What is Cloud Computing?
Recently (i.e. on Saturday 26th October) I talked about Current State and Future of Cloud Computing in China in barcamp SHANGHAI. In my talk I covered:
- What is cloud computing?
- What is cloud computing officially in China?
- Current state and market analysis of cloud computing in China
- Regulatory framework for cloud computing in China
- Factors affecting cloud computing in China
- Future of cloud computing in China
If you check companies in US Stock Exchange be it in Internet and Information Technology sector or not, you will notice many are adding Cloud Computing in their portfolio of products or services to drive higher valuation or sales. Its not far-fetched when you will be able to buy a Cloud Toilet, like UK local authorities operate cloud-connected toilets which is helping them driving down costs while increasing quality. So it becomes imperative to understand what is really Cloud Computing.
In the beginning of the talk I asked audiences a question “What is cloud computing?” and I received variety of answers some said it means apple iCloud, Google Cloud, Baidu Cloud while one answered its a service like Water Supply in the city where everyone pays based on water usage. So indeed there were many different answers to the question. So before going into details and analyzing Cloud Computing, I set up a baseline of what is the meaning of cloud computing. In this article I will discuss the same.
Cloud Computing Definition 
After evaluating many definition, I settled on one from National Institute of Standards and Technology  (hereafter called NIST), which in my view is the most complete and logical definition of cloud computing.
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models.
- On-Demand self service
A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider.
- Broad network access
Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops, and workstations).
- Resource pooling
The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or datacenter). Examples of resources include storage, processing, memory, and network bandwidth.
- Rapid elasticity
Capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be appropriated in any quantity at any time.
- Measured service
Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, active user accounts). Resource usage can be monitored, controlled, audited, and reported, providing transparency for both the provider and consumer of the utilized service.
So in essence if any company calls its products, solutions and service as cloud computing it should be able to fulfill the above five criterias.
- Software as a Service (SaaS)
The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser (e.g., web-based email) or a program interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user- specific application configuration settings.
- Platform as a Service (PaaS)
The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools supported by the provider.12 The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application-hosting environment.
- Infrastructure as a Service (IaaS)
The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, and deployed applications, and possibly limited control of select networking components (e.g., host firewalls).
So Cloud Computing can be delivered in any one or combination of these models, the only pre-requisite is to have the five essential characteristics explained earlier.
- Community cloud
The cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them, and it may exist on or off premises.
- Public cloud
The cloud infrastructure is provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider.
- Private cloud
The cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units). It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises.
- Hybrid cloud
The cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds).
Again the litmus test for calling any of the deployments as Cloud Computing are the five essential characteristics in earlier section.
Cloud Computing Reference Architecture 
Cloud Computing definition provides a clear understanding of what it is and to further clarify details NIST also provide a referene architecture. This reference architecture is a generic high-level conceptual model for discussing the requirements, structures, and operations of cloud computing. The model is not tied to any specific vendor products, services, or reference implementation, nor does it define prescriptive solutions that inhibit innovation. It defines a set of actors, activities, and functions that can be used in the process of developing cloud computing architectures, and relates to a companion cloud computing taxonomy. It contains a set of views and descriptions that are the basis for discussing the characteristics, uses, and standards for cloud computing.
Above cloud computing reference architecture defines five major actors: cloud consumer, cloud provider, cloud auditor, cloud broker and cloud carrier where each actor is an entity (a person or an organization that participate in a transaction or process and/or performs tasks in cloud computing. It also includes architectural elements of cloud computing.
Actors in Cloud Computing
Cloud Computing reference architecture defines five major actors:
|Cloud Consumer||A person or organization that maintains a business relationship with, and uses service from, Cloud Providers.|
|Cloud Provider||A person, organization, or entity responsible for making a service available to interested parties.|
|Cloud Auditor||A party that can conduct independent assessment of cloud services, information system operations, performance and security of the cloud implementation.|
|Cloud Broker||An entity that manages the use, performance and delivery of cloud services, and negotiates relationships between Cloud Providers and Cloud Consumers.|
|Cloud Carrier||An intermediary that provides connectivity and transport of cloud services from Cloud Providers to Cloud Consumers.|
The cloud consumer is the principal stakeholder for the cloud computing service. A cloud consumer represents a person or organization that maintains a business relationship with, and uses the service from a cloud provider. A cloud consumer browses the service catalog from a cloud provider, requests the appropriate service, sets up service contracts with the cloud provider, and uses the service. The cloud consumer may be billed for the service provisioned, and needs to arrange payments accordingly.
Cloud consumers need SLAs to specify the technical performance requirements fulfilled by a cloud provider. SLAs can cover terms regarding the quality of service, security, remedies for performance failures. A cloud provider may also list in the SLAs a set of promises explicitly not made to consumers, i.e. limitations, and obligations that cloud consumers must accept. A cloud consumer can freely choose a cloud provider with better pricing and more favorable terms.
