CC CW Chapter 1
CC CW Chapter 1
The NIST Cloud Computing Model is a widely recognized framework developed by the National
Institute of Standards and Technology (NIST). It defines cloud computing through five essential
characteristics, three service models, and four deployment models. Here's an overview:
1. Essential Characteristics
These define what makes a service "cloud computing":
1) On-Demand Self-Service: Users can provision computing resources (e.g., servers, storage)
automatically without requiring human interaction with service providers.
2) Broad Network Access: Services are accessible over the internet through standard devices like
laptops, smartphones, and tablets, ensuring convenience and flexibility.
3) Resource Pooling: The provider's computing resources are shared among multiple customers
using a multi-tenant model. Resources are dynamically assigned and reassigned based on user
demand.
4) Rapid Elasticity: Resources can be scaled up or down rapidly to meet demand, appearing to be
infinite to the user.
5) Measured Service: Cloud systems automatically control and optimize resource use by metering
capabilities (e.g., bandwidth, storage), ensuring pay-as-you-go pricing.
2. Service Models
These describe the types of services cloud providers offer:
1) Infrastructure as a Service (IaaS): Provides virtualized computing resources like virtual
machines, storage, and networks. Example: Amazon EC2, Google Compute Engine.
2) Platform as a Service (PaaS): Offers a platform for developers to build and deploy applications
without managing the underlying infrastructure. Example: Google App Engine, Microsoft Azure
App Service.
3) Software as a Service (SaaS): Delivers software applications over the internet, accessible
through web browsers. Example: Google Workspace, Salesforce.
3. Deployment Models
These define how cloud services are deployed and accessed:
1) Private Cloud: Exclusive to a single organization, either on-premises or hosted externally,
providing greater control and security.
2) Public Cloud: Owned and operated by third-party providers, offering services to the public over
the internet.
3) Community Cloud: Shared by multiple organizations with similar goals or security
requirements, such as government or healthcare groups.
4) Hybrid Cloud: Combines private and public clouds, enabling data and applications to be shared
between them for greater flexibility.
4. Benefits of the NIST Model
1) Provides a clear and standardized definition of cloud computing.
2) Helps organizations identify and implement appropriate cloud services.
3) Ensures consistency and interoperability across cloud services and providers.
The NIST model serves as a benchmark for understanding and adopting cloud computing in various
industries.
3. Explain Cloud Cube model (IA1)
Cloud Cube Model (CCM) by the Jericho Forum classifies networks into four dimensions to enhance
cloud security:
1. Internal/External:
o Internal: Data located within the organization’s cloud infrastructure.
o External: Data located outside the organization’s cloud infrastructure.
2. Insourced/Outsourced:
o Insourced: Services provided and managed internally by the organization.
o Outsourced: Services provided by third-party vendors.
3. Proprietary/Open:
o Proprietary: Services and data are secured and controlled by the organization.
o Open: Services and data adhere to open standards, allowing for interoperability.
4. Perimeterized/De-perimeterized:
o Perimeterized: Security measures are within traditional boundaries, extending the
organization’s boundary into the cloud using virtual servers and VPNs.
o De-perimeterized: Data is secured with metadata and structure, enabling secure data
handling and preventing misuse.
Steps to Secure Data with CCM:
1. Classify Data: Identify and apply appropriate rules for data classification to ensure security.
2. Trust Levels: Ensure data meets specific trust levels required for security.
3. Decision Factors:
o Customer Requirements: Ensure cloud formations meet customer needs.
o Service Type: Decide on the type of cloud service (SaaS, PaaS, IaaS) to use.
o Data and Processes: Determine which data and processes will be transferred to the
cloud.
This model helps organizations, IT managers, and business leaders secure their cloud networks and
enable secure collaboration.
• The public cloud allows anyone to access systems and services over the internet.
• It is less secure since it is open to everyone.
• Public cloud services are accessible to the general public or large industry groups and are
an example of cloud hosting, where service providers offer their services to various
customers.
• These services, such as storage backup and retrieval, can be free, subscription-based, or
on a pay-per-use basis.
• Example Google App Engine.
Private Cloud:
• Combines the best of both public and private clouds by using a layer of proprietary software
to bridge the two environments.
• This allows organizations to host applications in a secure private cloud while benefiting from
the cost savings of the public cloud.
Community Cloud:
• Community cloud allows a group of organizations with shared concerns to access systems
and services.
• It integrates different cloud services to meet specific needs and is managed by a third party or
the organizations themselves.
• The infrastructure is shared among the participating organizations.
5. Compare cloud deployment model
• It is a cloud service model that delivers computer infrastructure on an outsourced basis to support
various operations.
• It provides enterprises with outsourced infrastructure, such as networking equipment, devices,
databases, and web servers.
• Also known as Hardware as a Service (HaaS), IaaS customers pay on a per-user basis, typically
by the hour, week, or month, with some
• providers charging based on the amount of virtual machine space used.
• IaaS offers the underlying OS, security, networking, and servers needed to develop and deploy
applications, services, development tools and databases.
Platform as a Service (PaaS):
• PaaS is a CC category that provides a platform and environment for developers to build
applications and services over the internet.
• PaaS services are hosted in the cloud and accessed via web browsers.
• The PaaS provider hosts the hardware and software on its infrastructure, freeing users from
installing in-house hardware and software to develop or run applications.
• This allows development and deployment to occur independently of the hardware.
Software as a Service (SaaS):