Skip to content
Menu
Cloud Gal 42
  • Home
Cloud Gal 42

NIST Cloud Computing Reference Architecture and Taxonomy

May 21, 2021May 16, 2021 by admin

The NIST Cloud Computing Reference Architecture and Taxonomy was designed to accurately communicate the components and offerings of cloud computing. The guiding principles used to create the reference architecture were:

  • Develop a vendor-neutral architecture that is consistent with the NIST definition
  • Develop a solution that does not stifle innovation by defining a prescribed technical solution

Actors in Cloud Computing

The NIST cloud computing reference architecture defines five major actors. Each actor is an entity (a person or an organization) that participates in a transaction or process and/or performs tasks in cloud computing. The five actors are:

  • Cloud user/cloud customer: A user is accessing either paid-for or free cloud services and resources within a cloud. These users are generally granted system administrator privileges to the instances they start (and only those instances, as opposed to the host itself or other components).
  • Cloud provider: A company that provides a cloud-based platform, infrastructure, application, or storage services to other organizations and/or individuals, usually for a fee (otherwise known to clients as “as a service”).
  • Cloud auditor: A party that can conduct independent assessments of cloud services, information system operations, performance, and security of the cloud implementation.
  • Cloud carrier: An intermediary that provides connectivity and transport of cloud services between cloud consumers and cloud providers.
  • Cloud services broker (CSB): The CSB is typically a third-party entity or company that looks to extend value to multiple customers of cloud-based services through relationships with multiple cloud service providers. It acts as a liaison between cloud services customers and cloud service providers, selecting the best provider for each customer and monitoring the services. A CSB provides:
    • Service intermediation: A CSB enhances a given service by improving some specific capability and providing value-added services to cloud consumers. The improvement can be managing access to cloud services, identity management, performance reporting, enhanced security, etc.
    • Service aggregation: A CSB combines and integrates multiple services into one or more new services. The broker provides data integration and ensures the secure data movement between the cloud consumer and multiple cloud providers.
    • Service arbitrage: Service arbitrage is similar to service aggregation except that the services being aggregated are not fixed. Service arbitrage means a broker has the flexibility to choose services from multiple agencies. The cloud broker, for example, can use a credit-scoring service to measure and select an agency with the best score.

Cloud Service Models

NIST defines three cloud computing service models: software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS). Often referred to as the SPI model, these acronyms have become synonymous with cloud computing when discussing cloud service models.

Infrastructure as a Service (IaaS)

Infrastructure as a service (IaaS) is a model where the customer can provision equipment as a service to support operations, including storage, hardware, servers, and relevant networking components. While the consumer has use of the related equipment, the cloud service provider retains ownership, and is ultimately responsible for hosting, running, and maintaining the infrastructure. IaaS is also referred to as hardware as a service by some customers and providers.

IaaS has multiple key benefits for organizations, which include, but are not limited to:

  • Usage metered and priced based on units (or instances) consumed, allowing it to be billed back to specific departments or functions
  • Ability to scale infrastructure services up and down based on usage, which is particularly useful and beneficial where there are significant spikes and dips in usage within the infrastructure
  • Reduced cost of ownership, meaning no need to buy assets for everyday use, no loss of asset value over time, and reduction of other related costs of maintenance and support
  • Reduced energy and cooling costs, plus a “green IT” environmental effect, with optimum use of IT resources and systems

Platform as a Service (PaaS)

Platform as a service (PaaS) is a way for customers to rent virtualized servers and associated services for running existing applications or developing and testing new ones.

PaaS has several key benefits for developers, which include, but are not limited to:

  • Operating systems can be changed and upgraded frequently
  • Where development teams are scattered globally, or across various geographic locations, the ability to work together on software development projects within the same environment can be extremely beneficial
  • Services are available and can be obtained from diverse sources that cross international boundaries
  • Upfront and recurring or ongoing costs can be significantly reduced by utilizing a single vendor, rather than maintaining multiple hardware facilities and environments

Software as a Service (SaaS)

Software as a service (SaaS) is a distributed model where software applications are hosted by a vendor or cloud service provider and made available to customers over network resources. SaaS is currently the most widely used and adopted form of cloud computing, with users most often simply needing an internet connection and credentials to have full use of the cloud service, application, and data housed.

Within SaaS, there are two delivery models currently used. First is hosted application management (hosted AM), where a cloud provider hosts commercially available software for customers and delivers it over the web (internet). Second is software on demand, where a cloud provider provides customers with network-based access to a single copy of an application created specifically for SaaS distribution (typically within the same network segment). Within either delivery model, SaaS can be implemented with a custom application, or the customer may acquire a vendor-specific application that can be tailored to the customer.

SaaS has several key benefits for organizations, which include, but are not limited to:

  • Ease of use and limited/minimal administration
  • Automatic updates and patch management; always running the latest version and most up-to-date deployment (no manual updates required)
  • Standardization and compatibility (all users have the same version of software)
  • Global accessibility

 

Related

1 thought on “NIST Cloud Computing Reference Architecture and Taxonomy”

  1. Pingback: ISO/IEC 27017: Information Security Controls for Cloud Computing – Cloud Gal 42

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Role of AI/ML in Cybersecurity
  • QuickGuide: Security on OCI
  • The Cloud Management Plane
  • Secure Installation and Configuration of Virtualized Cloud Datacenters
  • Cloud Datacenter: Hardware-specific Security Configuration Requirements

Recent Comments

  • Rafael on Installing Debian on OCI
  • Jorge on Installing Debian on OCI
  • admin on Installing Debian on OCI
  • Andreas on Installing Debian on OCI
  • admin on Installing Debian on OCI

Archives

  • December 2022
  • February 2022
  • September 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • February 2021
  • January 2021
  • November 2020
  • October 2020

Categories

  • aws
  • bcdr
  • cloud
  • cloudsecurity
  • compliance
  • informationsecurity
  • oracle
  • pci
  • QuickGuide
  • security
©2025 Cloud Gal 42 | Powered by WordPress and Superb Themes!