Difference between revisions of "Cloud computing"

From LIMSWiki
Jump to navigationJump to search
(Updating contents and references. Saving and updating more.)
(→‎Issues and concerns: Updated through middle of security)
Line 68: Line 68:


==Issues and concerns==
==Issues and concerns==
General criticisms of cloud computing state the term is too unspecific or even misleading. CEO Larry Ellison of Oracle Corporation asserts that cloud computing is "everything that we already do"<ref name="FarberOracle">{{cite web |url=http://www.cnet.com/news/oracles-ellison-nails-cloud-computing/ |title=Oracle's Ellison nails cloud computing |author=Farber, Dan |work=CNET |publisher=CBS Interactive |date=26 September 2008 |accessdate=21 August 2014}}</ref> and that the company could simply "change the wording on some of our ads"
<ref name="KanaracusOracle">{{cite web |url=http://www.networkworld.com/article/2244231/data-center/oracle-launches-worldwide-cloud-computing-tour.html |title=Oracle launches worldwide cloud-computing tour |author=Kanaracus, Chris |publisher=Network World |date=09 February 2010 |accessdate=21 August 2014}}</ref> to deploy cloud-based services.
In 2008, Forrester Research VP Frank Gillett questioned the very nature of and motivation behind the push for cloud computing, describing what he calls "cloud washing"—companies simply relabeling their products as "cloud computing", resulting in mere marketing innovation instead of "real" innovation. <ref name="PlesserYT">{{cite web |url=http://www.youtube.com/watch?v=f7wv1i8ubng |title=Cloud Computing is Hyped and Overblown |author=Plesser, Andy |publisher=YouTube |date=29 September 2008 |accessdate=21 August 2014}}</ref> That same year, GNU's Richard Stallman insisted the industry will only use the model to deliver services at ever increasing rates over proprietary systems, otherwise likening it to a "marketing hype campaign."<ref name="Stallman">{{cite web |url=http://www.theguardian.com/technology/2008/sep/29/cloud.computing.richard.stallman |title=Cloud computing is a trap, warns GNU founder Richard Stallman |author=Johnson, Bobbie |work=The Guardian |date=29 September 2008 |accessdate=21 August 2014}}</ref>
===Privacy===
===Privacy===
The cloud model has been criticized by privacy advocates for the greater ease in which the companies hosting the cloud services control and monitor at will, lawfully or unlawfully, the communication and data stored between the user and the host company, leading to questions about whether or not privacy concerns can be addressed.<ref name="MaierCloud">{{cite web |url=http://mashable.com/2011/10/19/cloud-privacy/ |title=Can There Ever Really Be Privacy in the Cloud? |author=Maier, Fran |publisher=Mashable |date=19 October 2011 |accessdate=21 August 2014}}</ref><ref name="SchwartzCloud">{{cite journal=http://scholarship.law.berkeley.edu/facpubs/1906/ |journal=University of Pennsylvania Law Review |title=Information Privacy in the Cloud |author=Schwartz, Paul M. |volume=161 |issue=1623 |date=01 May 2013 |accessdate=21 August 2014}}</ref>
The cloud model has been criticized by privacy advocates for the greater ease in which the companies hosting the cloud services control and monitor at will, lawfully or unlawfully, the communication and data stored between the user and the host company, leading to questions about whether or not privacy concerns can be addressed.<ref name="MaierCloud">{{cite web |url=http://mashable.com/2011/10/19/cloud-privacy/ |title=Can There Ever Really Be Privacy in the Cloud? |author=Maier, Fran |publisher=Mashable |date=19 October 2011 |accessdate=21 August 2014}}</ref><ref name="SchwartzCloud">{{cite url=http://scholarship.law.berkeley.edu/facpubs/1906/ |journal=University of Pennsylvania Law Review |title=Information Privacy in the Cloud |author=Schwartz, Paul M. |volume=161 |issue=1623 |date=01 May 2013 |accessdate=21 August 2014}}</ref>


===Compliance===
===Compliance===
Line 79: Line 85:


===Performance===
===Performance===
With the American average download speed at 4MiB/S cloud computing relies on a high speed infrastructure that does not exist. This makes cloud computing impractical in many environments, in fact many local networks would struggle to serve multiple cloud instances. Depending on the setup cloud computing can require very fast internet, less CPU intensive setups (for the client) simply stream video over the internet or a LAN.{{Citation needed|date=July 2011}}
Public cloud instances typically function well at the server and client hardware; however, speed across the connecting public Internet pipeline can vary significantly. Internet speeds can be asymmetrical and non-guaranteed, bandwidth may need to be shared, and Internet traffic rarely follow the same path, constraining performance and making a cloud option less appealing than a localized option.<ref name="RichardsSpeed">{{cite web |url=http://www.trinustech.com/cloud-computing-storm-or-silver-lining-pt-2/ |title=Cloud Computing – Storm or Silver Lining? Pt 2 |author=Richards, Brianna |publisher=Trinus Technologies Inc |date=17 June 2013 |accessdate=21 August 2014}}</ref> Poor upload speeds, especially from non-business home accounts, are also quoted as a factor limiting cloud computing's appeal.<ref name="JenksCloud">{{cite web |url=http://www.stephenjenks.com/2011/11/cloud-computing-for-home-has-huge-problems/ |title=Cloud Computing for Home Has Huge Problems |author=Jenks, Stephen |work=Stephen Jenks' Blog |date=08 November 2011 |accessdate=21 August 2014}}</ref>
 
