- Blog Categories
- Project Management
- Agile Management
- IT Service Management
- Cloud Computing
- Business Management
- Business Intelligence
- Quality Engineer
- Cyber Security
- Career
- Big Data
- Programming
- Most Popular Blogs
- PMP Exam Schedule for 2024: Check PMP Exam Date
- Top 60+ PMP Exam Questions and Answers for 2024
- PMP Cheat Sheet and PMP Formulas To Use in 2024
- What is PMP Process? A Complete List of 49 Processes of PMP
- Top 15+ Project Management Case Studies with Examples 2024
- Top Picks by Authors
- Top 170 Project Management Research Topics
- What is Effective Communication: Definition
- How to Create a Project Plan in Excel in 2024?
- PMP Certification Exam Eligibility in 2024 [A Complete Checklist]
- PMP Certification Fees - All Aspects of PMP Certification Fee
- Most Popular Blogs
- CSM vs PSM: Which Certification to Choose in 2024?
- How Much Does Scrum Master Certification Cost in 2024?
- CSPO vs PSPO Certification: What to Choose in 2024?
- 8 Best Scrum Master Certifications to Pursue in 2024
- Safe Agilist Exam: A Complete Study Guide 2024
- Top Picks by Authors
- SAFe vs Agile: Difference Between Scaled Agile and Agile
- Top 21 Scrum Best Practices for Efficient Agile Workflow
- 30 User Story Examples and Templates to Use in 2024
- State of Agile: Things You Need to Know
- Top 24 Career Benefits of a Certifed Scrum Master
- Most Popular Blogs
- ITIL Certification Cost in 2024 [Exam Fee & Other Expenses]
- Top 17 Required Skills for System Administrator in 2024
- How Effective Is Itil Certification for a Job Switch?
- IT Service Management (ITSM) Role and Responsibilities
- Top 25 Service Based Companies in India in 2024
- Top Picks by Authors
- What is Escalation Matrix & How Does It Work? [Types, Process]
- ITIL Service Operation: Phases, Functions, Best Practices
- 10 Best Facility Management Software in 2024
- What is Service Request Management in ITIL? Example, Steps, Tips
- An Introduction To ITIL® Exam
- Most Popular Blogs
- A Complete AWS Cheat Sheet: Important Topics Covered
- Top AWS Solution Architect Projects in 2024
- 15 Best Azure Certifications 2024: Which one to Choose?
- Top 22 Cloud Computing Project Ideas in 2024 [Source Code]
- How to Become an Azure Data Engineer? 2024 Roadmap
- Top Picks by Authors
- Top 40 IoT Project Ideas and Topics in 2024 [Source Code]
- The Future of AWS: Top Trends & Predictions in 2024
- AWS Solutions Architect vs AWS Developer [Key Differences]
- Top 20 Azure Data Engineering Projects in 2024 [Source Code]
- 25 Best Cloud Computing Tools in 2024
- Most Popular Blogs
- Company Analysis Report: Examples, Templates, Components
- 400 Trending Business Management Research Topics
- Business Analysis Body of Knowledge (BABOK): Guide
- ECBA Certification: Is it Worth it?
- How to Become Business Analyst in 2024? Step-by-Step
- Top Picks by Authors
- Top 20 Business Analytics Project in 2024 [With Source Code]
- ECBA Certification Cost Across Countries
- Top 9 Free Business Requirements Document (BRD) Templates
- Business Analyst Job Description in 2024 [Key Responsibility]
- Business Analysis Framework: Elements, Process, Techniques
- Most Popular Blogs
- Best Career options after BA [2024]
- Top Career Options after BCom to Know in 2024
- Top 10 Power Bi Books of 2024 [Beginners to Experienced]
- Power BI Skills in Demand: How to Stand Out in the Job Market
- Top 15 Power BI Project Ideas
- Top Picks by Authors
- 10 Limitations of Power BI: You Must Know in 2024
- Top 45 Career Options After BBA in 2024 [With Salary]
- Top Power BI Dashboard Templates of 2024
- What is Power BI Used For - Practical Applications Of Power BI
- SSRS Vs Power BI - What are the Key Differences?
