Taxonomy | – Cloud assurance compliance


“Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.” (NIST)”

Illustration of Cloud Taxonomy

Essential Cloud Characteristics

  1. On-demand self-service: customers can provision computing capabilities.
  2. Broad network access: Resources are available over the network through standard mechanisms.
  3. Resource pooling: the provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model.
  4. Rapid elasticity: capabilities can be rapidly and elastically provisioned, preferably automatically.
  5. Measured service: Resource-usage is monitored and automatically controlled and optimized. The organization provides transparency for both itself and the customer of the utilized service.

Service models

1. Software as a service

Providing functionality through cloud services.

Examples: Salesforce, linkedin, Gmail, Exact-online.

2. Platform as a service

Provides sofware development and deployment platforms.

Examples: Google AppEngine, EngineYard, Azure, GridGain.

3. Infrastructure as a service

Provides technical components through cloud services.

Examples: Virtual Private Server providers: Amazon, Rackspace, CloudVPS. Storage providers: Amazon, Mozy, Rackspace.

Deployment models

1. Private cloud

The cloud infrastructure is operated solely for an organization. Management is performed by the organization or outsourced to a third party. Private cloud infrastructures can be on the organization’s premises or off premises

2. Public cloud

The cloud infrastructure is available to a large group or the general public and is owned by an organization specialized in selling cloud services.

3. Community cloud

The (usually private) cloud infrastructure is shared by multiple organizations that share the same goal.

4. Hybrid cloud

The Hybrid cloud is a composition of two or more cloud deployment models (private, community or public) that are bound together to enable data and application portability. Most common applications consist of cloud bursting (handling temporary peaks) and load-balancing between clouds.

Definitions are written by NIST, the National Institute of Standards and Technology in SP-800-146 (Draft).