===Criticism===
Some have come to criticize the term as being either too unspecific or even misleading. CEO Larry Ellison of Oracle Corporation asserts that cloud computing is "everything that we already do", claiming that the company could simply "change the wording on some of our ads" to deploy their cloud-based services.<ref name="ellisonhell">{{Cite web|author=“” |url=http://www.youtube.com/watch?v=0FacYAI6DY0 |title=Larry Ellison – What The Hell Is Cloud Computing? |publisher=YouTube |date= |accessdate=2010-08-22}}</ref><ref name="ellisonnail">{{Cite web|last=Farber |first=Dan |url=http://news.cnet.com/8301-13953_3-10052188-80.html |title=Oracle's Ellison nails cloud computing |publisher=CNET News |date=2008-09-26 |accessdate=2010-08-22}}</ref><ref>{{Cite web|url=http://www.computerworld.com.au/article/335674/oracle_launches_worldwide_cloud-computing_tour/ |title=Oracle launches worldwide cloud-computing tour |publisher=Computerworld |date=2010-02-10 |accessdate=2010-08-22}}</ref><ref>{{Cite web|author=By James Rogers |url=http://www.thestreet.com/story/10649557/1/oracles-ellison-issues-cloud-challenge.html |title=Oracle's Ellison Issues Cloud Challenge |publisher=Thestreet.com |date=2009-12-18 |accessdate=2010-08-22}}</ref><ref>{{Cite web|url=http://searchcloudcomputing.techtarget.com/news/article/0,289142,sid201_gci1384202,00.html |title=Oracle desperately seeking cloud cred |publisher=Searchcloudcomputing.techtarget.com |date=2010-02-16 |accessdate=2010-08-22}}</ref> [[Forrester Research]] VP Frank Gillett questions the very nature of and motivation behind the push for cloud computing, describing what he calls "cloud washing"—companies simply relabeling their products as "cloud computing", resulting in mere marketing innovation instead of "real" innovation.<ref>{{Cite web|author=“” |url=http://www.youtube.com/watch?v=f7wv1i8ubng |title=Cloud Computing is Hyped and Overblown |publisher=Youtube.com |date=2008-09-29 |accessdate=2010-08-22}}</ref><ref>{{Cite web|url=http://www.beet.tv/2008/09/cloud-computing.html |title=Cloud Computing is Hyped and Overblown, Forrester's Frank Gillett Big Tech Companies Have "Cloud Envy" |publisher=Beet.tv |date= |accessdate=2010-08-22}}</ref>
 
GNU's Richard Stallman insists that the industry will only use the model to deliver services at ever increasing rates over proprietary systems, otherwise likening it to a "marketing hype campaign".<ref name="Stallman">[http://www.guardian.co.uk/technology/2008/sep/29/cloud.computing.richard.stallman ''Cloud computing is a trap, warns GNU founder Richard Stallman''], ''The Guardian'', par Bobbie Johnson, 29 septembre 2008</ref>


===Legal===
===Legal===
In March 2007, Dell applied to trademark the term "cloud computing" ({{US trademark|77139082}}) in the United States. The "Notice of Allowance" the company received in July 2008 was canceled in August, resulting in a formal rejection of the trademark application less than a week later. Since 2007, the number of trademark filings covering cloud computing brands, goods, and services has increased rapidly.  As companies sought to better position themselves for cloud computing branding and marketing efforts, cloud computing trademark filings increased by 483% between 2008 and 2009. In 2009, 116 cloud computing trademarks were filed, and trademark analysts predict that over 500 such marks could be filed during 2010.<ref>{{Cite web|url=http://insidetrademarks.com/2010/03/24/cloud-computing-trademark-trends/ |title=Inside Trademarks March 24, 2010 |publisher=Insidetrademarks.com |date=2010-03-24 |accessdate=2010-08-22}}</ref>
Since 2007, the number of trademark filings covering cloud computing brands, goods, and services has increased rapidly. For example, in March 2007, Dell applied to trademark the term "cloud computing" ({{US trademark|77139082}}) in the United States. The "Notice of Allowance" the company received in July 2008 was canceled in August, resulting in a formal rejection of the trademark application less than a week later. As Dell and other companies sought to better position themselves for cloud computing branding and marketing efforts, cloud computing trademark filings increased by 483 percent between 2008 and 2009. In 2009, 116 cloud computing trademarks were filed, and trademark analysts predicted that over 500 such marks could be filed during 2010.<ref name="Trademarks">{{cite web |url=http://insidetrademarks.com/2010/03/24/cloud-computing-trademark-trends/ |archiveurl=https://web.archive.org/web/20100328121742/http://insidetrademarks.com/2010/03/24/cloud-computing-trademark-trends/ |title=Cloud Computing Trademark Trends |publisher=Inside Trademarks |date=24 March 2010 |archivedate=28 March 2010 |accessdate=21 August 2014}}</ref>
 
Other legal cases may shape the use of cloud computing by the public sector. On October 29, 2010, Google filed a lawsuit against the U.S. Department of Interior, which opened up a bid for software that required that bidders use Microsoft's Business Productivity Online Suite.  Google sued, calling the requirement "unduly restrictive of competition."<ref>[http://www.scribd.com/doc/40513712/Google-v-US-Complaint Google, Inc. vs. the United States]</ref>  Scholars have pointed out that, beginning in 2005, the prevalence of open standards and open source may have an impact on the way that public entities choose to select vendors.<ref>[http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1656616 Casson and Ryan, Open Standards, Open Source Adoption in the Public Sector, and Their Relationship to Microsoft’s Market Dominance]</ref>


There are also concerns about a cloud provider shutting down for financial or legal reasons, which has happened in a number of cases.<ref>{{Cite web|last=Scheier |first=Robert L. |url=http://www.infoworld.com/d/cloud-computing/what-do-if-your-cloud-provider-disappears-508 |title=What to do if your cloud provider disappears &#124; Cloud Computing |publisher=InfoWorld |date=2009-04-20 |accessdate=2010-08-22}}</ref>
Other legal cases may shape the use of cloud computing by the public sector. On October 29, 2010, Google filed a lawsuit against the U.S. Department of Interior, which opened up a bid for software that required bidders use Microsoft's Business Productivity Online Suite. Google sued, calling the requirement "unduly restrictive of competition."<ref name="GoogleUS">{{cite web |url=http://www.scribd.com/doc/40513712/Google-v-US-Complaint |title=Google v US Complaint |publisher=Scribd |date=31 October 2010 |accessdate=21 August 2014}}</ref> Scholars have pointed out that, beginning in 2005, the prevalence of open standards and open-source software options may have an impact on the way public entities choose to select vendors and their software.<ref>{{cite web |url=http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1656616 |title=Open Standards, Open Source Adoption in the Public Sector, and Their Relationship to Microsoft’s Market Dominance |author=Casson, Tony; Ryan, Patrick S. |publisher=Social Science Electronic Publishing |date=01 May 2006 |accessdate=21 August 2014}}</ref>


