As discussed previously, one of the problems with cloud computing is that there is no one authoritative definition. If you are considering cloud computing as an option, having multiple definitions can end up giving you a moving target if you want a definitive set of standards – but comparing different definitions can provide valuable insights into how cloud computing operates, and what should be considered when implementing a cloud architecture.
In previous posts, I’ve discussed the US National Institute of Science and Technology’s (NIST) definition of the cloud, but that isn’t the only government sponsored definition. The European Commission issued a study in Sept. 2012 on Unleashing the Potential of Cloud Computing in Europe, which describes the NIST’s definition as “highly abstract”.
The European Commission’s more concrete definition lists the following cloud computing features:
• Hardware (computers, storage devices) is owned by the cloud computing provider, not by the user who interacts with it via the internet;
• The use of hardware is dynamically optimized across a network of computers, so that the exact location of data or processes, as well as the information which piece of hardware is actually serving a particular user at a given moment, does not in principle have to concern the user, even though it may have an important bearing on the applicable legal environment;
• Cloud providers often move their users' workloads around (e.g. from one computer to another or from one data centre to another) to optimize the use of available hardware;
• The remote hardware stores and processes data and makes it available, e.g. through applications (so that a company could use its cloud-based computing in just the same way as consumers already today use their webmail accounts);
• Organizations and individuals can access their content, and use their software when and where they need it, e.g. on desktop computers, laptops, tablets and smartphones;
• A cloud set-up consists of layers: hardware, middleware or platform, and application software. Standardization is important especially at the middle layer because it enables developers to address a wide range of potential customers and gives users choice;
• Users normally pay by usage, avoiding the large upfront and fixed costs necessary to set up and operate sophisticated computing equipment;
• At the same time, users can very easily modify the amount of hardware they use (e.g. bring new storage capacity online in a matter of seconds with a few mouse clicks).
For the most part, the European Commission’s definition is compatible with NIST’s definition, but it does differ in the following points:
- The EC definition specifies that hardware should be remote, while the NIST definition does not specify where hardware should be located. As a result, the EC definition would not include locally hosted private clouds.
- The EC definition points out that the location of the remote servers may vary, and that could “have an important bearing on the applicable legal environment”. This concern is more appreciable in Europe, where strict data protection laws are being drafted.
- The EC definition breaks the cloud into hardware, middleware/platform, and application layers, vs. NIST’s SaaS, PaaS, and IaaS layers. The overlap is that the EC definition lumps IaaS and Paas together, and stresses the need for standardization to allow for portability.
The NIST definition is, as mentioned previously, quite abstract, and subject to a certain amount of interpretation. If you are under a legal or corporate mandate to explore cloud computing options, then the abstraction can provide flexibility in addressing your needs.
The more concrete guidelines in the EC definition, however, provide a set of features to check for when comparing cloud providers, and are more useful as a guideline of considerations when implementing a cloud infrastructure. The downside of concrete guidelines is that they are more likely to need modification in the face of new technological developments.
The important thing to remember is that you first need to determine the infrastructure components you need to support your organization, and then work back from there to determine what form of cloud, virtualization and bare metal servers will provide the most productive architecture within your economic reach. Cloud definitions, as they exist today, are guidelines for how clouds can be used in supporting your organization, not mandates for how to change your organization in order to fit into the cloud.