NIST’S DEFINITION OF CLOUD COMPUTING PROVIDES NEW REFLECTIONS ON FEATURES, CHARACTERISTICS, AND SERVICE MODELS.
In September 2011, NIST (the National Institute of Standards and Technology and the international point of reference for IT standards) released a document (SP 800-145) that provides a definition of Cloud Computing.
First of all, NIST divides the cloud model into three areas:
- essential characteristics
- service models
- service distribution models
The first two categories are technological and methodological building blocks that many of us have been able to use, adopt, and put into practice in real projects.
The third appears, to date, to be a category replaced by the cloud’s evolution to a multi-cloud.
The five essential characteristics of cloud computing
NIST states that this kind of service must have five essential characteristics, which can be identified when analysing the current context and the main cloud computing providers:
- Provision of on-demand services
- Guarantee of adequate bandwidth and network access
- Organisation that ensures due service scalability, security, and availability
- Quick responses to change through the introduction of the concept of resource group elasticity – an index already encompassed by scalability
- Measured and measurable services
Cloud computing service models
NIST envisages three service models, to which we must also add a fourth as it is strategically important and crucial for the cloud’s evolution, despite being partly experimental.
- Infrastructure as a Service – IaaS
- Platform as a Service – PaaS
- Software as a Service – SaaS
- Infrastructure as a Code – IaaC
Why we recommend an SaaS model
SaaS is a service model whereby compliance with data ownership and privacy laws and national and international security standards is established via a contract with the primary cloud provider. Obviously, components introduced by customers at configuration or software artefact level are their own responsibility.
In terms of impact, adherence to regulations by design is a huge advantage in the overall calculation of service management. The trade-off for using Software as a Service technology is the need for regular updates and close monitoring of both software components and primary supplier schedules. In any case, as soon as a service model can follow this process, the legal and contractual advantages also result in a considerable reduction in costs.
SaaS is a database instance provided by a primary provider, whose individual database lifecycle is managed by the purchaser. The purchaser is responsible for managing the database structure (DDL and DDM) and keeping diagrams and instructions up-to-date with regular product version updates.
IaaC, on the other hand, introduces a service model specifically geared towards the System Development Life Cycle (SDLC). In turn, this complements – but does not overlap with – the better known Software Development Life Cycle (also referred to as SDLC). A notable benefit of IaaC is the option to manage infrastructure changes in the cloud in the same way we manage software code.
The combination of SaaS & IaaC gives us a tangible opportunity to improve the quality of cloud services and reduce the TCO. It is complex to manage, requiring a specific service model that is not always immediately available to companies. Therefore, we recommend that companies rely on an expert to assess the most suitable cloud adoption path for them and their business.