Cloud Concepts,

Service Models,
Deployment
Models
DR. MUHAMMAD USMAN HASHMI
D E PA RT M E N T O F CO M P U T E R S C I E N C E ,
BA H R I A U N I V E RS I T Y, I S L A M A BA D

Ms. Maryam Khalid worked on the slides

Concepts and Models
Cloud
A cloud refers to a distinct IT environment that is designed for the purpose of
remotely provisioning scalable and measured IT resources
IT Resource
An IT resource is a physical or virtual IT-related artifact that can be either software-
based, such as a virtual server or a custom software program, or hardware-based, such
as a physical server or a network device
On-Premise
An IT resource that is hosted in a conventional IT enterprise within an
organizational boundary (that does not specifically represent a cloud) is
considered to be located on the premises of the IT enterprise, or on-premise for
short.
Scaling
Scaling, from an IT resource perspective, represents the ability of the IT resource to
handle increased or decreased usage demands.

The following are types of scaling:

• Horizontal Scaling – scaling out and scaling in

• Vertical Scaling – scaling up and scaling down

 Horizontal
Scaling
The allocating or releasing of IT resources
that are of the same type is referred to as
horizontal scaling
Scaling Out:
• The horizontal allocation of resources is
referred to as scaling out
Scaling in:
• The horizontal releasing of resources is
referred to as scaling in.
Vertical Scaling
When an existing IT resource is replaced by
another with higher or lower capacity,
vertical scaling is considered to have
occurred
Scaling Up:
• the replacing of an IT resource with another that
has a higher capacity is referred to as scaling up

Scaling down:
• the replacing of an IT resource with another that
has a lower capacity is considered scaling down
Concepts and Models
Roles and Boundaries
Cloud Characteristics
Cloud Delivery Models
Cloud Deployment Models
Roles and Boundaries
Roles and Boundaries

Cloud Provider
Cloud Consumer
Cloud Service Owner
Cloud Resource Administrator
Organizational Boundary
Trust Boundary
Cloud Provider
The organization that provides cloud-based IT resources is the cloud provider.

The cloud provider is further tasked with any required management and
administrative duties to ensure the on-going operation of the overall cloud
infrastructure.

Cloud providers normally own the IT resources that are made available for lease by
cloud consumers; however, some cloud providers also “resell” IT resources leased
from other cloud providers.
Cloud Consumer
A cloud consumer is an organization (or a
human) that has a formal contract or
arrangement with a cloud provider to use IT
resources made available by the cloud
provider.
Cloud consumer uses a cloud service
consumer to access a cloud service.
Organizations or humans shown remotely
accessing cloud-based IT resources are
considered cloud consumers.
A cloud consumer (Organization A) interacts with a cloud service from a cloud
provider (that owns Cloud A). Within Organization A, the cloud service
consumer is being used to access the cloud service.
Cloud Service Owner
The person or organization that legally owns a cloud service is called a cloud service
owner.

A cloud consumer can be a cloud service owner when it deploys its own service in a cloud.
Cloud Service Owner (cont..)

A cloud provider becomes a cloud service owner if it deploys its own cloud service,
typically for other cloud consumers to use.
Cloud Resource Administrator
A cloud resource administrator is the
person or organization responsible
for administering a cloud-based IT
resource (including cloud services).

A cloud resource administrator can be with a cloud consumer

organization and administer remotely accessible IT resources that
belong to the cloud consumer.
Cloud Resource Administrator
Cloud resource
administrator can be (or
belong to) the cloud
consumer or cloud
provider of the cloud
within which the cloud
service resides.

A cloud resource administrator can be with a cloud provider organization for which it can
administer the cloud provider’s internally and externally available IT resources.
Organizational Boundary
An organizational boundary
represents the physical perimeter
that surrounds a set of IT resources
that are owned and governed by an
organization.

