Cloud computing as an extension of Service-Oriented Com-

SOC’s benefits were attracting more and more enterprises seeking to implement their software systems following the SOA principles – that is, by minimising effort on implementing own software assets from scratch, but rather to re-use already existing resources via Internet. This attractive model has paved the way for Cloud Computing which has revolutionised the way enterprises and ordinary users can access computing, storage and networking resources nowadays. With its emer- gence, traditional computing has transformed into a service-based model, where resources are commoditised and delivered over a network, just like traditional utilities, such as water or gas (Buyya et al., 2013).

Even though we have been experiencing this revolutionary paradigm shift to cloud computing only in the last 10 year, the concept itself is not novel, and was first introduced back in the 60s by McCarthy (Abelson, 1999, Parkhill, 1966). How- ever, it was not until recent advances in networking, hardware, mobile and virtual- isation technologies in the last three decades (Armbrust et al., 2010) that eventually fulfilled this prophetic vision. In the 80s, IBM started releasing into mass produc- tion affordable personal computers available to ordinary users for home usage. This paradigm shift from huge industrial and academic mainframe machines to compact personal computers was also supported by Microsoft, who offered oper- ating systems to make PCs even more ubiquitous and usable both at home and at work.

Then, in the 90s, the networking technology was eventually developed enough to provide sufficient bandwidth to support the emergence of the Internet and make it available to the masses (Mohamed, 2015). The Internet, together with new software interoperability standards, finally allowed enterprises to interconnect all their computers and opened many business opportunities to monetize this new computing paradigm. With the rise of commercial networking, enterprises started looking for novel mechanisms and service models for delivering their solutions and resources to end users via the Internet. In 1999, Salesforce.com1 started deliv- ering enterprise-class software through websites and became one of the pioneers in this field. Sales automation software offered by Salesforce.com could be accessed by customers via the Internet, and companies could purchase these services on a cost-effective and on-demand basis.

Next step was taken in 2002, when Amazon joined this trend and introduced 1_{http://www.salesforce.com/}

its Amazon Web Services (AWS) – a cloud platform, which allowed users to access storage and computation resources, as well as some basic applications. In 2006, they went even further with the Elastic Compute Cloud (EC2), which offered an entire infrastructure to be delivered as a service to software developers – they could rent space to store and run their own applications in the cloud. It was 2009 when the cloud computing finally reached a stable level of maturity, and the cloud computing market was shaped with the main industry influencers getting on-board – IT giants like Google, Microsoft, IBM and Oracle were delivering their technological solutions to businesses and average users in the form of simple, accessible, on-demand cloud services.

As a result, cloud computing today “represents a concept of remote on-demand provisioning of pooled computing resources which are made available over a net- work, in a dynamic and scalable fashion, and whose consumption is metered to enable usage-based billing” (Kourtesis, 2011). Customers, ranging from individual users to entire organisations, need to pay cloud providers only when they access computing, storage or networking services. Additionally, they do not need to in- vest heavily in these potentially complex and expensive assets upfront, and then own and manage them in their premises, but instead always have them at their disposal and easily accessible via the Internet, and, consequently, reduce expenses on hiring a dedicated team of IT professionals.

Even though there exist several definitions of the term cloud computing, pro- posed in academic literature, with each placing emphasis on different aspects of the concept (Armbrust et al., 2010, Vaquero et al., 2008), the most intuitively com- prehensive and widely adopted definition comes from National Institute of Stan- dards and Technology (NIST) (Mell and Grance, 2009):

“Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., net- works, servers, storage, applications, and services) that can be rapidly pro- visioned and released with minimal management effort or service provider interaction.”

To provide an even more comprehensive explanation of what a cloud service is, this definition should be extended with a list of key characteristics a cloud service is expected to exhibit. Accordingly, NIST has distilled the following 5 essential features of a cloud computing service:

• On-demand self-service means that a user, subscribed to a cloud solution, should be provisioned with computing resources when needed automati- cally, without human interaction.

• Broad network access refers to the fact that all the cloud resources are ac- cessible remotely over the Internet via standard interfaces and protocols. • Resource pooling – thanks to recent advances in the area of virtualisa-

tion techniques, cloud resources are typically provisioned to customers in a multi-tenant and transparent manner. The former means that virtual com- puting resources belonging to different users (i.e., tenants) are hosted on a single physical server,1 _{and the latter refers to the fact that these tenants are}

isolated from and unaware of each other. Moreover, they are also unaware of the exact geophysical location of their virtualised cloud resources, which can migrate from one physical host to another according to consumer demand. • Rapid elasticity of cloud resources describes their capabilities to be (au-

tomatically) provisioned and released so as to enable scaling in and out and meeting ever-changing, dynamic requirements. Even though virtualised cloud resources of a particular cloud provider are constrained by the under- lying physical infrastructure, from the consumer’s perspective, this aspect of cloud computing creates an impression of seemingly infinite computing utility.