===Open source===
Concerns about the legal and financial repercussions of a cloud provider shutting down, which has happened in a number of cases, also exist.<ref name="ScheiferCloud">{{cite web |url=http://www.infoworld.com/d/cloud-computing/what-do-if-your-cloud-provider-disappears-508 |title=What to do if your cloud provider disappears |author=Scheier, Robert L |work=InfoWorld |publisher=IDG Network |date=20 April 2009 |accessdate=21 August 2014}}</ref>
[[Open source software]] has provided the foundation for many cloud computing implementations, one prominent example being the Hadoop framework.<ref>{{Cite web|url=http://www.networkworld.com/news/2008/072808-open-source-cloud-computing.html |title=Open source fuels growth of cloud computing, software-as-a-service |publisher=Network World |date= |accessdate=2010-08-22}}</ref> In November 2007, the Free Software Foundation released the Affero General Public License, a version of GPLv3 intended to close a perceived legal loophole associated with free software designed to be run over a network.<ref>{{Cite web|url=http://redmonk.com/sogrady/2009/04/15/open-source-licensing-in-a-networked-age/ |title=AGPL: Open Source Licensing in a  Networked Age |publisher=Redmonk.com |date=2009-04-15 |accessdate=2010-08-22}}</ref>


===Open standards===
===Open standards===
Most cloud providers expose [[Application programming interface|APIs]] that are typically well-documented (often under a Creative Commons license<ref>[http://www.gogrid.com/company/press-releases/gogrid-moves-api-specification-to-creativecommons.php GoGrid Moves API Specification to Creative Commons]{{Dead link|date=August 2010}}</ref>) but also unique to their implementation and thus not interoperable. Some vendors have adopted others' APIs and there are a number of open standards under development, with a view to delivering interoperability and portability.<ref>{{Cite web|url=http://ostatic.com/blog/eucalyptus-completes-amazon-web-services-specs-with-latest-release |title=Eucalyptus Completes Amazon Web Services Specs with Latest Release |publisher=Ostatic.com |date= |accessdate=2010-08-22}}</ref>
Most cloud providers expose APIs that are typically well-documented (often under a Creative Commons license<ref>{{cite web |url=http://www.gogrid.com/company/press-releases/gogrid-moves-api-specification-to-creativecommons.php |archiveurl=https://web.archive.org/web/20090201061221/http://gogrid.com/company/press-releases/gogrid-moves-api-specification-to-creativecommons.php |title=GoGrid Moves API Specification to Creative Commons |publisher=ServePath |date=20 January 2009 |accessdate=21 August 2014}}</ref>) but also unique to their implementation and thus not interoperable. Some vendors have adopted others' APIs, and there are a number of open standards under development, with a view to delivering interoperability and portability.<ref name="EucAma">{{cite web |url=http://ostatic.com/blog/eucalyptus-completes-amazon-web-services-specs-with-latest-release |title=Eucalyptus Completes Amazon Web Services Specs with Latest Release |author=Brockmeier, Joe |publisher=OStatic |date=19 February 2010 |accessdate=21 August 2014}</ref>


===Security===
===Security===
As cloud computing is achieving increased popularity, concerns are being voiced about the security issues introduced through the adoption of this new model. The effectiveness and efficiency of traditional protection mechanisms are being reconsidered as the characteristics of this innovative deployment model differ widely from those of traditional architectures.<ref name="Zissis 10">{{cite journal|last=Zissis|first=Dimitrios|coauthors=Lekkas|title=Addressing cloud computing security issues|journal=Future Generation Computer Systems|year=2010|doi=10.1016/j.future.2010.12.006|url=http://www.sciencedirect.com/science/article/pii/S0167739X10002554}}</ref>
As cloud computing increases in popularity, concerns are being raised about the security issues introduced through the adoption of this new model. The effectiveness and efficiency of traditional protection mechanisms are being reconsidered as the characteristics of this innovative deployment model differ widely from those of traditional architectures.<ref name="Zissis10">{{cite journal |url=http://dl.acm.org/citation.cfm?id=2064287 |journal=Future Generation Computer Systems |author=Zissis, Dimitrios; Lekkas, Dimitrios |title=Addressing cloud computing security issues |volume=28 |issue=3 |date=March 2012 |doi=10.1016/j.future.2010.12.006 |accessdate=21 August 2014}}</ref>


