Customer Portal

Cloud Computing

Cloud ComputingA few years ago, "cloud computing" was inherently thought of as being public, and the focus for many IT organizations included providing software applications (as well as providing innovative ideas for the emerging cloud technologies) that could make use of that new model for delivery and consumption of services and resources. As security concerns and the potential for data to be compromised in public cloud infrastructures increased, the focus shifted towards creating private clouds that could address many of the security concerns of public clouds, while still providing all the same services and resources. Cloud infrastructures naturally evolved into supporting what is now termed "hybrid clouds", which provide the best of both worlds. Hybrid clouds are particularly advantageous for businesses because it affords them the opportunity to take advantage of an internal network of storage, as well as a public data cloud that can be accessed from any location with Internet access.

Cloud computing describes a new supplement, consumption, and delivery model for IT services based on Internet protocols, and it typically involves provisioning of dynamically scalable and often virtualized resources. It is a byproduct and consequence of the ease-of-access to remote computing sites provided by the Internet.

At the foundation of cloud computing is the broader concept of infrastructure convergence and shared services. Data centers providing cloud environments enable enterprises to get their applications up and running faster, providing easier manageability and less maintenance, and enables IT departments to more rapidly adjust IT resources (such as servers, storage, and networking) to meet fluctuating and unpredictable business demand.

The NIST Reference Model

The tremendous impact of cloud computing on business has prompted the United States government to look to the cloud as a means to reorganize their IT infrastructure and decrease their spending budgets. With the advent of the top government official mandating cloud adoption, many agencies already have at least one or more cloud systems online.

NIST is an agency of the US Department of Commerce, setting the standards for federal government R&D including Cloud Computing, and has published a number of documents that are considered the baseline reference models for Government Cloud Computing.

The NIST Cloud Computing Standards Roadmap Working Group has surveyed the existing standards landscape for security, portability, and interoperability standards/models/studies/use cases, etc., relevant to cloud computing. Using this available information, current standards, standards gaps, and standardization priorities are identified in their document. The NIST Definition of Cloud Computing identifies cloud computing as a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. The document - NIST Cloud Computing Standards Roadmap (NIST-SP 500-291) is now available for reference.

The adoption of cloud computing into the Federal Government and its implementation depend upon a variety of technical and non-technical factors. A fundamental reference point, based on the NIST definition of Cloud Computing, is needed to describe an overall framework that can be used government-wide. The document - NIST Cloud Computing Reference Architecture (RA) and Taxonomy (Tax) (NIST-SP 500-292) accurately communicates the components and offerings of cloud computing.

NIST Cloud Computing Reference Model
NIST Cloud Computing Reference Architecture (NIST-SP 500-292)

"The Overview of the Reference Architecture describes five major actors and their roles & responsibilities using the newly developed Cloud Computing Taxonomy. The five major participating actors are the Cloud Consumer, Cloud Provider, Cloud Broker, Cloud Auditor and Cloud Carrier. These core individuals have key roles in the realm of cloud computing." - NIST Cloud Computing Reference Architecture (Executive Summary)

NIST has identified a cloud infrastructure that may be operated in one of the following deployment models: public cloud, private cloud, community cloud, or hybrid cloud. The primary differences between each are based on how exclusive the computing services and resources are made to a Cloud Consumer.

Private Clouds vs. Public Clouds vs. Hybrid Clouds
Public Clouds

A public cloud is one in which the services, resources, and infrastructure are provided off-site over the Internet. These clouds offer the greatest level of efficiency with shared resources; however, they are also more vulnerable than private clouds. A public cloud offers advantages of providing easily scalable solutions with access to your data from anywhere in the world. Some pros and cons of public clouds are:


  • This is generally the least expensive cloud computing option - considering that you only pay for the services and resources that you use. There are no associated hardware and software maintenance costs.
  • Provides large scalability for your business needs, by enabling you to allocate as many server and storage instances as needed.


  • Security can be a concern, and there is always the risk of data being compromised.
  • Outages to available resources can occur that may be completely outside your control.
  • Network latency issues can cause performance issues with the amount of data being transferred over the Internet.

When the business strategy for implementation is more concerned about ease of access from any Internet location (using a variety of different devices) than security, the option of a public cloud is a good choice.

Private Clouds

A private cloud is one in which the services, resources, and infrastructure are maintained on a private network. These clouds offer the greatest level of security and control, however they require the company to purchase and maintain all the supporting software and infrastructure, which reduces the cost savings. Some pros and cons for private clouds are:


  • The hardware and cloud software are implemented on a private network, ensuring full control of security needs.
  • Performance is typically better because there are minimal latency issues since the systems are communicating with the end users and clients over private networks.


  • Higher costs are generally associated with private cloud computing because of the hardware/software expenses, as well as the skilled labor required to maintain the environment.
  • Private cloud computing software is continually evolving, and can require more IT maintenance as a result.

Additionally, some public cloud vendors are now offering private versions of their public clouds, and other vendors, who only offered private cloud technologies, are now offering public versions of with the same capabilities.

Hybrid Clouds

A hybrid cloud includes a variety of public and private options with multiple providers. By spreading things out over a hybrid cloud, you keep each aspect at your business in the most efficient environment possible. The downside is that you have to keep track of multiple different security platforms and ensure that all aspects of your business can communicate with each other. Here are some of the pros and cons for hybrid clouds:


  • Provides the best of both worlds (public and private cloud computing), providing quick access to information and applications wherever needed for public services, while ensuing the required security and availability to data for private cloud services.
  • Innovative ideas and new technologies are rapidly emerging in this direction.


  • The security, processing, and storage between private and public cloud instances can be technologically challenging today.
  • Could cost more than either the private or public cloud computing options considering the technology and skills required.

The overall complexity for management of a hybrid cloud infrastructure along with the various cloud computing components become much more involved when you need to manage private, public, and traditional data centers all together. Generally, the need to support unique processes and capabilities will be required for federating these kind of environments.

Open Source Cloud Computing

Open source cloud computing is the use of open source software to facilitate cloud computing. Cloud computing provides users access to virtual servers that allows them to store and retrieve data as well as use various services in real time through a number of different devices including computers, smartphones, and tablets. Cloud computing and open source software are often part and parcel of the same solution. Linux servers are at the heart of many cloud infrastructures, and many cloud-based applications contain open source components.

Today, more and more enterprises are looking at Open Source solutions in providing platform-as-a-Service (PaaS)—whether in a true public cloud or as an on-premise private cloud—to build a strong framework that lets developers go beyond just hosting an image in a cloud. Many vendors (e.g.; WSO2 Stratos Cloud Middleware) are now exploring how the platform enables the deployment of a full PaaS, whether on the public cloud or on a Eucalyptus, vmWare, OpenStack or Ubuntu private cloud. This can enable developers to quickly build-out highly scalable applications and software-as-a-service (SaaS) solutions, free from any lock-in. Additionally, getting a handle on the challenges associated with security, multi-tenancy, elasticity and metering (to name a few), and providing seamless integration for on-premise and cloud applications can more easily be addressed.