A cloud provider can be a person, an organization, or an entity responsible for making a service available to cloud consumers. A cloud provider builds the requested software/platform/ infrastructure services, manages the technical infrastructure required for providing the services, provisions the services at agreed-upon service levels, and protects the security and privacy of the services. Cloud provider conducts its activities in the areas of service deployment, service orchestration, cloud service management, security, and privacy.
A cloud auditor is a party that can conduct independent assessment of cloud services, information system operations, performance, and the security of a cloud computing implementation. A cloud auditor can evaluate the services provided by a cloud provider in terms of security controls, privacy impact, performance, and adherence to service level agreement parameters.
A cloud broker is an entity that manages the use, performance, and delivery of cloud services, and negotiates relationships between cloud providers and cloud consumers. As cloud computing evolves, the integration of cloud services may become too complex for cloud consumers to manage. In such cases cloud broker can provide services in following three categories directly to cloud consumers with single consistent interface to multiple different providers.
Cloud broker enhances a given service by improving some specific capability and providing value-added services to cloud Consumers. The improvement can be managing access to cloud services, identity management, performance reporting, enhanced security, etc.
Cloud broker combines and integrates multiple services into one or more new services. The broker provides data integration and ensures the secure data movement between the cloud consumer and multiple cloud providers.
Service arbitrage is similar to service aggregation except that the services being aggregated are not fixed. Service arbitrage means a broker has the flexibility to choose services from multiple cloud providers. The cloud broker, for example, can use network latency of cloud provider to select a cloud provider with lowest network latency.
A cloud carrier is an intermediary that provides connectivity and transport of cloud services between cloud consumers and cloud providers. Cloud carriers provide access to cloud consumers through network, telecommunication, and other access devices. Like cloud consumers can access cloud computing from cloud providers through network access devices, like computers, laptops, mobile phones, tablets, internet connected devices like in-car navigation, smart toilets etc. The distribution of cloud services is normally provided by network and telecommunication carriers or a transport agent, where a transport agent refers to a business organization that provides physical transport of storage media such as high-capacity hard drives. Note that a cloud provider will set up service level agreements (SLAs) with a cloud carrier to provide services consistent with the level of SLAs offered to cloud consumers, and may require the cloud carrier to provide dedicated and encrypted connections between cloud consumers and cloud providers.
According to cloud computing reference architecture following are the main architectural components:
This is covered in Service Models sections and can be public, private, community and hybrid.
Service Orchestration refers to the composition of system components to support the Cloud Providers activities in arrangement, coordination and management of computing resources in order to provide cloud services to Cloud Consumers. It consist of three layers; service layer, resource abstraction and control layer and physical resource layer as visible in Cloud Computing Reference Architecture figure above.
Cloud Service Management
Cloud Service Management includes all of the service-related functions that are necessary for the management and operation of those services required by cloud consumers. As illustrated in Cloud Computing Reference Architecture above, cloud service management can be described from the perspective of business support, provisioning and configuration, and from the perspective of portability and interoperability requirements.
Cloud Computing systems need to address security requirements such as authentication, authorization, availability, confidentiality, identity management, integrity, audit, security monitoring, incident response, and security policy management. Security in cloud computing spans across all layers of the reference model, ranging from physical security to application security. Also security is under purview of not only cloud providers, but also cloud consumer, cloud carrier, cloud broker (if they are involved). Its the responsibility of cloud auditor to audit and report security of cloud computing architecture and actors involved.
Cloud providers should protect the assured, proper, and consistent collection, processing, communication, use and disposition of personal information and personally identifiable information in the cloud. Its also the responsibility of cloud auditor to audit and report privacy in cloud computing architecture and actors involved.
So in essence Cloud Computing refers to the delivery of scalable IT resources over Internet, such as storage, compute, networking with security and privacy. Cloud computing enables end users to “rent” and remotely access resources from cloud providers on a pay-per-use basis, resulting in both improved system scalability and cost savings. This transition to the cloud may be self-reinforcing; as businesses discover cost benefits in moving some or their entire IT infrastructure to cloud platforms, economies of scale should allow cloud computing prices to decline further still, which in turn will attract new providers and cloud computing solutions into the market. Beyond the financial incentive to use cloud services to address current IT needs, the availability of low-cost distributed High Performance Computing (HPC) may open up new avenues of business, enabling companies that would not be able to afford traditional physical supercomputing infrastructure to tap into those services whenever necessary. Also cloud computing by automating many tasks and reducing costs can bring efficiency in building scalable applications, services and products which will enable Startups to disrupt the traditional business models.
This article serves as foundation for my next article for covering next topic from the talk on Current State and Future of Cloud Computing in China.
|||(1, 2) The NIST Definition of Cloud Computing|
|||NIST Cloud Computing Reference Architecture|