The National Institute of Standards and Technology (NIST) Information Technology Laboratory is working on a definition of cloud computing (version 14 of their working draft is on their site and is looking great). Like other NIST efforts they have taken a collaborative/collegial approach in building this definition. You can find the full definition at the NIST Computer Security Resource Center. The also provide a briefing titled “Effectively and Securely Using the Cloud Computing Paradigm” (by Peter Mell and Tim Grance of NIST, dated 6/26/2009). That presentation gives a great overview of the models and methods for using clouds securely.
The short version of their definition is:
Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
I like that definition and I think it captures the key factors of my views of Cloud. This seems to be in total harmony with the Amazon vision articulated as Elastic Computing (see Business Week of Nov 2006). The definition is close enough to the definition I have been advocating (see Cloud Computing and Net Centric Operations).
NIST goes on to define five essential characteristics, three delivery models, and four deployment models. All are provided at the NIST website.
For the record, I plan on using the NIST definition from now on.
Related posts:
Now that we can all standardize on the definition of “a cloud” we can start drilling down into the more important “X”aaS topics. This is my typical definition of Infrastructure as a Service. Now the models have to be expanded to support Platform and Software architectures. Whats important is provided an S3 type service to stage the information for deployment. People must understand that most applications won’t just run in the cloud, they need to be architected in such a way that they can handle the dynamic growth and condensing of resources without user interruption.
They documents list “security” and “identity” at a high level as important issues. I’m disappointed that they don’t list these as part of the foundation for the architecture. However doesn’t go into depth as to how to provide IDaaS allowing identity attributes to be cascaded into role and then into policies for provisioning purposes. This concept is key to cloud success and in my opinion being one of the hardest problems to solve is not getting the attention it deserves. Everything from how to add new resources, to installing / managing the operating system to the platform on top of them to the end users/services attaching to the software needs to be addressed and each in their own unique way.
Azure which was mentioned in the powerpoint deck is only a partial solution to the problem (and one of many). These organizations have enough problems doing this internally, let alone when they introduce a federated identity model when sharing information, platforms and services between organizations.
Thanks Matt. I see your points about security and identity needing to be much higher in level as issues– as foundational to the architecture. I appreciate all your comments.
Cheers,
Bob