A definition for cloud computing, despite it having been with us for many years (some say back to the 1960s), seems to be fairly elusive. The U.S. National Institute for Standards and Technology (NIST) definition is perhaps the best known but it is a user-centric definition. Most recently the ISO (International Standards Organization) and the ITU (International Telecommunications Union) have jumped into this game with an emerging standard called ISO/IEC 17788 that provides a basic vocabulary and description for cloud computing.
First, two points to note:
- there is not currently, and there may never be, a single conformance statement for all of cloud computing – it is just too diverse for a single standard.
- cloud computing is really a “paradigm shift,” not a single system – there will be many forms of cloud computing system, with many different deployment patterns.
Cloud computing can be defined as the set of computing systems that have the following key characteristics:
- A cloud computing system implements “services” which can be defined as a quantities of different physical or virtual resource(s) that are made available for a period of time, and where a resource is defined as:
- computer processing/data storage/networking (IaaS);
- programming languages and execution environments (PaaS); or
- provider-owned applications (SaaS).
- Cloud services are accessed via networks (generally TCP/IP networks) using a variety of client devices (really anything from a mobile phone to a mainframe), including:
- Web browsers for human access;
- defined APIs for programmatic access; and
- a Web-based portal (and presumably also via management APIs) for management access.
- Cloud service management is highly automated:
- service requests are self-service (i.e., does not need a human-human interaction);
- service consumption is metered (presumably also with failure/stoppage detection);
- chargeback is based on a pay-as-you-go methodology (with the charge based on units of time or quantity that are defined in the subscription); and
- provision of capacity is dynamically managed (which allows rapid elasticity and scalability)
- The underlying service provider’s implementation is based on:
- resources that maximize utilization (e.g., virtualization) and reliability;
- resource deployment is in quantities sufficient to meet elasticity requirements;
- standardization to avoid the need for manual solutioning for each service request;
- multi-tenancy (i.e., users of shared resources are fully isolated from each other);
- strong security for data and services (user data and subscribed services are fully protected);
- pooling of resources (i.e., resources can be aggregated but are not dedicated to one user – no more IT silos); and
- unlayered resource implementation (i.e., PaaS and SaaS services are NOT required to use IaaS resources, SaaS services are NOT required to use PaaS offerings).
The service provider’s implementation should actually be viewed as a “black box” from the user’s perspective. It should be possible to determine if a system is a cloud computing system without knowing the internal details of the system.
Given the current industry definition for cloud computing, can we decide whether the following are valid examples of cloud computing systems:
- Google Search or Microsft Bing: These are network accessible, searching is a provider-owned application, access is self-service on demand, you pay ($0) as you go, and presumably the underlying applications are multi-tenant and elastic (i.e., there is no limit on the number or frequency of search operations).
- Skype: Skype is network accessible, voice/text/video handling is a provider-owned application, subscriptions are self-service on demand, and the service is pay-as-you-go, presumably the application is multi-tenant and elastic (i.e., there is no limit on the number of calls).
- Dropbox: Dropbox is network accessible, storing files is a provider-owned application, it is pay as you go (personal $0)/business is monthly subscription) and presumably it is multi-tenant. There is, however, a fixed limit on the quantity of storage so it is not dynamically elastic.
- Email: Email systems are network accessible (using web or mail clients), mailboxes and message transfer are provider-owned applications that are multi-tenant (isolation of mailboxes) and elastic (there is no general limit on the number of emails). However, many mail systems are not self-service on demand and more often you pay a subscription fee instead of paying for what you use.
- Twitter: Twitter is network accessible, tweet distribution is a provider app, access is self-service on demand, there are no charges, and presumably the applications are multi-tenant and elastic (there is no limit on the number of tweets you can send).
Do you think of these systems as being examples of cloud computing?
How many of the key characteristics are really necessary for a system to be called a cloud computing system?
Understanding how IBM Spectrum Protect enables hybrid data protection
Abdicating your company’s data protection responsibilities to the first cloud solution provider you encounter is just as unwise as doing nothing at all to leverage the cloud. On the other hand, it can be a wise decision to investigate what results you might achieve by choosing a backup technology that is capable of supporting a hybrid protection approach capable of covering both on-premises technology and offsite cloud capabilities.