Elements of cloud computing may resemble earlier computing eras, but advances in virtualization, storage, connectivity, and processing power are combining to create a new technical ecosystem for cloud computing, and the result is a fundamentally different and compelling phenomenon.
The adoption of cloud computing services is growing rapidly, and one of the reasons is because its architecture stresses the benefits of shared services over isolated products. This use of shared services helps an organization focus on its primary business drivers, and lets information system technology departments reduce the gap between available computing capacity (always-on high resource) and required systems demand (mostly low volume with occasional spikes). This results in a much more efficient usage-based cost model.
Cloud computing architecture is still evolving, and will continue to evolve and change for a long time. As we begin to make sense of the various vendors’ rush to brand everything as “cloud computing,” it’s important to try to weed out the purely marketing-related acronyms and concepts. The goal of this section is to describe the cloud concepts and terminology that appear to be able to stand the test of time. Then, later in this section, we’ll examine the benefits of adopting these concepts, and how organizations are restructuring their information models to compete and thrive.
For some time now, the generally agreed upon classification scheme for cloud computing has been coined the Software-Platform-Infrastructure (SPI) model. This acronym represents the three major services provided through the cloud: SaaS, or Software as a Service; PaaS, Platform as a Service; and IaaS, Infrastructure as a Service.
Although there are a few other concepts circulating that suggest variations on this schema (we’ll address some of these in the section “Alternative Deployment Models”), the SPI framework for cloud computing is currently the most widely accepted cloud computing classification. NIST follows this framework, and most cloud service providers support this concept.
Although a lot of cloud computing infrastructure is based on existing technology, there are many differences between the SPI framework and the traditional IT model. For instance, a traditional enterprise-wide application rollout requires resources and coordination from many parts of the organization. This rollout may require numerous new hardware (servers, perimeter network devices, workstations, backup systems), operating systems, communication link provisioning, and user and management training, for example.
One advantage of the traditional model is that software applications are more customizable, but even this advantage often comes at a high cost in resources and effort.
In the traditional IT model, software applications may require substantial licensing and support costs. These licensing costs may be based on formulae that don’t translate well to the actual intended use of the application, such as hardware requirements (number of servers, processors, communication links) or other company characteristics unrelated to the original intent of the application (total number of employees in the organization, total number of remote offices, etc.).
In addition, changes in the original licensing structure due to usage increases (additional per-seat needs) may create substantial costs down the line, such as additional hardware, support SLAs, and IT resources.
In the traditional IT model, security is often owned “in-house,” with security professionals and supporting security infrastructure (firewalls, intrusion detection/prevention systems, e-mail and web monitoring systems, etc.) under the direct control of the organization. This may make it easier to provide regulatory compliance for auditing purposes using the traditional model. However, the drawback of this security ownership is the infrastructure overhead, which requires considerable resources of manpower to secure properly.
Typically, organizations employing the SPI framework don’t own the infra-structure that hosts the software application. They instead license application usage from the cloud provider, by employing either a subscription-based license or a consumption-oriented model. This enables companies to pay for only the resources they need and use, and to avoid paying for resources they don’t need, thus helping them avoid a large capital expenditure for infrastructure.
The cloud service provider that delivers some or all of the SPI elements to the organization can also share infrastructure between multiple clients. This helps improve utilization rates dramatically by eliminating a lot of wasted server idle time. Also, the shared use of very high-speed bandwidth distributes costs, enables easier peak load management, often improves response times, and increases the pace of application development.