The relative security of cloud computing services is a contentious issue that may be delaying its adoption.<ref>{{Cite web|url=http://www.networkworld.com/news/2009/042709-burning-security-cloud-computing.html |title=Are security issues delaying adoption of cloud computing? |publisher=Network World |date= |accessdate=2010-08-22}}</ref> Issues barring the adoption of cloud computing are due in large part to the private and public sectors unease surrounding the external management of security based services. It is the very nature of cloud computing based services, private or public, that promote external management of provided services. This delivers great incentive among cloud computing service providers in producing a priority in building and maintaining strong management of secure services.<ref>{{Cite web|url=http://www.networkworld.com/news/2010/022210-virtualization-cloud-security-debate.html |title=Security of virtualization, cloud computing divides IT and security pros |publisher=Network World |date=2010-02-22 |accessdate=2010-08-22}}</ref> Security issues have been categorized into sensitive data access, data segregation, privacy, bug exploitation, recovery, accountability, malicious insiders, management console security, account control, and multi-tenancy issues. Solution to various cloud security issues vary through cryptography, particularly public key infrastructure (PKI), use of multiple cloud providers, standardization of APIs, improving virtual machine support and legal support.<ref name="Zissis 10" /><ref>{{cite journal|last=Armbrust|first=M|coauthors=Fox, A., Griffith, R., Joseph, A., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Zaharia,|title=A view of cloud computing.|journal=Communication of the ACM|year=2010|volume=53|issue=4|pages=50–58|doi=10.1145/1721654.1721672}}</ref><ref>{{cite journal|last=Anthens|first=G|title=Security in the cloud|journal=Communications of the ACM|volume=53|issue=11|doi=10.1145/1839676.1839683}}</ref>
Issues barring the adoption of cloud computing are due in large part to the private and public sectors' unease surrounding the external management of security based services. It is the very nature of cloud computing based services, private or public, that promote external management of provided services. This delivers great incentive among cloud computing service providers in producing a priority in building and maintaining strong management of secure services.<ref name="">{{cite web |url=http://www.networkworld.com/article/2244954/virtualization/security-of-virtualization--cloud-computing-divides-it-and-security-pros.html |title=Security of virtualization, cloud computing divides IT and security pros |author=Messmer, Ellen |publisher=Network World |date=22 February 2010 |accessdate=21 August 2014}}</ref> Security issues have been categorized into sensitive data access, data segregation, privacy, bug exploitation, recovery, accountability, malicious insiders, management console security, account control, and multi-tenancy issues. Solutions to various cloud security issues vary from cryptography (particularly public key infrastructure), use of multiple cloud providers, standardization of APIs, improving virtual machine support, and legal support.<ref name="Zissis10" /><ref name="Armbrust10">{{cite journal |url=http://dl.acm.org/citation.cfm?doid=1721654.1721672 |journal=Communications of the ACM |title=A view of cloud computing |author=Armbrust, Michael; Fox, Armando; Griffith, Rean; Joseph, Anthony D.; Katz, Randy; Konwinski, Andy; Lee, Gunho; Patterson, David; Rabkin, Ariel; Stoica, Ion; Zaharia, Matei |volume=53 |issue=4 |pages=50–58 |date=April 2010 |doi=10.1145/1721654.1721672 |accessdate=21 August 2014}}</ref><ref name="Armbrust10">{{cite journal |url=http://dl.acm.org/citation.cfm?doid=1839676.1839683 |journal=Communications of the ACM |title=Security in the cloud |author=Anthes, Gary |volume=53 |issue=11 |pages=16–18 |date=November 2010 |doi=10.1145/1839676.1839683 |accessdate=21 August 2014}}</ref>


Security is often as good as or better than under traditional systems, in part because providers are able to devote resources to solving security issues that many customers cannot afford.<ref>{{Cite web|last=Mills |first=Elinor |url=http://news.cnet.com/8301-1009_3-10150569-83.html |title=Cloud computing security forecast: Clear skies |publisher=CNET News |date=2009-01-27 |accessdate=2010-08-22}}</ref> However, the complexity of security is greatly increased when data is distributed over a wider area or greater number of devices and in multi-tenant systems that are being shared by unrelated users. In addition, user access to security [[audit log]]s may be difficult or impossible. Private cloud installations are in part motivated by users' desire to retain control over the infrastructure and avoid losing control of information security.
Security is often as good as or better than under traditional systems, in part because providers are able to devote resources to solving security issues that many customers cannot afford.<ref>{{Cite web|last=Mills |first=Elinor |url=http://news.cnet.com/8301-1009_3-10150569-83.html |title=Cloud computing security forecast: Clear skies |publisher=CNET News |date=2009-01-27 |accessdate=2010-08-22}}</ref> However, the complexity of security is greatly increased when data is distributed over a wider area or greater number of devices and in multi-tenant systems that are being shared by unrelated users. In addition, user access to security [[audit log]]s may be difficult or impossible. Private cloud installations are in part motivated by users' desire to retain control over the infrastructure and avoid losing control of information security.

Revision as of 20:44, 21 August 2014

Cloud computing logical diagram

Cloud computing is the delivery of computing as a service rather than a product, whereby shared resources, software, and information are provided to computers and other devices as a utility (like the electricity grid) over a network, typically the Internet.

Cloud computing describes a new supplement, consumption, and delivery model for IT services based on Internet protocols, and it typically involves provisioning of dynamically scalable and often virtualized resources[1][2] Details are abstracted from end-users, who no longer have need for expertise in, or control over, the technology infrastructure "in the cloud" that supports them.[3]

Cloud computing typically takes the form of web-based tools or applications that users can access and use through a web browser as if they were programs installed locally on their own computers. Those applications and resulting data are stored on servers at a remote location. In some cases, legacy applications (line of business applications that until now have been prevalent in thin client Windows computing) are delivered via a screen-sharing technology, while the computing resources are consolidated at a remote data center location; in other cases, entire business applications have been coded using web-based technologies such as Ajax.

Overview

Term

The term "cloud" is used as a metaphor for the Internet, based on the cloud drawing used in the past to represent the telephone network,[4] and later to depict the Internet in computer network diagrams as an abstraction of the underlying infrastructure it represents.[5]

Characteristics

The National Institute of Standards and Technology (NIST) offers an authoritative definition of cloud computing. That definition encompasses the essential characteristics, service models, and deployment models of the service. Of the essential characteristics, cloud computing must[6]:

  • provide computing capabilities and services on an as-needed basis, without human intervention;
  • be broadly accessible from a wide variety of standard desktop and mobile platforms;
  • make storage, processing, memory, and network bandwidth available as pooled, multi-tenant resources;
  • make those resources scalable with demand, often automatically, at any time; and
  • meter those resources and make the resulting information transparently available to both provider and consumer.

Additional, more granular characteristics of cloud computing include the following.

  • An application programming interface (API) enables machines to interact with cloud software in the same way the user interface facilitates interaction between humans and computers. Cloud computing systems typically use REST-based APIs.
  • Cost is potentially reduced in a public cloud delivery model, with capital expenditure being converted to operational expenditure, including research, development, and sales.[7] This is purported to lower barriers to entry, as infrastructure is typically provided by a third-party and does not need to be purchased for one-time or infrequent intensive computing tasks. Pricing on a utility computing basis is fine-grained with usage-based options and fewer in-house IT skills are required for implementation.[8]
  • Device and location independence enable users to access systems using a web browser regardless of their location or what device they are using (e.g., PC, mobile phone).[9] As infrastructure is off-site (typically provided by a third-party) and accessed via the Internet, users can connect from anywhere.[8]
  • Multi-tenancy enables sharing of resources and costs across a large pool of users, allowing for centralization of infrastructure in locations with lower costs, peak-load capacity increases, and utilization and efficiency improvements.
  • Reliability is improved if multiple redundant sites are used, which makes well-designed cloud computing suitable for business continuity and disaster recovery.[10]
  • Services are scalable and elastic via dynamic, "on-demand" provisioning of resources on a fine-grained, self-service basis in real-time, without users having to engineer for peak loads.[11]
  • Performance is monitored, and consistent and loosely coupled architectures are constructed using web services as the system interface.[8]
  • Security could improve due to centralization of data, increased security-focused resources, etc., but concerns may persist about loss of control over certain sensitive data and the lack of security for stored kernels.
  • Maintenance of cloud computing applications is easier, because they do not need to be installed on each user's computer. They are easier to support and to improve, as the changes reach the clients instantly.