Organizational boundaries of a cloud consumer (left), and a cloud

provider (right), represented by a broken line notation.
Trust Boundary
A trust boundary is a logical
perimeter that typically spans
beyond physical boundaries to
represent the extent to which
IT resources are trusted

An extended trust boundary encompasses the organizational boundaries of the

cloud provider and the cloud consumer.
Cloud Characteristics
Cloud Characteristics

Six specific characteristics are common to the majority of cloud

environments:
1. on-demand usage
2. ubiquitous access (broad network access)
3. multitenancy (and resource pooling)
4. rapid elasticity or Expansion
5. measured service usage
6. Resiliency

(NIST lists only the first five characteristics)

On-Demand Usage
A cloud consumer can unilaterally
access cloud-based IT resources
giving the cloud consumer the
freedom to self-provision these IT
resources or on-demand usage.
Ubiquitous Access
Ubiquitous access represents the
ability for a cloud service to be
widely accessible.
Establishing ubiquitous access for a
cloud service can require support for
a range of devices, transport
protocols, interfaces, and security
technologies.
Multitenancy

Characteristic of a software program that

enables an instance of the program to
serve different consumers (tenants)
whereby each is isolated from the other,
is referred to as multitenancy.
Multitenancy (cont..)

Multitenancy allows several cloud consumers to

use the same IT resource or its instance while
each remains unaware that it may be used by
others.

In a multitenant environment, a single

instance of an IT resource, such as a cloud
storage device, serves multiple consumers.
Multi-tenant cloud vs single-tenant cloud
SINGLE-TENANT CLOUD
◦ Only one customer is hosted on a
server and is granted access to it
◦ Single-tenant clouds give
customers more control over the
management of data, storage,
security and performance
MULTI-TENANT CLOUD
◦ Multiple customers can be hosted on
a single server
◦ Makes a greater pool of resources
available to a larger group of people
without sacrificing privacy and
security or slowing down applications
◦ It is important to fully understand the
security and performance the
provider is offering
 Elasticity
Elasticity is the automated ability of
a cloud to transparently scale IT
resources, as required in response
to runtime conditions or as pre-
determined by the cloud consumer
or cloud provider.
Elasticity is often considered a core
justification for the adoption of
cloud computing.
Measured Usage
Measured usage characteristic represents the ability of a
cloud platform to keep track of the usage of its IT
resources, primarily by cloud consumers.
Can charge a cloud consumer only for the IT resources
actually used and/or for the timeframe during which
access to the IT resources was granted. It is closely
related to the on-demand characteristic.
Measured usage is not limited to tracking statistics for
billing purposes. It also encompasses the general
monitoring of IT resources and related usage reporting
Resiliency

Resilient computing is a form of

failover that distributes redundant
implementations of IT resources
across physical locations.
Resiliency can refer to redundant IT
resources within the same cloud (but
in different physical locations) or
A resilient system in which Cloud B hosts a redundant
across multiple clouds. implementation of Cloud Service A to provide failover in case Cloud
Service A on Cloud A becomes unavailable.
Cloud Service Delivery
Models
Cloud Delivery Models
A cloud delivery model represents a
specific, pre-packaged combination of IT
resources offered by a cloud provider.
Three common cloud delivery models
have become widely established and
formalized:
1. Infrastructure-as-a-Service (IaaS)
2. Platform-as-a-Service (PaaS)
3. Software-as-a-Service (SaaS)
Note:
Many specialized variations of the three
base cloud delivery models have emerged,
each comprised of a distinct combination
of IT resources. Some examples include:
• Storage-as-a-Service
• Database-as-a-Service
• Security-as-a-Service
• Communication-as-a-Service
• Integration-as-a-Service
• Testing-as-a-Service
• Process-as-a-Service
 Cloud service models
IaaS PaaS SaaS
(infrastructure (platform as a (software as a
as a service) service) service)

