Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

Business Report

Cloud Computing Defined

A primer on key terms in Business Impact this month.

To bring some order to the fuzzy world of cloud computing, the U.S. government’s National Institute of Standards and Technology has created a standard definition and a Cloud Computing Reference Architecture. Both are in the form of “Special Publications,” which are not official U.S. government standards but are designed to provide guidance to specific communities of practitioners and researchers.

The NIST Definition of Cloud Computing, currently in draft form, is based on NIST-sponsored workshops and public comments. The single definition helps ensure that government workers, industry, and other groups are talking about the same thing when they use the same words.

The draft document defines cloud computing as “a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”

The definition specifies five “essential” characteristics of cloud computing: self-service; accessibility from desktops, laptops, and mobile phones; resources that are pooled among multiple users and applications; elastic resources that can be rapidly reapportioned as needed; and measured service. These characteristics combine to make cloud computing a kind of infrastructure or utility. It’s not cloud computing when a company rents a specific computer in a rack at a facility that happens to be in Denver; it is cloud computing when a company rents a virtual host generated by machines that might physically reside in Denver, Atlanta, or New York.

NIST defines three “service models,” or types of service, that a cloud provider might sell.

Infrastructure as a Service (IaaS) is the most basic. Customers can buy processing, storage, and network services (typically using a Web-based self-service tool) and then build their own systems on top of this infrastructure. Two of the best known IaaS providers are Amazon and Rackspace. While customers have the illusion that they are renting specific servers, hard drives, and network switches, this equipment is in fact simulated by virtualization software, allowing multiple customers to be served by the same physical device.

Platform as a Service (PaaS) is one step up: vendors provide preconfigured computers running operating systems and applications. Amazon is a player here too, with a variety of highly specialized offerings that provide scalable databases, message queues, Web-accessible storage, and the “Mechanical Turk” system for organizing human computation. The Google App Engine, a system for high-performance computing, is another example. Microsoft is also a supplier: its Azure service provides preconfigured computers running Windows and SQL Server. All of these are elastic pay-as-you-go services. For example, you can tell Microsoft you want a “small” computer (one-gigahertz CPU, 1.75 gigabytes of RAM) and a 10-gigabyte SQL database. Your cost is $190 per month. Likewise, many Web hosting providers now sell “virtual private servers” priced at $17 to $400 per month or more.

Software as a Service (SaaS) is at the top of the cloud computing stack. Here the cloud providers have created full applications running on server farms that may themselves be geographically distributed. Although Salesforce.com has long been held up as the premier SaaS provider, Facebook, Flickr, eBay, Yahoo Stores, Amazon Marketplace, the backup-storage provider Carbonite, and even the financial assistant Mint.com offer SaaS as well.

Cloud computing does not require making your data available on the public Internet. If your data is too sensitive or valuable for that—and if you’ve got a lot of money and trained staff—your organization might be a good candidate for what NIST calls the private cloud deployment model, in which an organization operates a cloud strictly for its own use. A private cloud lets an organization benefit from the flexibility of cloud technology so that it can use its equipment more efficiently, but without the risk that other users of the cloud could snoop on its data.

The community cloud, yet another model, is a private cloud that’s shared by several organizations and typically supports a specific requirement. For example, a group of health-care organizations might create a community cloud to hold patient medical and billing records.

A public cloud is a system that’s owned by the cloud provider and made available to the general public. Facebook and Google fall into this category.

Last is NIST’s hybrid cloud model, in which multiple cloud systems are connected in a way that allows programs and data to be moved easily from one deployment system to another. For example, a company might develop its system on Amazon’s IaaS but then run one version on Amazon for public data and a second on a private cloud for its sensitive information.

The latest Insider Conversation is live! Listen to the story behind the story.

Subscribe today
Already a Premium subscriber? Log in.
Next in this Business Report
Business in the Cloud

Treating computing as a utility, like electricity, is an old idea. But now it makes financial sense—a historic shift that explains why cloud computing is reshaping the economics of IT. Even startup companies and consumers now can access massive amounts of computing power. The cloud is also raising new questions about privacy and security.

Want more award-winning journalism? Subscribe and become an Insider.
  • Insider Plus {! insider.prices.plus !}* Best Value

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus the digital magazine, extensive archive, ad-free web experience, and discounts to partner offerings and MIT Technology Review events.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Bimonthly print magazine (6 issues per year)

    Bimonthly digital/PDF edition

    Access to the magazine PDF archive—thousands of articles going back to 1899 at your fingertips

    Special interest publications

    Discount to MIT Technology Review events

    Special discounts to select partner offerings

    Ad-free web experience

  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning print magazine, unlimited online access plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Bimonthly print magazine (6 issues per year)

  • Insider Online Only {! insider.prices.online !}*

    {! insider.display.menuOptionsLabel !}

    Unlimited online access including articles and video, plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

/3
You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.