- Most Popular Blogs
- Data Collection Plan For Six Sigma: How to Create One?
- Quality Engineer Resume for 2024 [Examples + Tips]
- 20 Best Quality Management Certifications That Pay Well in 2024
- Six Sigma in Operations Management [A Brief Introduction]
- Top Picks by Authors
- Six Sigma Green Belt vs PMP: What's the Difference
- Quality Management: Definition, Importance, Components
- Adding Green Belt Certifications to Your Resume
- Six Sigma Green Belt in Healthcare: Concepts, Benefits and Examples
- Most Popular Blogs
- Latest CISSP Exam Dumps of 2024 [Free CISSP Dumps]
- CISSP vs Security+ Certifications: Which is Best in 2024?
- Best CISSP Study Guides for 2024 + CISSP Study Plan
- How to Become an Ethical Hacker in 2024?
- Top Picks by Authors
- CISSP vs Master's Degree: Which One to Choose in 2024?
- CISSP Endorsement Process: Requirements & Example
- OSCP vs CISSP | Top Cybersecurity Certifications
- How to Pass the CISSP Exam on Your 1st Attempt in 2024?
- Most Popular Blogs
- Best Career options after BA [2024]
- Top Picks by Authors
- Top Career Options & Courses After 12th Commerce in 2024
- Recommended Blogs
- 30 Best Answers for Your 'Reason for Job Change' in 2024
- Recommended Blogs
- Time Management Skills: How it Affects your Career
- Most Popular Blogs
- Top 28 Big Data Companies to Know in 2024
- Top Picks by Authors
- Top Big Data Tools You Need to Know in 2024
- Most Popular Blogs
- Web Development Using PHP And MySQL
- Top Picks by Authors
- Top 30 Software Engineering Projects in 2024 [Source Code]
- More
- Agile & PMP Practice Tests
- Agile Testing
- Agile Scrum Practice Exam
- CAPM Practice Test
- PRINCE2 Foundation Exam
- PMP Practice Exam
- Cloud Related Practice Test
- Azure Infrastructure Solutions
- AWS Solutions Architect
- AWS Developer Associate
- IT Related Pratice Test
- ITIL Practice Test
- Devops Practice Test
- TOGAF® Practice Test
- Other Practice Test
- Oracle Primavera P6 V8
- MS Project Practice Test
- Project Management & Agile
- Project Management Interview Questions
- Release Train Engineer Interview Questions
- Agile Coach Interview Questions
- Scrum Interview Questions
- IT Project Manager Interview Questions
- Cloud & Data
- Azure Databricks Interview Questions
- AWS architect Interview Questions
- Cloud Computing Interview Questions
- AWS Interview Questions
- Kubernetes Interview Questions
- Web Development
- CSS3 Free Course with Certificates
- Basics of Spring Core and MVC
- Javascript Free Course with Certificate
- React Free Course with Certificate
- Node JS Free Certification Course
- Data Science
- Python Machine Learning Course
- Python for Data Science Free Course
- NLP Free Course with Certificate
- Data Analysis Using SQL
Cloud Computing Reference Model [with Diagrams & Examples]
Updated on 18 November, 2022
78.47K+ views
• 15 min read
Table of Contents
The in-demand availability of computer system resources, particularly data storage and processing power, without the user’s direct involvement is known as cloud computing. Large clouds frequently distribute their services among several sites, each of which is a data center. Cloud computing depends on sharing resources to accomplish coherence. It often uses a "pay-as-you-go" approach, which can assist in reducing capital expenses but may also result in unforeseen running expenses for users. The hardware and software elements necessary for a cloud computing model's correct execution are included in the cloud infrastructure.