More control Less control

over IT resources over IT resources
There are three main cloud service models. Each model represents a different part of the cloud computing
stack and gives you a different level of control over your IT resources
© 2019 Amazon Web Services, Inc. or its Affiliates. All rights
reserved. 30
Say, you just moved to a
city and you are looking
for a place to live.
Build a new house?
Buy an empty house?
Live in a hotel?
You can fully control
everything you like your
new house to have. But
that is hard work …
You can customize some part of
your house. But never change the
original architecture.
Live in a hotel will be a good idea if the
only thing you care is enjoying your
life!! There is nothing you can do with
the house except living in it.
 •What if you want to have an IT department ?
1. Similar to build a new house in previous analogy
◦ You can rent some virtualized infrastructure and build up your own
IT system among those resources, which may be fully controlled.
◦ Technical speaking, use the Infrastructure as a Service (IaaS)
solution.
2. Similar to buy an empty house in previous analogy
Service Models ◦ You can directly develop your IT system through one cloud platform,
and do not care about any lower level resource management.
Overview ◦ Technical speaking, use the Platform as a Service (PaaS) solution.
3. Similar to live in a hotel in previous analogy
◦ You can directly use some existing IT system solutions, which were
provided by some cloud application service provider, without
knowing any detailed technique about how these service was
achieved.
◦ Technical speaking, use the Software as a Service (SaaS) solution.
Service Model
Overview
Infrastructure as a service (IaaS): Services in this category are the basic building blocks for cloud
IT and typically provide you with access to networking features, computers (virtual or on
dedicated hardware), and data storage space. IaaS provides you with the highest level of
flexibility and management control over your IT resources. It is the most similar to existing IT
resources that many IT departments and developers are familiar with today.

Platform as a service (PaaS): Services in this category reduce the need for you to manage the
underlying infrastructure (usually hardware and operating systems) and enable you to focus on
the deployment and management of your applications.

Software as a service (SaaS): Services in this category provide you with a completed product that
the service provider runs and manages. In most cases, software as a service refers to end-user
applications. With a SaaS offering, you do not have to think about how the service is maintained
or how the underlying infrastructure is managed. You need to think only about how you plan to
use that particular piece of software. A common example of a SaaS application is web-based
email, where you can send and receive email without managing feature additions to the email
product or maintaining the servers and operating systems that the email program runs on.

39
According to Statista, the worldwide IaaS market
will reach $150.25 billion by 2023

Infrastructure as a
Service
Platform as a Service
Software as a Service
 •Infrastructure as a Service - IaaS
• The capability provided to the consumer is to
provision processing, storage, networks, and other
fundamental computing resources where the
consumer is able to deploy and run arbitrary
software, which can include operating systems and
applications.
• The consumer does not manage or control the
Infrastructure underlying cloud infrastructure but has control over
operating systems, storage, deployed applications,
as a Service and possibly limited control of select networking
components .
•Examples :
• Amazon EC2
• Eucalyptus
• OpenNebula
• … etc
Infrastructure
as a Service
SYSTEM ARCHITECTURE :
 Infrastructure as a Service
•Enabling technique -
Virtualization VM1 VM2 VM3
• Virtualization is an abstraction of
logical resources away from
underlying physical resources.
• Virtualization technique shifts OS onto
hypervisor.
• Multiple OS share the physical
hardware and provide different
services.
• Improve utilization, availability,
security and convenience.
Infrastructure as a Service

•Properties supported by
virtualization technique :
• Manageability and Interoperability
• Availability and Reliability
• Scalability and Elasticity

Service Oriented Architecture (SOA)

Service Level Agreement (SLA)
 IaaS delivery model represents a self-contained IT environment comprised
of infrastructure-centric IT resources that can be accessed and managed
via cloud service-based interfaces and tools.
Can include hardware, network, connectivity, operating systems, and
other “raw” IT resources.
Are typically virtualized and packaged into bundles that simplify up-front
runtime scaling and customization of the infrastructure.
Infrastructure- General purpose of an IaaS environment is to provide cloud consumers
with a high level of control and responsibility over its configuration and
as-a-Service utilization.