• Measured service is an inevitable consequence of SOC, where users pay only for the actual usage of a cloud service. It means, that a cloud offering is en- abled with automatic monitoring, controlling and reporting tools to provide metering and billing in a transparent, fair and flexible fashion.

Even though cloud computing is typically associated with remote access to computing resources over the Internet,2 for large enterprises consisting of multi- ple departments it is also possible to build up their own cloud data centre within their premises – this deployment model is known as ‘private cloud’. The motiva- tion behind this decision might be two-fold. Firstly, provided that an enterprise is large enough and its individual departments demand for elastic computational and storage resources which will be fully utilised, it can bring certain economic benefits when compared to expenditures needed for acquiring remote cloud ser- vices from commercial providers. Secondly, often migration to cloud is hindered 1_{Nowadays, it is also possible to reserve a whole cloud server so as not to share it with} other tenants. For example, EC2 offers its subscribers so-called ‘dedicated instances’ (http: //aws.amazon.com/ec2/purchasing-options/dedicated-instances/).

2_{This is essentially where the term ‘cloud’ comes from – in conceptual diagrams, a cloud-like} shape was used to metaphorically denote the Internet in computer networks. This simplified repre- sentation also implied that the specifics of the internal organisation of the Internet are not relevant for the purposes of understanding the diagram. Similarly, nowadays end users are typically com- pletely unaware of how and where a particular cloud service is actually deployed and operates.

with privacy and security issues – enterprises are not willing to release sensitive data beyond their private network perimeter. In such circumstances, it makes sense to deploy a private cloud locally, on premises. In this case, all potentially sensitive data is guaranteed to be stored and processed under the enterprise’s con- trol. A hybrid solution also exists – with this deployment model, some parts of the enterprise IT systems run on premises and the others – remotely in clouds. This way, enterprises can run critical computations under control and at the same time benefit from flexible pricing schemes by running less sensitive tasks in remote cloud environments.

When it comes to pricing schemes for a particular cloud service, in the first instance, it depends on the service model through which the resources are pro- visioned to users. Traditionally, NIST distinguishes between the following three service models (Mell and Grance, 2009):

• IaaS is a way of providing customers with on-demand access to processing, storage, networking and other fundamental computing resources (which are traditionally referred to as hardware) typically in the form of a virtual ma- chine. IaaS users are then a required to install an OS and all necessary mid- dleware and software so as to deploy, run and access arbitrary software over the Internet. Usually, users only have access to the OS, storage and deployed software, whereas management of the underlying hardware is beyond their capabilities and remains the responsibility of the IaaS provider. With the IaaS delivery model, cloud subscribers – usually companies who are attracted by the opportunity to save on acquiring and maintaining potentially expen- sive hardware – are charged for the consumption of the hardware resources. Typical monitored metrics for metering and billing are number of reserved computational instances and associated Central Processing Unit (CPU) and memory utilisation, storage consumption, network bandwidth, etc.

• PaaS model provides a computing platform equipped with a technological stack of solutions necessary to deploy and run users’ software without the cost and complexity of buying, configuring and managing both the under- lying hardware infrastructure and the computational platform. PaaS target groups are typically software vendors, IT departments of enterprises, in- dividual developers, etc. – all those who want to shift a significant share of their concerns associated with developing, maintaining and provisioning on-demand software to the PaaS provider’s end. This allows developers to focus on the business functionality of their software (which possibly can be provisioned as a SaaS offering), rather than spend their efforts on managing

the enabling cloud infrastructure and platform. The PaaS provider assumes the responsibility to monitor and manage the usage of every application and to allocate infrastructure resources as appropriate to meet ever-changing re- quirements (Kourtesis, 2011). Charging in PaaS also relies on metering the CPU and memory consumption, and additionally includes the consumption of platform-level services available to the users – for example, messaging queues or databases.

• Software as a Service (SaaS) is a delivery model in which customers’ soft- ware deployed and running in the cloud environment is easily accessible from various devices (PCs, laptops, smartphones, etc.) and clients (i.e., rich and thin) in an on-demand manner. This delivery model is a move from the established practice of making software applications available as-a-product – that is, a distributed software product is installed and maintained by users (Kourtesis, 2011). Instead, the SaaS model relies on a providing a multi- tenant approach to software provisioning so as to facilitate having a single and shared cloud-based application code base, which can serve multiple customers. In these circumstances, customers’ management capabilities are limited to configuring application-specific settings and managing personal business data; hardware infrastructure and platform resources, such as the OS or the database, are beyond their control, and remain a concern of the SaaS vendor (or a third-party PaaS provider in a case when cloud software is deployed on a third-party cloud platform).