With the increased demand for Cloud Computing across the world, the definitions, structures, and use of cloud computing have increased. So, there will be different perspectives on using these services, and various services may differ from client to client or location. This is where the cloud computing reference model comes in. The cloud reference model is an abstract model used to standardize the functions and parameters of cloud computing so that various cloud services and vendors across the world having different technologies can communicate with each other. Opt for online Cloud training courses and stay ahead.
What is Cloud Computing Reference Model?
The cloud computing reference model is an abstract model that divides a cloud computing environment into abstraction layers and cross-layer functions to characterize and standardize its functions. This reference model divides cloud computing activities and functions into three cross-layer functions and five logical layers.
Each of these layers describes different things that might be present in a cloud computing environment, such as computing systems, networking, storage equipment, virtualization software, security measures, control and management software, and so forth. It also explains the connections between these organizations. The five layers are the Physical layer, virtual layer, control layer, service orchestration layer, and service layer.
The Cloud Computing reference model is divided into 3 major service models:
- Software as a Service (SaaS)
- Platform as a Service (PaaS)
- Infrastructure as a Service (IaaS)
The below diagram explains the cloud computing reference model:
Cloud Computing Reference Model Overview
IaaS, PaaS, and SaaS are the three most prevalent cloud delivery models, and together, they have been widely adopted and formalized. A cloud delivery service model is a specific, preconfigured combination of IT resources made available by a cloud service provider. However, the functionality and degree of administrative control each of these three delivery types offers cloud users varies.
These abstraction layers can also be considered a tiered architecture, where services from one layer can be combined with services from another, for example, SaaS can supply infrastructure to create services from a higher layer. Let us have a look at the layers of cloud computing reference model.
1. SaaS
Software as a Service (SaaS) is a form of application delivery that relieves users of the burden of software maintenance while making development and testing easier for service providers.
The cloud delivery model's top layer is where applications are located. End customers get access to the services this tier offers via web portals. Because online software services provide the same functionality as locally installed computer programs, consumers (users) are rapidly switching from them. Today, ILMS and other application software can be accessed via the web as a service.
In terms of data access, collaboration, editing, storage, and document sharing, SaaS is unquestionably a crucial service. Email service in a web browser is the most well-known and widely used example of SaaS, but SaaS applications are becoming more cooperative and advanced.
Features of SaaS are as follows:
- The cloud consumer has full control over all the cloud services.
- The provider has full control over software applications-based services.
- The cloud provider has partial control over the implementation of cloud services.
- The consumer has limited control over the implementation of these cloud services.
2. PaaS
Platform as a Service is a strategy that offers a high level of abstraction to make a cloud readily programmable in addition to infrastructure-oriented clouds that offer basic compute and storage capabilities (PaaS). Developers can construct and deploy apps on a cloud platform without necessarily needing to know how many processors or how much memory their applications would use. A PaaS offering that provides a scalable environment for creating and hosting web applications is Google App Engine, for instance.
Features of the PaaS layer are as follows:
- The cloud provider has entire rights or control over the provision of cloud services to consumers.
- The cloud consumer has selective control based on the resources they need or have opted for on the application server, database, or middleware.
- Consumers get environments in which they can develop their applications or databases. These environments are usually very visual and very easy to use.
- Provides options for scalability and security of the user’s resources.
- Services to create workflows and websites.
- Services to connect users’ cloud platforms to other external platforms.
3. IaaS
Infrastructure as a Service (IaaS) offers storage and computer resources that developers and IT organizations use to deliver custom/business solutions. IaaS delivers computer hardware (servers, networking technology, storage, and data center space) as a service. It may also include the delivery of OS and virtualization technology to manage the resources. Here, the more important point is that IaaS customers rent computing resources instead of buying and installing them in their data centers. The service is typically
paid for on a usage basis. The service may include dynamic scaling so that if the customers need more resources than expected, they can get them immediately.
The control of the IaaS layer is as follows:
- The consumer has full/partial control over the infrastructure of the cloud, servers, and databases.
- The consumer has control over the implementation and maintenance of virtual machines.