Service models

The NIST definition also details the service models, which include software as a service (SaaS; provider's application runs on their infrastructure), platform as a service (PaaS; consumer-created or -acquired application runs on provider's infrastructure), and infrastructure as a service (IaaS; customer deploys operating systems and applications over fundamental computing resources provisioned by the provider).[6]

Deployment models

Cloud computing deployment types

The NIST definition identifies four deployment models for cloud computing.[6]

Private cloud: an infrastructure operated solely for a single organization, whether managed internally or by a third-party and hosted internally or externally

Community cloud: an infrastructure shared between several organisations from a specific community with common concerns (security, compliance, jurisdiction, etc.), managed internally or by a third-party and hosted internally or externally

Public cloud: an infrastructure where resources are dynamically provisioned to the general public on a fine-grained, self-service basis over the Internet, via web applications/web services, from an off-site third-party provider who bills on a metered basis

Hybrid cloud: a composition of two or more clouds (private, community, or public) that remain unique entities but are bound together, offering the benefits of multiple deployment models

A fifth deployment option (potentially classifiable as "hybrid") that has become more notable is carrier cloud, cloud computing services integrated into a communications service provider's network infrastructure.[12][13]

History

The underlying concept of cloud computing dates back to the 1960s, when John McCarthy opined that "computation may someday be organized as a public utility."[14] Almost all the modern-day characteristics of cloud computing (elastic provision, provided as a utility, online, illusion of infinite supply), as well as the comparison to the electricity industry and the use of public, private, government, and community forms, were thoroughly explored in Douglas Parkhill's 1966 book, The Challenge of the Computer Utility.[15]

The actual term "cloud" borrows from telephony in that telecommunications companies, that until the 1990s offered primarily dedicated point-to-point data circuits, began offering virtual private network (VPN) services with comparable quality of service but at a much lower cost. By switching traffic to balance utilization as they saw fit, they were able to utilize their overall network bandwidth more effectively. The cloud symbol was used to denote the demarcation point between that which was the responsibility of the provider and that which was the responsibility of the user. Cloud computing extends this boundary to cover servers as well as the network infrastructure.[16]

By the beginning of the twenty-first century, the advent of virtualization technology and cost effective computing hardware, as well as ubiquitous Internet connectivity, enabled a first wave of cloud services, including Salesforce.com in 1999 and Amazon Web Services in 2002.[17] After the dot-com bubble, Amazon continued to play key role in the development of cloud computing by modernizing their data centers, which, like most computer networks, were using as little as 10 percent of their capacity at any one time, just to leave room for occasional spikes. Having found the new cloud architecture resulted in significant internal efficiency improvements whereby small, fast-moving "two-pizza teams" could add new features faster and more easily, Amazon initiated a new commercial cloud-based project, launching its Elastic Compute cloud (EC2) in 2006.[17]

In May 2008, Eucalyptus became the first open-source, Amazon Web Service API-compatible platform for deploying private clouds.[18] In early 2008, OpenNebula, enhanced in the RESERVOIR European Commission-funded project, became the first open-source software for deploying private and hybrid clouds and for the federation of clouds.[19] By mid-2008, technology research firm Gartner saw an opportunity for cloud computing "to shape the relationship among consumers of IT services, those who use IT services and those who sell them"[20] and observed that "organisations are switching from company-owned hardware and software assets to per-use service-based models" so that the "projected shift to cloud computing ... will result in dramatic growth in IT products in some areas and significant reductions in other areas."[21]

By 2013, Gartner was reporting the public cloud services market was forecast to grow 18.5 percent in 2013, totalling $131 billion worldwide, up from $111 billion in 2012. Infrastructure as a service (IaaS) made up the fastest-growing segment of the market, growing 42.4 percent in 2012 to $6.1 billion, with expectations of it growing 47.3 percent in 2013 to $9 billion.[22]

Issues and concerns

General criticisms of cloud computing state the term is too unspecific or even misleading. CEO Larry Ellison of Oracle Corporation asserts that cloud computing is "everything that we already do"[23] and that the company could simply "change the wording on some of our ads" [24] to deploy cloud-based services.

In 2008, Forrester Research VP Frank Gillett questioned the very nature of and motivation behind the push for cloud computing, describing what he calls "cloud washing"—companies simply relabeling their products as "cloud computing", resulting in mere marketing innovation instead of "real" innovation. [25] That same year, GNU's Richard Stallman insisted the industry will only use the model to deliver services at ever increasing rates over proprietary systems, otherwise likening it to a "marketing hype campaign."[26]

Privacy

The cloud model has been criticized by privacy advocates for the greater ease in which the companies hosting the cloud services control and monitor at will, lawfully or unlawfully, the communication and data stored between the user and the host company, leading to questions about whether or not privacy concerns can be addressed.[27][28]

Compliance

In order to obtain compliance with regulations including FISMA, HIPAA, and SOX in the United States, the Data Protection Directive in the European Union, and the credit card industry's PCI DSS, users may have to adopt community or hybrid deployment modes that are typically more expensive and may offer restricted benefits. This is how Google is able to "manage and meet additional government policy requirements beyond FISMA"[29][30] and Rackspace Cloud are able to claim PCI compliance.[31]

Many providers also obtain SAS 70 Type II certification, but this has been criticized on the grounds that the hand-picked set of goals and standards determined by the auditor and the auditee are often not disclosed and can vary widely.[32] Providers typically make this information available on request, under non-disclosure agreement.[33]

