The NIST Cloud Computing Reference Architecture and Taxonomy was designed to accurately communicate the components and offerings of cloud computing. The guiding principles used to create the reference architecture were:
- Develop a vendor-neutral architecture that is consistent with the NIST definition
- Develop a solution that does not stifle innovation by defining a prescribed technical solution
Actors in Cloud Computing
The NIST cloud computing reference architecture defines five major actors. Each actor is an entity (a person or an organization) that participates in a transaction or process and/or performs tasks in cloud computing. The five actors are:
- Cloud user/cloud customer: A user is accessing either paid-for or free cloud services and resources within a cloud. These users are generally granted system administrator privileges to the instances they start (and only those instances, as opposed to the host itself or other components).
- Cloud provider: A company that provides a cloud-based platform, infrastructure, application, or storage services to other organizations and/or individuals, usually for a fee (otherwise known to clients as “as a service”).
- Cloud auditor: A party that can conduct independent assessments of cloud services, information system operations, performance, and security of the cloud implementation.
- Cloud carrier: An intermediary that provides connectivity and transport of cloud services between cloud consumers and cloud providers.
- Cloud services broker (CSB): The CSB is typically a third-party entity or company that looks to extend value to multiple customers of cloud-based services through relationships with multiple cloud service providers. It acts as a liaison between cloud services customers and cloud service providers, selecting the best provider for each customer and monitoring the services. A CSB provides:
- Service intermediation: A CSB enhances a given service by improving some specific capability and providing value-added services to cloud consumers. The improvement can be managing access to cloud services, identity management, performance reporting, enhanced security, etc.
- Service aggregation: A CSB combines and integrates multiple services into one or more new services. The broker provides data integration and ensures the secure data movement between the cloud consumer and multiple cloud providers.
- Service arbitrage: Service arbitrage is similar to service aggregation except that the services being aggregated are not fixed. Service arbitrage means a broker has the flexibility to choose services from multiple agencies. The cloud broker, for example, can use a credit-scoring service to measure and select an agency with the best score.
Cloud Service Models
NIST defines three cloud computing service models: software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS). Often referred to as the SPI model, these acronyms have become synonymous with cloud computing when discussing cloud service models.
Infrastructure as a Service (IaaS)
Infrastructure as a service (IaaS) is a model where the customer can provision equipment as a service to support operations, including storage, hardware, servers, and relevant networking components. While the consumer has use of the related equipment, the cloud service provider retains ownership, and is ultimately responsible for hosting, running, and maintaining the infrastructure. IaaS is also referred to as hardware as a service by some customers and providers.
IaaS has multiple key benefits for organizations, which include, but are not limited to:
- Usage metered and priced based on units (or instances) consumed, allowing it to be billed back to specific departments or functions
- Ability to scale infrastructure services up and down based on usage, which is particularly useful and beneficial where there are significant spikes and dips in usage within the infrastructure
- Reduced cost of ownership, meaning no need to buy assets for everyday use, no loss of asset value over time, and reduction of other related costs of maintenance and support
- Reduced energy and cooling costs, plus a “green IT” environmental effect, with optimum use of IT resources and systems
Platform as a Service (PaaS)
Platform as a service (PaaS) is a way for customers to rent virtualized servers and associated services for running existing applications or developing and testing new ones.
PaaS has several key benefits for developers, which include, but are not limited to:
- Operating systems can be changed and upgraded frequently
- Where development teams are scattered globally, or across various geographic locations, the ability to work together on software development projects within the same environment can be extremely beneficial
- Services are available and can be obtained from diverse sources that cross international boundaries
- Upfront and recurring or ongoing costs can be significantly reduced by utilizing a single vendor, rather than maintaining multiple hardware facilities and environments
Software as a Service (SaaS)
Software as a service (SaaS) is a distributed model where software applications are hosted by a vendor or cloud service provider and made available to customers over network resources. SaaS is currently the most widely used and adopted form of cloud computing, with users most often simply needing an internet connection and credentials to have full use of the cloud service, application, and data housed.
Within SaaS, there are two delivery models currently used. First is hosted application management (hosted AM), where a cloud provider hosts commercially available software for customers and delivers it over the web (internet). Second is software on demand, where a cloud provider provides customers with network-based access to a single copy of an application created specifically for SaaS distribution (typically within the same network segment). Within either delivery model, SaaS can be implemented with a custom application, or the customer may acquire a vendor-specific application that can be tailored to the customer.
SaaS has several key benefits for organizations, which include, but are not limited to:
- Ease of use and limited/minimal administration
- Automatic updates and patch management; always running the latest version and most up-to-date deployment (no manual updates required)
- Standardization and compatibility (all users have the same version of software)
- Global accessibility
1 thought on “NIST Cloud Computing Reference Architecture and Taxonomy”