- The consumer has a choice of VM machines that have already been installed with pre-installed operating systems.
- The cloud provider has full control over the data centers and the other hardware involved in them.
- It has the ability to scale resources based on user usage.
- It can also copy data worldwide so that data can be accessed from anywhere in the world as soon as possible.
You can learn in-depth about these layers when you go for the AWS certification Cloud Practitioner course.
Types of Cloud Computing Reference Model
There is various type of cloud computing reference model used based on different requirements of the consumers. The most important type of cloud computing reference model is the cloud reference model in cloud computing. The National Institute of Standards and Technology (NIST) is an organization designed by the US government (USG) agency for the adoption and development of cloud computing standards.
The principles of NIST Cloud computing reference architecture are:
- Create a vendor-neutral architecture that adheres to the NIST standard.
- Create a solution that does not inhibit innovation by establishing a required technological solution.
- The NIST Cloud computing reference architecture provides characteristics like elasticity, self-service, and resource collaboration.
The service models involved in this architecture are:
- Software as a Service (SaaS)
- Platform as a Service (PaaS)
- Infrastructure as a Service (IaaS)
NIST Cloud computing also has 4 deployment models, which are as follows:
1. Public
This is the model where cloud infrastructure and resources are given to the public via a public network. These models are generally owned by companies that sell cloud services.
2. Private
This is the model where cloud infrastructure and resources are only accessible by the cloud consumer. These models are generally owned by cloud consumers themselves or a third party.
3. Community
This is the model where a group of cloud consumers might share their cloud infrastructure and resources as they may have the same goal and policies to be achieved. These models are owned by organizations or third-party.
4. Hybrid
This model consists of a mixture of different deployment models like public, private, or community. This helps in the exchange of data or applications between various models.
Examples of Cloud Computing Reference Model Apart From NIST
- IBM Architecture
- Oracle Architecture
- HP Architecture
- Cisco Reference Architecture
CSA Cloud Reference Model
The CSA Cloud Reference Model provides a standardized framework for cloud security, addressing critical components to ensure strong protection in cloud environments.
The model includes guidelines for secure design and deployment across infrastructure, platform, and application layers, forming the Cloud Architectural Framework. Governance, Risk, and Compliance (GRC) policies and controls help manage cloud security risks and ensure regulatory compliance. Cloud Security Controls cover data protection, identity management, and incident response, while Data Security and Privacy techniques like encryption and data masking safeguard sensitive information. Application Security involves secure coding practices and vulnerability assessments to protect cloud-based applications. Operational Security includes monitoring, incident management, and disaster recovery planning, ensuring continuous protection and quick recovery from incidents.
The OCCI Cloud Reference Model
The OCCI Cloud Reference Model provides a framework for managing cloud services, ensuring interoperability and standardization across diverse environments. Key components include a standardized Cloud Service Interface for provisioning, monitoring, and managing cloud services, and Resource Management for efficient allocation, monitoring, and utilization of cloud resources like compute, storage, and network. Service Management focuses on the lifecycle management of cloud services, ensuring consistency and efficiency. The model also includes guidelines for Security and Compliance, promoting robust security measures and regulatory adherence.
Major Actors of Cloud Computing Reference Model
There are five major actors in NIST cloud computing reference architecture. They are:
- Cloud Consumer
- Cloud Provider
- Cloud Carrier
- Cloud Auditor
- Cloud Broker
The image below will explain the cloud computing reference model in a neat diagram.
Each actor is an entity that participates in the process and/or completes duties in cloud computing. This entity could be a person or an organization.
1. Cloud Consumer
The end user that the cloud computing service is designed to support is the cloud consumer. An individual or corporation with a working relationship with a cloud provider and utilizing its services is referred to as a cloud consumer. A cloud customer peruses a cloud provider's service catalog, makes the proper service request, enters into a service agreement with the cloud provider, and then utilizes the service. The cloud customer may be charged for the service provided, in which case payment arrangements must be made. They need to have a cloud Service Level Agreement (SLA).
