cloud consumer wants to extend on-premise environments into the cloud for
scalability and economic purposes.
 The cloud consumer uses the ready-made environment to entirely substitute an on-
premise environment.
 The cloud consumer wants to become a cloud provider and deploys its own cloud
services to be made available to other external cloud consumers.
 By working within a ready-made platform, the cloud consumer is spared the
administrative burden of setting up and maintaining the bare infrastructure IT
resources provided via the IaaS model.
 The cloud consumer is granted a lower level of control over the underlying IT
resources that host and provision the platform.
 PaaS products are available with different development stacks. For example,
Google App Engine offers a Java and Python-based environment.
 Platform-as-a-Service (PaaS)
Figure 4.12 A cloud
consumer is
accessing a ready-
made PaaS
environment. The
question mark
indicates that the
cloud consumer is
intentionally shielded
from the
implementation
details of the
platform.
Software-as-a-Service (SaaS)
 A software program positioned as a shared cloud service and made available
as a “product” or generic utility represents the typical profile of a SaaS
offering.
 The SaaS delivery model is typically used to make a reusable cloud service
widely available (often commercially) to a range of cloud consumers.
 A cloud consumer is generally granted very limited administrative control over
a SaaS implementation.
Software-as-a-Service (SaaS)

Figure 4.13 The cloud service consumer is given access the cloud service contract, but not to any
underlying IT resources or implementation details.
Comparing Cloud Delivery Models
Comparing Cloud Delivery Models
 Combining Cloud Delivery Models

IaaS + PaaS

Figure 4.14 A PaaS

environment based on
the IT resources
provided by an
underlying IaaS
environment.
 Combining Cloud Delivery Models

IaaS + PaaS

Cloud provider offering the PaaS

environment chose to lease an IaaS
environment from a different cloud
provider.

Figure 4.15 An example of a contract between Cloud Providers

X and Y, in which services offered by Cloud Provider X are
physically hosted on virtual servers belonging to Cloud
Provider Y. Sensitive data that is legally required to stay in a
specific region is physically kept in Cloud B, which is
physically located in that region.
 Combining Cloud Delivery Models
IaaS + PaaS + SaaS

Ready-made environment
provided by the PaaS
environment can be used by the
cloud consumer organization to
develop and deploy its own
SaaS cloud services that it can
then make available as
commercial products

Figure 4.16 A simple layered view of an

architecture comprised of IaaS and PaaS
environments hosting three SaaS cloud service
implementations.
4.4. Cloud Deployment Models
 A cloud deployment model represents a specific type of cloud environment,
primarily distinguished by ownership, size, and access.
 There are four common cloud deployment models:
 Public cloud
 Community cloud
 Private cloud
 Hybrid cloud
Public Clouds
 A public cloud is a
publicly accessible
cloud environment
owned by a third-
party cloud provider.
The IT resources on
public clouds are
usually provisioned
Figure 4.17
via the previously Organizations
described cloud act as cloud
delivery models and consumers
are generally offered when
accessing
to cloud consumers cloud services
at a cost or are and IT
commercialized via resources
made available
other avenues (such by different
as advertisement). cloud
providers.
Community Clouds
 A community cloud is
similar to a public
cloud except that its
access is limited to a
specific community of
cloud consumers.

Figure 4.18 An example of a

“community” of organizations
accessing IT resources from a
community cloud.
Private Clouds
 A private cloud is owned
by a single organization.
Private clouds enable an
organization to use cloud
computing technology as
a means of centralizing
access to IT resources
by different parts,
locations, or departments
of the organization.
 Who would manage?
 is “on-premises or cloud-
based? Figure 4.19 A cloud service consumer in
the organization’s on-premise
environment accesses a cloud service
hosted on the same organization’s private
cloud via a virtual private network.
Hybrid Clouds
 A hybrid cloud is a cloud
environment comprised of
two or more different cloud
deployment models.

Figure 4.20 An organization using a hybrid

cloud architecture that utilizes both a private
and public cloud.
Other Cloud Deployment Models
 Additional variations of the four base cloud deployment
models can exist. Examples include:
 Virtual Private Cloud – Also known as a “dedicated cloud” or
“hosted cloud,” this model results in a self-contained cloud
environment hosted and managed by a public cloud provider, and
made available to a cloud consumer.
 Inter-Cloud – This model is based on an architecture comprised of
two or more inter-connected clouds.
Summary
 Common roles associated with cloud-based interaction and relationships
include the cloud provider, cloud consumer, cloud service owner, and cloud
resource administrator.
 An organizational boundary represents the physical scope of IT resources
owned and governed by an organization. A trust boundary is the logical
perimeter that encompasses the IT resources trusted by an organization.
 On-demand usage is the ability of a cloud consumer to self-provision and use
necessary cloud-based services without requiring cloud provider interaction.
This characteristic is related to measured usage, which represents the ability
of a cloud to measure the usage of its IT resources.
 Ubiquitous access allows cloud-based services to be accessed by diverse
cloud service consumers, while multitenancy is the ability of a single instance
of an IT resource to transparently serve multiple cloud consumers
simultaneously.
 The elasticity characteristic represents the ability of a cloud to transparently
and automatically scale IT resources out or in. Resiliency pertains to a cloud’s
inherent failover features.
Summary (cont..)
 The IaaS cloud delivery model offers cloud consumers a high level of
administrative control over “raw” infrastructure-based IT resources.
 The PaaS cloud delivery model enables a cloud provider to offer a pre-
configured environment that cloud consumers can use to build and deploy
cloud services and solutions, albeit with decreased administrative control.
 SaaS is a cloud delivery model for shared cloud services that can be
positioned as commercialized products hosted by clouds.
 Different combinations of IaaS, PaaS, and SaaS are possible, depending on
how cloud consumers and cloud providers choose to leverage the natural
hierarchy established by these base cloud delivery models.
Summary (cont..)
 A public cloud is owned by a third party and generally offers commercialized
cloud services and IT resources to cloud consumer organizations.
 A private cloud is owned by an individual organization and resides within the
organization’s premises.
 A community cloud is normally limited for access by a group of cloud
consumers that may also share responsibility in its ownership.
 A hybrid cloud is a combination of two or more other cloud deployment
models.