vices as an on-demand model. In this work it is defined that cloud computing delivers Infrastructure-, Platform-, and Software as a Service (IaaS, PaaS, and SaaS) on a simple pay-per-use basis.
2.4 Cloud Deployment & Service Models
NISTs’ definition of cloud computing [35] states four deployment models, see Figure 2.5, which are typical for cloud computing: Private Cloud, Community Cloud, Public Cloud and Hybrid Cloud.
Public Clouds - also known as external Clouds, are operated and managed by a third-party vendor (business, academic or government) for open use by a non-limited group of customers. Services are offered over the Internet and accessible through web applications, web services or established data communication protocols like Secure Shell (SSH). Security management is done by the vendor, responsible for the public cloud offering. Therefore, customers don’t have a good insight into physical and log- ical security measures of the private Cloud [1, p.23]. A popular commercial public cloud offer is the Elastic Cloud (EC2) by Amazon Web Services (AWS) [23].
Community Clouds - the cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organisations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations) [35, p.3]. Typi- cally it is owned and managed by one or multiple members of that community, who are also responsible for the security management of the cloud environment. G-Cloud [36] - a cloud environment providing UK governmental agencies with information and com- munications technology (ICT) services is an example of a community cloud.
Figure 2.5: Cloud deployment models [1, p.25]
Private Clouds - also known as internal Clouds, are cloud offerings exclusively used by a single organisation, such as a large enterprise serving its internal customers, such as different branches. The cloud infrastructure is commonly run on private networks, operated and managed by the organisation itself, a third party or a combination of both [35, p.3]. Cloud Infrastructure and Applications (CloudIA) - a cloud environment for students at the University of Applied Sciences Furtwangen (HFU) is an example of a private cloud.
Hybrid Clouds - are a combination of the private cloud and the public cloud model. In a hybrid cloud, both clouds exist independently including their corresponding char- acteristics. Users are consuming most of the time the Private Cloud resources, but in specific situations, such as load peeks resources from the public cloud are used to sat- isfy the demand. This special case is also known as “Cloud Bursting”. It ensures, that a sudden increase in computing requirement is handled gracefully. In a hybrid cloud scenario, sensitive data is commonly kept in the private cloud, and only non-sensitive data gets processed in the public cloud. An example for a hybrid cloud scenario is the combination of a private cloud infrastructure and a security vendor’s public network of threat intelligence delivered through public cloud services, such as Trend Micro’s Smart Protection Network [37].
2.4. Cloud Deployment & Service Models
Cloud Service Models
The following three fundamental service models can be identified in cloud computing, which also correlate to NIST’s cloud definition: Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS). They describe the degree of a cloud’s availability to users.
Infrastructure as a Service
This layer provides an abstract view on the underlying hardware, which includes PCs, mass storage systems or network components. They get logically partitioned and pro- vided as virtual resources, by utilising virtualization technology such as, KVM [38], Xen [39], VMware [40]. Thus, a flexible management of the provided resources is possible, allowing a cloud user to create, start, stop, delete or scale virtual resources. In contrast to traditional IT-Hosting services, only a virtual instance gets provided instead the whole physical machine. This enables CSPs to optimally divide available hardware resources and provide customers with an on-demand self service on a pay- as-you-go basis. In IaaS, cloud service provider only ensure availability and usability of the infrastructure. Management of rented virtual resources, installation of addi- tional services, such as web server or email server as well as connectivity to externals systems are in the responsibility of the cloud customer. In some cases, where the op- erating system is included and a software license is required the software license costs are either amalgamated into the costs for the service or included as a surcharge [41]. A special sub-model of IaaS is the Storage as a Service model, where only storage space is provided by the CSP. Popular IaaS providers are Amazon Web Services [23], Rackspace [42] or Hosting.com [43]. The currently most popular storage as a service provider is Dropbox [18]. The research, presented in this thesis is residing on the IaaS layer.
Figure 2.6: Cloud service models [1]
Platform as a Service
Platform as a Services delivers a comprehensive development environment to applica- tion developers. The developed applications are also offered through the PaaS plat- form [1]. PaaS customer don’t have to deal with installation and configuration of a vir- tual server, since this is provided by the CSP. The provider defines the programming languages, which can be used and supplies toolkits, developer standards, libraries, databases, a software development environment and APIs as well as distribution- and payment channels. This enables a multi-tenant application development with a rapid application propagation with minimal entry costs. In a complete PaaS solution, de- velopers can build and deploy web applications without installing any tools on their computer. Popular PaaS offers are Google Apps [22], Force.com [44] and Microsoft Windows Azure [45].
Software as a Service
In the Software as a Service model, the cloud provider also acts as an application developer. The cloud customer rents software for use on a subscription or a pay-per- use basis. It is mostly used through a web browser or an adapted interface provided by the cloud service provider (CSP). The main difference between the traditional software