2. Cloud Provider
Any individual, group, or other entity in charge of making a service accessible to cloud users is a cloud provider. A cloud provider creates the requested software, platforms, and infrastructure services, manages the technical infrastructure needed to supply the services, provisions the services at agreed-upon service levels, and safeguards the services' security and privacy.
Through service interfaces and virtual network interfaces that aid in resource abstraction, the cloud provider implements the cloud software to make computing resources accessible to cloud consumers who use the infrastructure as a service.
3. Cloud Carrier
A cloud carrier serves as an intermediary between cloud providers and customers, facilitating connectivity and transport of cloud services. Customers can access the cloud through the network, telecommunication, and other access equipment provided by cloud carriers. Customers of cloud services, for instance, can get them through network access devices, including laptops, mobile phones, PCs, and mobile Internet devices (MIDs), among others. Network and telecommunication carriers typically handle the distribution of cloud services, while a transport agent is a company that arranges for the physical delivery of storage devices like high-capacity hard drives.
Remember that a cloud provider will establish service level agreements (SLAs) with a cloud carrier to provide services at a level consistent with the SLAs offered to cloud consumers. The cloud provider may also demand that the cloud carrier provide dedicated and encrypted connections between cloud consumers and cloud providers.
4. Cloud Auditor
An unbiased evaluation of cloud services, information system operations, performance, and the security of a cloud computing implementation can be done by a cloud auditor. A cloud auditor can assess a cloud provider's services in terms of performance, service level agreement compliance, privacy implications, and security controls.
The management, operational, and technical precautions or countermeasures used inside an organizational information system to ensure the privacy, availability, and integrity of the system and its data are known as security controls.
To do a security audit, a cloud auditor can evaluate the information system's security controls to see how well they are being implemented, functioning as intended, and achieving the required results in relation to the system's security needs. Verifying compliance with law and security policy should be part of the security audit.
5. Cloud Broker
An organization called a "Cloud Broker" controls how cloud services are used, performed, and delivered and negotiates contracts between cloud providers and cloud users. The integration of cloud services could become too difficult for cloud consumers to handle as cloud computing develops. Instead of contacting a cloud provider directly in certain circumstances, a cloud consumer may request cloud services through a cloud broker. A single point of access for controlling numerous cloud services is offered by cloud brokers. The capacity to offer a single consistent interface to numerous different providers, whether the interface is for commercial or technical objectives, separates a cloud broker from a cloud service provider. Cloud Brokers provide services in three categories:
- Intermediation: By enhancing a certain feature and offering cloud consumers value-added services, a cloud broker improves a given service. The enhancement may take the shape of identity management, performance reporting, improved security, etc.
- Aggregation: Several services are combined and integrated into one or more new services by a cloud broker. The broker offers data and service integration, guarantees secure data transfer between the cloud consumer and various cloud providers, and provides these services.
- Arbitrage: Like service aggregation, service arbitrage differs in that the services being integrated or aggregated are not fixed. Service arbitrage refers to the freedom a Broker has to select services from various service Providers.
Interactions Between Actors in Cloud Computing in Cloud Security Reference Model
1. Instead of contacting a cloud provider directly, a cloud consumer may request service through a cloud broker. The cloud broker may combine several services to form a new service or may improve an existing one. In this illustration, the cloud consumer interacts directly with the cloud broker and is unaware of the actual cloud providers.
2. An unbiased evaluation of the functionality and security of a cloud service's implementation is done by a cloud auditor. Interactions with the cloud consumer and cloud provider may be necessary for the audit.
3. The connectivity and delivery of cloud services from cloud providers to cloud consumers are handled by cloud carriers. Figure 4 shows how a cloud provider arranges and participates in two distinct service level agreements (SLAs), one with a cloud carrier (for example, SLA2) and one with a cloud consumer (e.g., SLA1).