(IaaS) Used by cloud consumers that require a high level of control over the
cloud-based environment they intend to create.
IaaS environments are generally offered as freshly initialized virtual
instances.
A central and primary IT resource within a typical IaaS environment is the
virtual server.
Virtual servers are leased by specifying server hardware requirements,
such as processor capacity, memory, and local storage space.
 A cloud consumer is using a virtual server within an IaaS
Infrastructure-as-a- environment. Cloud consumers are provided with a range
of contractual guarantees by the cloud provider, pertaining
Service (IaaS) to characteristics such as capacity, performance, and
availability.
According to Statista, the worldwide PaaS market
will reach $136.41 billion by 2023

Infrastructure as a Service
Platform as a Service
Software as a Service
 Platform as a Service - PaaS
• The capability provided to the consumer is
to deploy onto the cloud infrastructure
consumer-created or acquired applications
created using programming languages and
tools supported by the provider.
• The consumer does not manage or control
the underlying cloud infrastructure including
Platform as a network, servers, operating systems, or
storage, but has control over the deployed
Service applications and possibly application
hosting environment configurations.
Examples :
• Microsoft Azure
• Google App Engine
• Google Cloud Platform
• Hadoop
• … etc
Platform as a
Service
SYSTEM ARCHITECTURE :
Platform as a Service
•Enabling technique – Runtime Environment Design
• Runtime environment refers to collection of software services
available. Usually implemented by a collection of program
libraries.

•Common properties in Runtime Environment :

• Manageability and Interoperability
• Performance and Optimization
• Availability and Reliability
• Scalability and Elasticity
 •PaaS delivery model represents a pre-defined “ready-to-use”
environment typically comprised of already deployed and configured IT
resources.
•Common reasons a cloud consumer would use and invest in a PaaS
environment include:
1. The cloud consumer wants to extend on-premise environments
into the cloud for scalability and economic purposes.
2. The cloud consumer uses the ready-made environment to entirely
substitute an on-premise environment.

Platform-as-a- 3. The cloud consumer wants to become a cloud provider and

deploys its own cloud services to be made available to other
external cloud consumers.
Service (PaaS) •By working within a ready-made platform, the cloud consumer is spared
the administrative burden of setting up and maintaining the bare
infrastructure IT resources provided via the IaaS model.
•The cloud consumer is granted a lower level of control over the
underlying IT resources that host and provision the platform.
•PaaS products are available with different development stacks. For
example, Google App Engine offers a Java and Python-based
environment.
Platform-as-a-Service A cloud consumer is accessing a ready-made PaaS
environment. The question mark indicates that the cloud

(PaaS) consumer is intentionally shielded from the

implementation details of the platform.
According to Statista, the worldwide SaaS market
will reach $195 billion by 2023
Infrastructure as
a Service
Platform as a
Service
Software as a
Service
 •Software as a Service - SaaS
• The capability provided to the consumer is to use the
provider’s applications running on a cloud
infrastructure. The applications are accessible from
various client devices through a thin client interface
such as a web browser (e.g., web-based email).
• The consumer does not manage or control the
underlying cloud infrastructure including network,
Software as a servers, operating systems, storage, or even individual
application capabilities, with the possible exception of
Service limited user-specific application configuration
settings.
•Examples :
• Google Apps (e.g., Gmail, Google Docs, Google
spreadsheet, etc.)
• SalesForce.com
• EyeOS
• … etc
Software as a
Service
 Software as a Service

•Enabling Technique – Web Service

• Viewing the Internet as a computing platform
• Running interactive applications through a web browser
• Leveraging interconnectivity and mobility of devices
• Enhanced effectiveness with greater human participation

•Properties provided by Internet :

• Accessibility and Portability
Software-as-a-Service (SaaS)
A software program positioned as a shared cloud service and made available as
a “product” or generic utility represents the typical profile of a SaaS offering.
The SaaS delivery model is typically used to make a reusable cloud service
widely available (often commercially) to a range of cloud consumers.
A cloud consumer is generally granted very limited administrative control over
a SaaS implementation.
Software-as-a-Service The cloud service consumer is given access the cloud
service contract, but not to any underlying IT resources or
(SaaS) implementation details.
Comparing
Cloud
Delivery
Models
Comparing
Cloud
Delivery
Models
Combining
Cloud Delivery
Models
A PaaS environment based IaaS + PaaS
on the IT resources provided
by an underlying IaaS
environment.
Combining
Cloud Delivery
Models IaaS + PaaS
An example of a contract
between Cloud Providers X and Cloud provider
Y, in which services offered by offering the PaaS
Cloud Provider X are physically environment
hosted on virtual servers
belonging to Cloud Provider Y. chose to lease an
Sensitive data that is legally IaaS environment
required to stay in a specific from a different
region is physically kept in Cloud
B, which is physically located in cloud provider.
that region.
Combining
Cloud Delivery IaaS + PaaS + SaaS
Models
Ready-made environment
A simple layered view of an
provided by the PaaS
architecture comprised of
environment can be used
IaaS and PaaS environments
by the cloud consumer
hosting three SaaS cloud
organization to develop
service implementations.
and deploy its own SaaS
cloud services that it can
then make available as
commercial products
Similarities between AWS and traditional IT