Customers in the European Union contracting with cloud providers established outside the area have to adhere to the European Union's regulations on export of personal data.[34]

Performance

Public cloud instances typically function well at the server and client hardware; however, speed across the connecting public Internet pipeline can vary significantly. Internet speeds can be asymmetrical and non-guaranteed, bandwidth may need to be shared, and Internet traffic rarely follow the same path, constraining performance and making a cloud option less appealing than a localized option.[35] Poor upload speeds, especially from non-business home accounts, are also quoted as a factor limiting cloud computing's appeal.[36]

Legal

Since 2007, the number of trademark filings covering cloud computing brands, goods, and services has increased rapidly. For example, in March 2007, Dell applied to trademark the term "cloud computing" (U.S. Trademark 77,139,082) in the United States. The "Notice of Allowance" the company received in July 2008 was canceled in August, resulting in a formal rejection of the trademark application less than a week later. As Dell and other companies sought to better position themselves for cloud computing branding and marketing efforts, cloud computing trademark filings increased by 483 percent between 2008 and 2009. In 2009, 116 cloud computing trademarks were filed, and trademark analysts predicted that over 500 such marks could be filed during 2010.[37]

Other legal cases may shape the use of cloud computing by the public sector. On October 29, 2010, Google filed a lawsuit against the U.S. Department of Interior, which opened up a bid for software that required bidders use Microsoft's Business Productivity Online Suite. Google sued, calling the requirement "unduly restrictive of competition."[38] Scholars have pointed out that, beginning in 2005, the prevalence of open standards and open-source software options may have an impact on the way public entities choose to select vendors and their software.[39]

Concerns about the legal and financial repercussions of a cloud provider shutting down, which has happened in a number of cases, also exist.[40]

Open standards

Most cloud providers expose APIs that are typically well-documented (often under a Creative Commons license[41]) but also unique to their implementation and thus not interoperable. Some vendors have adopted others' APIs, and there are a number of open standards under development, with a view to delivering interoperability and portability.[42]

Security

As cloud computing increases in popularity, concerns are being raised about the security issues introduced through the adoption of this new model. The effectiveness and efficiency of traditional protection mechanisms are being reconsidered as the characteristics of this innovative deployment model differ widely from those of traditional architectures.[43]

Issues barring the adoption of cloud computing are due in large part to the private and public sectors' unease surrounding the external management of security based services. It is the very nature of cloud computing based services, private or public, that promote external management of provided services. This delivers great incentive among cloud computing service providers in producing a priority in building and maintaining strong management of secure services.[44] Security issues have been categorized into sensitive data access, data segregation, privacy, bug exploitation, recovery, accountability, malicious insiders, management console security, account control, and multi-tenancy issues. Solutions to various cloud security issues vary from cryptography (particularly public key infrastructure), use of multiple cloud providers, standardization of APIs, improving virtual machine support, and legal support.[43][45][45]

Security is often as good as or better than under traditional systems, in part because providers are able to devote resources to solving security issues that many customers cannot afford.[46] However, the complexity of security is greatly increased when data is distributed over a wider area or greater number of devices and in multi-tenant systems that are being shared by unrelated users. In addition, user access to security audit logs may be difficult or impossible. Private cloud installations are in part motivated by users' desire to retain control over the infrastructure and avoid losing control of information security.

Sustainability

Although cloud computing is often assumed to be a form of "green computing", there is as of yet no published study to substantiate this assumption.[47] Siting the servers affects the environmental effects of cloud computing. In areas where climate favors natural cooling and renewable electricity is readily available, the environmental effects will be more moderate. Thus countries with favorable conditions, such as Finland,[48] Sweden and Switzerland,[49] are trying to attract cloud computing data centers.

Abuse

As with privately purchased hardware, crackers posing as legitimate customers can purchase the services of cloud computing for nefarious purposes. This includes password cracking and as a means of launching attacks.[50] In 2009, a banking trojan illegally used the popular Amazon service as a command and control channel that issued software updates and malicious instructions to PCs that were infected by the malware.[51]

Cloud Computing Contracts

Most transitions to a cloud computing solution entail a change from a technically managed solution to a contractually managed solution. This change necessitates increased IT contract negotiation skills to establish the terms of the relationship and vendor management skills to maintain the relationship. All rights and responsibilities that are associated with the relationship between a client and a cloud computing services provider must be codified in the contract and effectively managed until the relationship has been terminated. Key risks and issues that are either unique to cloud computing or essential to its effective adoption typically involve service level agreements; data processing and access; provider infrastructure and security; and contract and vendor management.[52]

Notes

This article heavily reuses content from the Wikipedia article.

