Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

Business Report

Cloud Computing Defined

A primer on key terms in Business Impact this month.

To bring some order to the fuzzy world of cloud computing, the U.S. government’s National Institute of Standards and Technology has created a standard definition and a Cloud Computing Reference Architecture. Both are in the form of “Special Publications,” which are not official U.S. government standards but are designed to provide guidance to specific communities of practitioners and researchers.

The NIST Definition of Cloud Computing, currently in draft form, is based on NIST-sponsored workshops and public comments. The single definition helps ensure that government workers, industry, and other groups are talking about the same thing when they use the same words.

The draft document defines cloud computing as “a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”

The definition specifies five “essential” characteristics of cloud computing: self-service; accessibility from desktops, laptops, and mobile phones; resources that are pooled among multiple users and applications; elastic resources that can be rapidly reapportioned as needed; and measured service. These characteristics combine to make cloud computing a kind of infrastructure or utility. It’s not cloud computing when a company rents a specific computer in a rack at a facility that happens to be in Denver; it is cloud computing when a company rents a virtual host generated by machines that might physically reside in Denver, Atlanta, or New York.

NIST defines three “service models,” or types of service, that a cloud provider might sell.

Infrastructure as a Service (IaaS) is the most basic. Customers can buy processing, storage, and network services (typically using a Web-based self-service tool) and then build their own systems on top of this infrastructure. Two of the best known IaaS providers are Amazon and Rackspace. While customers have the illusion that they are renting specific servers, hard drives, and network switches, this equipment is in fact simulated by virtualization software, allowing multiple customers to be served by the same physical device.

Platform as a Service (PaaS) is one step up: vendors provide preconfigured computers running operating systems and applications. Amazon is a player here too, with a variety of highly specialized offerings that provide scalable databases, message queues, Web-accessible storage, and the “Mechanical Turk” system for organizing human computation. The Google App Engine, a system for high-performance computing, is another example. Microsoft is also a supplier: its Azure service provides preconfigured computers running Windows and SQL Server. All of these are elastic pay-as-you-go services. For example, you can tell Microsoft you want a “small” computer (one-gigahertz CPU, 1.75 gigabytes of RAM) and a 10-gigabyte SQL database. Your cost is $190 per month. Likewise, many Web hosting providers now sell “virtual private servers” priced at $17 to $400 per month or more.

Software as a Service (SaaS) is at the top of the cloud computing stack. Here the cloud providers have created full applications running on server farms that may themselves be geographically distributed. Although Salesforce.com has long been held up as the premier SaaS provider, Facebook, Flickr, eBay, Yahoo Stores, Amazon Marketplace, the backup-storage provider Carbonite, and even the financial assistant Mint.com offer SaaS as well.

Cloud computing does not require making your data available on the public Internet. If your data is too sensitive or valuable for that—and if you’ve got a lot of money and trained staff—your organization might be a good candidate for what NIST calls the private cloud deployment model, in which an organization operates a cloud strictly for its own use. A private cloud lets an organization benefit from the flexibility of cloud technology so that it can use its equipment more efficiently, but without the risk that other users of the cloud could snoop on its data.

The community cloud, yet another model, is a private cloud that’s shared by several organizations and typically supports a specific requirement. For example, a group of health-care organizations might create a community cloud to hold patient medical and billing records.

A public cloud is a system that’s owned by the cloud provider and made available to the general public. Facebook and Google fall into this category.

Last is NIST’s hybrid cloud model, in which multiple cloud systems are connected in a way that allows programs and data to be moved easily from one deployment system to another. For example, a company might develop its system on Amazon’s IaaS but then run one version on Amazon for public data and a second on a private cloud for its sensitive information.

Become an MIT Technology Review Insider for in-depth analysis and unparalleled perspective.

Subscribe today

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

More from Business Impact
Business in the Cloud

How technology advances are changing the economy and providing new opportunities in many industries.

Want more award-winning journalism? Subscribe and become an Insider.
  • Insider Plus {! insider.prices.plus !}* Best Value

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus the digital magazine, extensive archive, ad-free web experience, and discounts to partner offerings and MIT Technology Review events.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Bimonthly print magazine (6 issues per year)

    Bimonthly digital/PDF edition

    Access to the magazine PDF archive—thousands of articles going back to 1899 at your fingertips

    Special interest publications

    Discount to MIT Technology Review events

    Special discounts to select partner offerings

    Ad-free web experience

  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning print magazine, unlimited online access plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Bimonthly print magazine (6 issues per year)

  • Insider Online Only {! insider.prices.online !}*

    {! insider.display.menuOptionsLabel !}

    Unlimited online access including articles and video, plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.