The “National Institute of Standards and Technology” or NIST definition which states, “cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”

Essential Characteristics

The NIST definition lists five “essential characteristics” of cloud computing

• On-demand self-service: The customer can easily manage their own services without the help of their IT department or a hosting provider. Self-service is attainable by leveraging virtual computing capabilities, such as servers, network storage, as needed automatically without requiring human interaction with each service provider.
• Broad network access: Cloud services are accessible via normal broadband networking technologies and the various user platforms. These platforms could include cell phones, desktop computers, laptops and tablets.
• Resource pooling: Services that are running in a datacenter are using a shared infrastructure with multiple other customers.
• Rapid elasticity or expansion: Capacity of the cloud services can be easily adjusted to the demand. The services can be scaled up and down as demand changes depending on the user utilization of the available resources. In other words, the users’ virtualized environments and resources expand and shrink with demand. This gives the user the virtualized sense of unlimited resources available when needed.
• Measured service: Capacity of the cloud services are optimized for customer usage and its usage is reported on a regular basis. This is attainable such that utilization is measured as a per use model. The usage could encompass the different levels of the resources available from compute, storage, or bandwidth. Also, this could be split up as per user or department, which gives the cloud customer a better perspective of their business needs.

Service Models

NIST also lists three “service models” which define the services that are being offered in the cloud

• Software as a Service or SaaS: The software is running in the provider’s datacenter and also managed by the provider. Microsoft Office 365, Salesforce.com, Google’s G-Suite are well-known examples of a SaaS solutions.
• Platform as a Service or PaaS: The server is running in the provider’s datacenter and fully managed by the service provider. PaaS solutions offer a complete development and deployment environment in the cloud, with resources that enable customers to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications. The customers typically purchase the resources they need from a cloud service provider on a pay-as-you-go basis and access them over a secure Internet connection. The customer however is managing the applications running on the server and for the data stored on the server.
• Infrastructure as a Service or IaaS: The server is running in the provider’s datacenter, but is fully managed by the customer. Everything running on this server is the customer’s responsibility: This includes the operating system (which can be any operating system), the applications running on this operating system and the data stored on the server.

This categorization of these services is not meant to define a common standard but are intended more as a general guideline to get everyone on the same page. It is worthwhile to note that there’s always overlap between the service models.

Deployment Models

NIST also defines four “deployment models”, which essential defines how and where the cloud infrastructure is built

• Private Cloud: The cloud infrastructure dedicated for only one customer. A private cloud can be located in the customer’s own datacenter or computer room but it can also be hosted in a service provider’s datacenter. A private cloud can be managed by the customer, by the hosting provider or by a 3rd party.

• Public Cloud: The cloud service provider makes resources, such as applications and storage, available to the general public over the Internet. Public cloud services may be free or offered on a pay-per-use utility based model.

• Community Cloud: A shared cloud computing service environment that is targeted to a limited set of organizations or employees (such as banks or heads of trading firms). The organizing principle for the community will vary, but the members of the community generally share similar security, privacy, performance and compliance requirements. Community members may wish to invoke a mechanism that is often run by them (not just the provider) to review those seeking entry into the community.

• Hybrid Cloud: It is a combination of the three above mentioned cloud infrastructures. Hybrid cloud computing refers to policy-based and coordinated service provisioning, use and management across a mixture of internal and external cloud services. For example, leveraging cost effective public cloud resources for testing and development environments, while using private cloud resources for mission critical workloads.

Together these models categorize ways to deliver cloud services. The definition is intended to make it easier to compare cloud services and deployment strategies. It also provides a baseline for discussion about cloud computing and how to best use cloud computing.