3
NIST’s definition
• On demand• Shared pool • Configurable • Rapidly provisioned
NIST’s Cloud Computing Description
Deployment Models
Service Models
Essential Characteristics
Common Characteristics
Hybrid Clouds
Private Cloud Community Cloud Public Cloud
SaaS PaaS IaaS
On-demand Self Service
Broad network access
Resource pooling
Rapid elasticity
Measured Service
Massive scale
Homogeneity
Virtualization
Low cost software
Resilient computing
Geographic distribution
Service orientation
Advance Security
• Opex reduction• Capex deferral
Private
• Opex reduction• Capex deferral• Speed to MarketPublic
• Opex reduction• Capex deferral• Speed to market• New value chainsCommunity
Potential Issues
• Data residency – time delay between data being requested and delivered
• Security and confidentiality of data being stored outside the company
• Business buy-in; convincing companies of the infrastructure and reliability
Trust
• For now, many companies are only using cloud computing for small projects in our country
• The trust hasn’t been accepted• Details such as licensing, privacy, security,
compliance and network monitoring need to be thought carefully for the trust to be realized
• Cloud provisioning services• Cloud data storage services• Cloud processing infrastructure• Cloud support services• Cloud network and perimeter security• Elastic elements; storage, processing, virtual
networks
What is there to Secure Cloud?
Cloud risks and threads • Loss of governance• Lock-in• Isolation failure• Compliance risks• Management interface compromise• Data protection• Insecure or incomplete data deletion• Malicious insider• Authentication abuse• Operations breakdown• Misuse of cloud-specific technology