References

  1. "Gartner Says Cloud Computing Will Be As Influential As E-business". Gartner, Inc. 26 June 2008. http://www.gartner.com/newsroom/id/707508. Retrieved 20 August 2014. 
  2. Knorr, Eric; Gruman, Galen (7 April 2008). "What cloud computing really means". InfoWorld. IDG Network. http://www.infoworld.com/d/cloud-computing/what-cloud-computing-really-means-031. Retrieved 20 August 2014. 
  3. Danielson, Krissi (26 March 2008). "Distinguishing Cloud Computing from Utility Computing". ebizQ. TechTarget. http://www.ebizq.net/blogs/saasweek/2008/03/distinguishing_cloud_computing/. Retrieved 21 August 2014. 
  4. Sells, Chris (1 July 1998). "Windows Telephony Programming: A Developer's Guide to TAPI". Sellsbrothers.com. Archived from the original on 02 May 2005. https://web.archive.org/web/20050502192319/http://www.sellsbrothers.com/writing/intro2tapi/default.aspx?content=pstn.htm. Retrieved 21 August 2014. 
  5. Scanlon,Jessie Holliday; Wieners, Brad (9 July 1999). "The Internet Cloud". The Industry Standard. IDG Network. Archived from the original on 11 February 2010. https://web.archive.org/web/20100211133442/http://www.thestandard.com/article/0,1902,5466,00.html. Retrieved 2010-08-22. 
  6. 6.0 6.1 6.2 Mell, Peter; Grance, Timothy (September 2011). "The NIST Definition of Cloud Computing" (PDF). National Institute of Standards and Technology. http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf. Retrieved 20 August 2014. 
  7. Columbus, Louis (10 April 2013). "Making Cloud Computing Pay". Forbes. http://www.forbes.com/sites/louiscolumbus/2013/04/10/making-cloud-computing-pay-2/. Retrieved 20 August 2014. 
  8. 8.0 8.1 8.2 Gens, Frank (23 September 2008). "Defining "Cloud Services" and "Cloud Computing"". IDC. http://blogs.idc.com/ie/?p=190. Retrieved 20 August 2014. 
  9. Farber, Dan (25 June 2008). "The new geek chic: Data centers". CNET. CBS Interactive. http://www.cnet.com/news/the-new-geek-chic-data-centers/. Retrieved 20 August 2014. 
  10. King, Rachael (4 August 2008). "Cloud Computing: Small Companies Take Flight". Businessweek. http://www.businessweek.com/technology/content/aug2008/tc2008083_619516.htm. Retrieved 20 August 2014. 
  11. Kuperberg, Michael; Herbst, Nikolas; Kistowski, Joakim von; Reussner, Ralf (2011). "Defining and Measuring Cloud Elasticity". Karlsruher Institut für Technologie. http://digbib.ubka.uni-karlsruhe.de/volltexte/1000023476. Retrieved 20 August 2014. 
  12. "Cloud Evolution: The Carrier Cloud" (PDF). Kontron. 2013. http://www.kontron.com/resources/collateral/white_papers/kontroncarriercloudwp.pdf. 
  13. Narcisi, Gina (November 2013). "Carrier cloud services: Do customers care if you own the network?". SearchTelecom. TechTarget. http://searchtelecom.techtarget.com/feature/Carrier-cloud-services-Do-customers-care-if-you-own-the-network. Retrieved 20 August 2014. 
  14. Halpert, Ben (2011). "Chapter 1: Introduction to Cloud Computing". Auditing Cloud Computing: A Security and Privacy Guide. John Wiley & Sons. pp. 1–13. ISBN 9781118116043. http://books.google.com/books?id=GjsH0HJ2PmYC&pg=PT10&lpg=PT10. Retrieved 21 August 2014. 
  15. Parhill, Douglas (2006). The Challenge of the Computer Utility. Addison-Wesley Pub. Co. http://books.google.com/books?id=8kJZAAAAMAAJ. Retrieved 21 August 2014. 
  16. Laubach, Mark (July 1993). "Minutes of the IP Over Asynchronous Transfer Mode Working Group (ATM)". Hewlett-Packard. http://ftp.univie.ac.at/netinfo/ietf/atm/atm-minutes-93jul.txt. Retrieved 21 August 2014. 
  17. 17.0 17.1 Mohamed, Arif (March 2009). "A history of cloud computing". ComputerWorld.com. TechTarget. http://www.computerweekly.com/feature/A-history-of-cloud-computing. Retrieved 20 August 2014. 
  18. "The Eucalyptus Story". Eucalyptus Systems, Inc. https://www.eucalyptus.com/about/story. Retrieved 21 August 2014. 
  19. Rochwerger, B.; Caceres, J.; Montero, R.S.; Breitgand, D.; Elmroth, E.; Galis, A.; Levy, E.; Llorente, I.M.; Nagin, K.; Wolfsthal, Y.; Caceres, J.; Ben-Yehuda, M.; Emmerich, W.; Galan, F (2009). "The RESERVOIR Model and Architecture for Open Federated Cloud Computing". IBM Journal of Research and Development 53 (4). http://researchweb.watson.ibm.com/journal/abstracts/rd/534/rochwerger.html. Retrieved 21 August 2014. 
  20. Schurr, Amy (8 July 2008). "Keep an eye on cloud computing". Network World. http://www.networkworld.com/newsletters/itlead/2008/070708itlead1.html. Retrieved 21 August 2014. 
  21. "Gartner Says Worldwide IT Spending On Pace to Surpass Trillion in 2008". Gartner, Inc. 18 August 2008. http://www.gartner.com/it/page.jsp?id=742913. Retrieved 21 August 2014. 
  22. "Gartner Says Worldwide Public Cloud Services Market to Total $131 Billion". Gartner, Inc. 28 February 2013. http://www.gartner.com/newsroom/id/2352816. Retrieved 21 August 2014. 
  23. Farber, Dan (26 September 2008). "Oracle's Ellison nails cloud computing". CNET. CBS Interactive. http://www.cnet.com/news/oracles-ellison-nails-cloud-computing/. Retrieved 21 August 2014. 
  24. Kanaracus, Chris (9 February 2010). "Oracle launches worldwide cloud-computing tour". Network World. http://www.networkworld.com/article/2244231/data-center/oracle-launches-worldwide-cloud-computing-tour.html. Retrieved 21 August 2014. 
  25. Plesser, Andy (29 September 2008). "Cloud Computing is Hyped and Overblown". YouTube. http://www.youtube.com/watch?v=f7wv1i8ubng. Retrieved 21 August 2014. 
  26. Johnson, Bobbie (29 September 2008). "Cloud computing is a trap, warns GNU founder Richard Stallman". The Guardian. http://www.theguardian.com/technology/2008/sep/29/cloud.computing.richard.stallman. Retrieved 21 August 2014. 
  27. Maier, Fran (19 October 2011). "Can There Ever Really Be Privacy in the Cloud?". Mashable. http://mashable.com/2011/10/19/cloud-privacy/. Retrieved 21 August 2014. 
