EN

Cloud-Computing Basics

WHAT IS CLOUD COMPUTING?

To date, no definition of the term cloud computing has been able to establish itself as generally valid. In publications or lectures, definitions are often used that are mostly similar, but that vary time and again. One definition that is mostly used in expert circles is the definition of the US American standardisation body NIST (National Institute of Standards and Technology), which is also used by ENISA (European Network and Information Security Agency):
“Cloud computing is a model that allows you to conveniently access a shared pool of configurable computing resources (e.g., networks, servers, storage systems, applications, and services) over a network, anytime, anywhere, as needed, that can be made available quickly and with minimal management effort or service provider interaction.

FEATURES OF A CLOUD SERVICE

  • On-demand Self Service: The provisioning of resources (e.g. computing power, storage) runs automatically without interaction with the service provider.
  • Broad Network Access: The services are available via the network using standard mechanisms and are not bound to a specific client.
  • Resource Pooling: The provider’s resources are available in a pool from which many users can access them (multi-tenant model). The users do not know where the resources are located, but they can contractually specify the storage location, e.g. region, country or data center.
  • Rapid Elasticity: The services can be provided quickly and elastically, in some cases automatically. From the user’s point of view, the resources seem to be infinite.
  • Measured Services: Resource usage can be measured and monitored, and measured and made available to cloud users.

This definition reflects the vision of cloud computing, but it should not be overdogged. For example, the ubiquitous availability of private clouds may not even be sought. After the Cloud Security Alliance (CSA), cloud computing has the following characteristics in addition to the elasticity and self-service mentioned above:

  • Service-oriented architecture (SOA) is one of the basic requirements for cloud computing. Cloud services are usually offered via a so-called REST API.
  • In a cloud environment, many users share common resources, which must therefore be multi-client capable.
  • Only those resources are paid for that have actually been used (pay per use model), whereby there may also be flat rate models.

DEFINITION OF TERMS

In order to have a uniform basis for all future work around Cloud Computing, the BSI has established the following definition for the term “Cloud Computing”:

Cloud computing refers to the dynamic provision, use and billing of IT services via a network, adapted to demand. These services are offered and used exclusively via defined technical interfaces and protocols. The range of services offered as part of cloud computing covers the entire spectrum of information technology and includes infrastructure (e.g. computing power, storage space), platforms and software. What distinguishes a public cloud from a private cloud?

NIST distinguishes four deployment models:

  • In a private cloud, the cloud infrastructure is only operated for one institution. It can be organized and managed by the institution itself or by a third party and can be located in the data center of the institution itself or a foreign institution.
  • A public cloud is defined as a service that can be used by the general public or a large group, such as an entire industrial sector, and that is provided by a single provider.
  • In a community cloud, the infrastructure is shared by several institutions with similar interests. Such a cloud can be operated by one of these institutions or a third party.
  • If several cloud infrastructures, which are independent for themselves, are shared via standardized interfaces, this is called hybrid cloud.

However, the above mentioned definitions do not cover all variants of cloud offerings, which leads to further definitions such as “Virtual Private Cloud”, etc..

WHAT DIFFERENT SERVICE MODELS ARE OFFERED IN CLOUD COMPUTING?

Basically, three different categories of service models can be distinguished:

  • Infrastructure as a Service (IaaS): With IaaS, IT resources such as computing power, data storage or networks are offered as a service. A cloud customer buys these virtualized and highly standardized services and builds on them his own services for internal or external use. For example, a cloud customer can rent computing power, memory and data storage and run an operating system with applications of his choice on them.
  • Platform as a Service (PaaS): A PaaS provider provides a complete infrastructure and offers the customer standardized interfaces on the platform that are used by the customer’s services. For example, the platform can provide multi-client capability, scalability, access control, database access, etc. as a service. The customer has no access to the underlying layers (operating system, hardware), but can run his own applications on the platform, for the development of which the CSP usually offers his own tools.
  • Software as a Service (SaaS): All offers of applications that meet the criteria of cloud computing fall into this category. There are no limits to the range of offers. Examples are contact data management, financial accounting, word processing or collaboration applications.

THE TERM “AS A SERVICE”

The term “as a service” is still used for a multitude of further offers, such as for example Security as a Service, BP as a Service (Business Process), Storage as a Service, so that frequently also from “XaaS” one talks, thus “something as a service”. Most of these offers can at least roughly be assigned to one of the above categories. The service models also differ in the influence of the customer on the security of the services offered. With IaaS, the customer has full control over the IT system from the operating system upwards, since everything is operated within his area of responsibility, with PaaS he only has control over his applications running on the platform, and with SaaS he hands over practically all control to the CSP.

WHAT IS THE DIFFERENCE BETWEEN CLOUD COMPUTING AND CLASSIC IT OUTSOURCING?

Outsourcing involves outsourcing all or part of an institution’s work, production or business processes to external service providers. This is an established part of today’s organizational strategies. Classic IT outsourcing is usually designed in such a way that the entire leased infrastructure is used exclusively by one customer (single-tenant architecture), even if outsourcing providers normally have several customers. In addition, outsourcing contracts are usually concluded for longer terms.
The use of cloud services is in many ways similar to classic outsourcing, but there are also some differences that need to be taken into account:

  • For economic reasons, several users share a common infrastructure in a cloud.
  • Cloud services are dynamic and therefore scalable up and down within much shorter periods of time. This allows cloud-based offerings to be more rapidly adapted to the actual needs of the customer.
  • The cloud services used are usually controlled by the cloud user himself via a web interface. In this way, the user can automatically tailor the services used to his needs.
  • The techniques used in cloud computing make it possible to dynamically distribute IT performance across multiple locations, which can be geographically dispersed (both at home and abroad).

The customer can easily administer the services used and his resources via web interfaces or suitable interfaces, whereby little interaction with the provider is required.

Source: Bundesamt für Sicherheit in der Informationstechnik (Federal Office for Information Security in Germany).