CHAPTER 1: INTRODUCTION TO CLOUD COMPUTING

Cloud computing

One of the more evocative labels for an IT delivery model – certainly more so than the utility computing label to which Cloud owes much of its heritage. However, like its rain-carrying namesake, Cloud computing can be difficult to describe, with many observers having their own perspective on what is, and what is not, Cloud. Many people use Cloud services without realising that they are doing so – iTunes, Facebook and Twitter are all examples of Cloud services. However, these are consumer Cloud services, aimed at individual users, and the security of such consumer services is not discussed within this book.

The purpose of this book is to help those organisations looking to implement Cloud services aimed at the enterprise – the likes of Salesforce, Amazon Web Services, Microsoft® Azure and the Google Cloud Platform – to do so in a risk-managed manner.

Figure 1: Cloud computing model

Figure 1 shows a high level representation of the Cloud computing model. On the left, we have a Cloud computing provider – essentially a set of servers offering some form of shared IT service. On the right, we have a set of organisations with users and client devices capable of accessing that shared service. In the middle we have the Internet (or some other delivery network) that acts as the transport mechanism enabling the access devices to connect to the shared service. You can also see some individual users sitting on the Internet that are just as capable of accessing those shared services as the larger organisations. The shared service on offer could be anything from the original Amazon Web Services model of access to compute and/or storage resources through to the Salesforce, Concur or SuccessFactors model of access to specific software applications.

Regardless of the service on offer, there are a number of key characteristics that the service must display in order to be truly 'Cloud', these are:

•Multi-tenant – the service should (at some level of the technology stack) be shared amongst its users rather than dedicated to the use of a single consumer. In the case of services like Amazon Web Services, multi-tenancy traditionally exists at the level of the physical hardware and the hypervisor,¹ which can host virtualised images serving many consumers.² In the case of services such as Salesforce, the multi-tenancy sits at the application level – many different consumers access the same instance of the applications on offer. Consumers are, therefore, separated only by the barriers implemented by the provider within their applications. This is a prime differentiator of Cloud services from a more traditional data centre outsourcing model, where resources would more typically be dedicated to individual clients.

•Ubiquitous network access – the service should be available to all over a common network. For public Cloud services, the common network is usually the Internet. For other types of Cloud services, the network could be a more private network such as a government or academic network.

•Elastic – the service should be able to respond quickly to spikes in demand, with the Cloud consumer able to add the additional resources needed to maintain service levels during a spike in demand and, then, to rapidly release resources again once the spike has passed. Cloud providers should look to reduce the amount of manual effort required to support this elasticity.

•Pay per Use – consumers should be charged for the amount of resources that they actually consume; in the case of infrastructure services this could be by charging per CPU per hour or charging per GB of data stored or transferred. For Cloud providers offering SaaS this could be a case of charging per user per month rather than charging on the traditional basis of a perpetual license.

•On-demand self-service – consumers should be able to provision the services they need themselves, without needing to talk to the Cloud provider. In many popular Cloud services, customers can obtain the services they need with only a network connection and a credit card.

That is my view of Cloud, a view heavily influenced by the now de facto definition of Cloud computing produced by the American National Institute of Standards and Technology (NIST). The NIST definition of Cloud computing is discussed in much more detail in chapter 2. There are a number of services that seek to use the Cloud label, but which do not display all of the characteristics described above. A number of service providers continue to jump on to the Cloud bandwagon, and many services that would normally just be viewed as a shared service or a virtualised data centre have been relabelled as Cloud services. This relabelling is so common that it earned its own title – ‘Cloud-washing’.

This book is not dogmatic about whether or not a Cloud service displays all of the expected characteristics described above; the guidance it provides is also generally applicable to wider classes of shared services.

¹ Hypervisors are responsible for allocation of physical hardware resources such as compute, storage and communications to virtualised operating system guests hosted on that hardware.

² Although bare-metal services dedicated to the usage of a single customer can also be used at additional cost.