To ensure that the cloud services are used at a consistent level in accordance with the contractual responsibilities with the cloud consumers, a cloud provider negotiates service level agreements (SLAs) with a cloud carrier and may ask for dedicated and encrypted connections. In this situation, the provider may express its functionality, capability, and flexibility needs in SLA2 to meet SLA1's basic requirements.
Security Reference Model in Cloud Computing
The formal model for the NIST Cloud Computing Security Reference Architecture is NIST SP 500-292: A connected collection of security components generated from the CSA TCI-RA, the NIST Cloud Computing Reference Architecture, and a way for utilizing the formal model and the security components to orchestrate a safe cloud ecosystem.
The Cloud Security reference model is agnostic about the cloud deployment model, and its methodology may easily be applied to data about Private, Community, or Hybrid clouds. It is a formal model, a collection of Security Components, and a methodology for applying a cloud-adapted Risk Management Framework. Since a public cloud deployment model best supports illustrative examples of all the NCC-SRA Security Components and security considerations, this document uses it to describe the methodology for illustration purposes.
The Cloud Security reference model introduces a risk-based methodology to establish each cloud actor's accountability for putting particular controls throughout the cloud ecosystem's life cycle. The Security Components are specifically examined for each instance of the cloud Ecosystem to determine the degree to which each cloud actor participated in the implementation of those components. This document's main goal is to demystify the process of describing, identifying, classifying, analyzing, and choosing cloud-based services for cloud consumers who are trying to figure out which cloud service offering best addresses their cloud computing needs and supports their business and mission-critical processes and services in the most secure and effective way.
Looking to boost your career? Join our ITIL certification training course and become an expert in no time. Gain the skills you need to succeed in the ever-evolving IT industry. Enroll now!
Conclusion
Any cloud project needs a solid architecture to guarantee that the created cloud solution meets the requirement. Regardless of whether the solution uses a private, public, or hybrid cloud, this is crucial. Reference architectures for cloud computing have been offered by both major IT suppliers and other sorts of organizations. By employing a reference design, your cloud will have a solid "blueprint" from the beginning.
You can say using cloud computing reference architecture in cloud computing is like using the TCP/IP or OSI model in Networking. So, to briefly summarize the cloud computing reference model, it is a model which provides a blueprint or a structure for cloud computing that can be used as a standard procedure all over the world.
So, utilizing a cloud computing reference architecture will enable you to build on the experiences of others as well as design and deploy a strong cloud solution. A reference design needs to apply to all IT projects, not only cloud-related ones and for that matter, non-IT projects as well. To learn more about the Security reference model and Cloud Computing Reference Architecture, you can check out KnowledgeHut's Cloud training courses.
Frequently Asked Questions (FAQs)
1. What are characteristics of cloud computing explain the cloud computing reference model?
The characteristics of cloud computing are that it gives a common structure or taxonomy on which cloud can be built. It also provides simplification of the process and provides cloud users with a standard blueprint for the implementation of cloud.
2. What is the NIST cloud computing reference model?
The NIST cloud computing reference model is designed by the National Institute of Standards and Technology (NIST). Instead of focusing on a "how to" design solution and implementation, the NIST cloud computing reference architecture focuses on the requirements of "what" cloud services must offer. The reference architecture aims to make it easier to comprehend the operational nuances of cloud computing.
3. Which service model is best in cloud computing?
IaaS is the best service model in cloud computing. IaaS offers the most choices for IT hardware infrastructure. If you require management and customization of the hardware infrastructure to meet your needs, IaaS is the best choice.
4. Who are cloud consumers?
Cloud consumer is the end user who browses or uses the services offered by Cloud Service Providers (CSP) and enters into service agreements with the cloud provider is referred to as a cloud consumer. The cloud user makes payments each time a service is offered.
5. Write the difference between cloud consumer and cloud provider?
Cloud Consumer is an entity that pays to use the cloud and has agreements with the cloud providers to use their resources, whereas Cloud Providers are the entity that provides the cloud services or infrastructure to consumers.