The Definition of Cloud Computing by the National Institute of Standards and Technology

Whoa, sounds heavy, dude!

(Great! Now I have "He ain't heavy, he's my brother" running through my head.)

Cloud computing seems to have just blown up out of nowhere. Yet it has been around in various forms for years. Lately, though, it seems to be a major subject of interest and conversation throughout the software world. Everything is going along so fast that a decent definition of cloud computing hasn't even been specified yet.

As a result the terms "Cloud Computing", "On-Demand", and "SaaS" are starting to get used interchangably. It's easy enough to take cut "SaaS" out of the pack; this is actually a delivery model. It is related to cloud computing in that the "Software Service" is delivered over the "Cloud".

On-demand is a little tougher to categorize, so when the National Institute of Standards and Technology (NIST) started drafting a definition of cloud computing the term "on-demand" became part of the definition itself.

A more detailed draft definition of cloud computing and its accompanying delivery and deployment models can be found at the NIST website under their computer security division. I want to emphasize that: this is a draft definition being put together by a group under Peter Mell and Tim Grace of NIST.

The gist of it is as follows:

Cloud computing is a way of providing access to computing resources that can be released with very little work by the service provider. It has the following characteristics:

  • on-demand self-service
  • ubiquitous network access
  • location independent resource pooling
  • rapid elasticity
  • measured service

What this means is that

  • you, as a consumer, can access computing resources automatically with no help from the provider, using a web browser.
  • You can access these resources in numerous ways: mobile phones, laptop, PDAs, etc.
  • It doesn't matter where the resource is physically located.
  • The capabilities of the service can seem limitless to the consumer because they can scale up and down so rapidly. 
  • The service is metered so that the cloud controls the resource to provide the best performance.

NIST is currently providing for three delivery models.

Software as a Service, what most people simply refer to as SaaS, is a software solution that you can use as if it were software installed on the computer itself but is actually being provisioned from the "Cloud" over your web browser. However, you have no control over the software or anything else unless it has been given as a limited user-specific setting.

Platform as a Service, PaaS, gives you the ability to deploy a software application to the cloud's infrastructure. Other than the application and the hosting environment, you have no control over the infrastructure.

Infrastructure as a Service, IaaS, gives you the ability to provision specific resources through which you deploy and use a variety of software, including operating systems as well as applications. You cannot control the rest of the cloud infrastructure but can control operating systems, storage, and other resources and components.

NIST has also given cloud computing four deployment models:

  • private cloud (think "your company")
  • community cloud (think Homeland Security which has numerous agencies that use the same resources)
  • public cloud (think Google's or Amazon's cloud offerings)
  • hybrid cloud: more than one cloud of any type, that remains independent, except for infrastructure that allows data and application portability, called, interestingly enough, "cloud bursting".

Well, that's a quick rundown of what cloud computing may be defined as. As I said, this is a draft definition, but maybe it is enough to be going on with.

If you prefer all the $10 words associated with the definition see the full NIST draft (2 page Word document) and a 73 slide PowerPoint presentation, annotated. Otherwise, this should git'er dun.