  28. Template:Cite url=http://scholarship.law.berkeley.edu/facpubs/1906/
  29. Howard, Alexander B (18 December 2009). "FISMA compliance for federal cloud computing on the horizon in 2010". SearchCompliance. TechTarget. http://searchcompliance.techtarget.com/news/1377298/FISMA-compliance-for-federal-cloud-computing-on-the-horizon-in-2010. Retrieved 21 August 2014. 
  30. Glotzbach, Matthew (15 September 2009). "Google Apps and Government". Google Official Enterprise Blog. Google. http://googleenterprise.blogspot.com/2009/09/google-apps-and-government.html. Retrieved 21 August 2014. 
  31. Bartels, Angela (5 March 2009). "Cloud Hosting is Secure for Take-off: Mosso Enables The Spreadsheet Store, an Online Merchant, to become PCI Compliant". Rackspace. Archived from the original on 23 February 2011. https://web.archive.org/web/20110223172816/http://www.rackspace.com/cloud/blog/2009/03/05/cloud-hosting-is-secure-for-take-off-mosso-enables-the-spreadsheet-store-an-online-merchant-to-become-pci-compliant/. Retrieved 21 August 2014. 
  32. Brooks, Carl (17 November 2009). "Amazon gets SAS 70 Type II audit stamp, but analysts not satisfied". SearchCloudComputing. TechTarget. http://searchcloudcomputing.techtarget.com/news/article/0,289142,sid201_gci1374629,00.html. Retrieved 21 August 2014. 
  33. Norton, Jerry (31 December 2009). "Assessing Cloud Computing Agreements and Controls". WTN News. WTN Media. http://wtnnews.com/articles/6954/. Retrieved 21 August 2014. 
  34. Helbing, Thomas (29 August 2012). "How the New EU Rules on Data Export Affect Companies in and Outside the EU". Dr. Thomas Helbing. https://www.thomashelbing.com/en/how-new-eu-rules-data-export-affect-companies-and-outside-eu. Retrieved 21 August 2014. 
  35. Richards, Brianna (17 June 2013). "Cloud Computing – Storm or Silver Lining? Pt 2". Trinus Technologies Inc. http://www.trinustech.com/cloud-computing-storm-or-silver-lining-pt-2/. Retrieved 21 August 2014. 
  36. Jenks, Stephen (8 November 2011). "Cloud Computing for Home Has Huge Problems". Stephen Jenks' Blog. http://www.stephenjenks.com/2011/11/cloud-computing-for-home-has-huge-problems/. Retrieved 21 August 2014. 
  37. "Cloud Computing Trademark Trends". Inside Trademarks. 24 March 2010. Archived from the original on 28 March 2010. https://web.archive.org/web/20100328121742/http://insidetrademarks.com/2010/03/24/cloud-computing-trademark-trends/. Retrieved 21 August 2014. 
  38. "Google v US Complaint". Scribd. 31 October 2010. http://www.scribd.com/doc/40513712/Google-v-US-Complaint. Retrieved 21 August 2014. 
  39. Casson, Tony; Ryan, Patrick S. (1 May 2006). "Open Standards, Open Source Adoption in the Public Sector, and Their Relationship to Microsoft’s Market Dominance". Social Science Electronic Publishing. http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1656616. Retrieved 21 August 2014. 
  40. Scheier, Robert L (20 April 2009). "What to do if your cloud provider disappears". InfoWorld. IDG Network. http://www.infoworld.com/d/cloud-computing/what-do-if-your-cloud-provider-disappears-508. Retrieved 21 August 2014. 
  41. "GoGrid Moves API Specification to Creative Commons". ServePath. 20 January 2009. Archived from the original. Error: If you specify |archiveurl=, you must also specify |archivedate=. https://web.archive.org/web/20090201061221/http://gogrid.com/company/press-releases/gogrid-moves-api-specification-to-creativecommons.php. Retrieved 21 August 2014. 
  42. {{cite web |url=http://ostatic.com/blog/eucalyptus-completes-amazon-web-services-specs-with-latest-release |title=Eucalyptus Completes Amazon Web Services Specs with Latest Release |author=Brockmeier, Joe |publisher=OStatic |date=19 February 2010 |accessdate=21 August 2014}
  43. 43.0 43.1 Zissis, Dimitrios; Lekkas, Dimitrios (March 2012). "Addressing cloud computing security issues". Future Generation Computer Systems 28 (3). doi:10.1016/j.future.2010.12.006. http://dl.acm.org/citation.cfm?id=2064287. Retrieved 21 August 2014. 
  44. Messmer, Ellen (22 February 2010). "Security of virtualization, cloud computing divides IT and security pros". Network World. http://www.networkworld.com/article/2244954/virtualization/security-of-virtualization--cloud-computing-divides-it-and-security-pros.html. Retrieved 21 August 2014. 
  45. 45.0 45.1 Armbrust, Michael; Fox, Armando; Griffith, Rean; Joseph, Anthony D.; Katz, Randy; Konwinski, Andy; Lee, Gunho; Patterson, David; Rabkin, Ariel; Stoica, Ion; Zaharia, Matei (April 2010). "A view of cloud computing". Communications of the ACM 53 (4): 50–58. doi:10.1145/1721654.1721672. http://dl.acm.org/citation.cfm?doid=1721654.1721672. Retrieved 21 August 2014.  Cite error: Invalid <ref> tag; name "Armbrust10" defined multiple times with different content
  46. Mills, Elinor (27 January 2009). "Cloud computing security forecast: Clear skies". CNET News. http://news.cnet.com/8301-1009_3-10150569-83.html. Retrieved 2010-08-22. 
  47. James Urquhart (January 7, 2010). "Cloud computing's green paradox". CNET News. http://news.cnet.com/8301-19413_3-10428065-240.html. Retrieved March 12, 2010. "...there is some significant evidence that the cloud is encouraging more compute consumption" 
  48. Finland – First Choice for Siting Your Cloud Computing Data Center.. Retrieved 4 August 2010.
  49. Swiss Carbon-Neutral Servers Hit the Cloud.. Retrieved 4 August 2010.
  50. http://www.bloomberg.com/news/2011-05-13/sony-network-said-to-have-been-invaded-by-hackers-using-amazon-com-server.html
  51. http://www.theregister.co.uk/2011/05/14/playstation_network_attack_from_amazon/
  52. http://www.educause.edu/EDUCAUSE+Quarterly/EDUCAUSEQuarterlyMagazineVolum/IfItsintheCloudGetItonPaperClo/206532
Retrieved from "https://www.limswiki.org/index.php?title=Cloud_computing&oldid=15495"