Traditional, on-premises IT space AWS

Security
Security groups
Firewalls ACLs Administrators Network ACLs IAM

Networking
Router Network pipeline Switch Elastic Load Balancing Amazon VPC

On-premises Compute
servers Amazon EC2
AMI
instances

Storage and
DAS SAN NAS RDBMS
database Amazon EBS Amazon Amazon Amazon RDS
EFS S3

© 2019 Amazon Web Services, Inc. or its Affiliates. All rights

reserved. 65
There are many similarities between AWS and the traditional, on-premises IT space:
• AWS security groups, network access control lists (network ACLs), and AWS Identity
and Access Management (IAM) are similar to firewalls, access control lists (ACLs), and
administrators.
• Elastic Load Balancing and Amazon Virtual Private Cloud (Amazon VPC) are similar to
routers, network pipelines, and switches.
• Amazon Machine Images (AMIs) and Amazon Elastic Compute Cloud (Amazon EC2)
instances are similar to on-premises servers.
• Amazon Elastic Block Store (Amazon EBS), Amazon Elastic File System (Amazon EFS),
Amazon Simple Storage Service (Amazon S3), and Amazon Relational Database Service
(Amazon RDS) are similar to direct attached storage (DAS), storage area networks
(SAN), network attached storage (NAS), and a relational database management service
(RDBMS).
With AWS services and features, you can do almost everything that you would want to
do with a traditional data center.
66
Cloud Deployment
Models
Deployment
models
HOW TO DEPLOY A CLOUD SYSTEM
?
 Cloud Deployment Models
A cloud deployment model represents a specific type of cloud environment, primarily
distinguished by ownership, size, and access.
There are four common cloud deployment models:
1. Public cloud
2. Community cloud
3. Private cloud
4. Hybrid cloud

Each can exhibit the previously discussed characteristics; their differences lie primarily in the
scope and access of published cloud services, as they are made available to service consumers.
 The cloud infrastructure is made available to the
general public or a large industry group and is
Public Cloud owned by an organization selling cloud services.
• Also known as external cloud or multi-tenant
cloud, this model essentially represents a cloud
environment that is openly accessible.
• Basic characteristics :
1. Homogeneous infrastructure
2. Common policies
3. Shared resources and multi-tenant
4. Leased or rented infrastructure
5. Economies of scale
 Public Clouds
A public cloud is a publicly accessible
cloud environment owned by a third-
Organizations
party cloud provider.
act as cloud
consumers
The IT resources on public clouds are
when accessing usually provisioned via the previously
cloud services described cloud delivery models and
and IT resources
made available are generally offered to cloud
by different consumers at a cost or are
cloud providers.
commercialized via other avenues (such
as advertisement).
Private Cloud
The cloud infrastructure is operated solely for an organization. It may
be managed by the organization or a third party and may exist on
premise or off premise.
• Also referred to as internal cloud or on-premise cloud, a private cloud
intentionally limits access to its resources to service consumers that
belong to the same organization that owns the cloud.
• Basic characteristics :
1. Heterogeneous infrastructure
2. Customized and tailored policies
3. Dedicated resources
4. In-house infrastructure
5. End-to-end control

A cloud service consumer in the
organization’s on-premise
environment accesses a cloud
service
hosted on the same
organization’s private cloud via
a virtual private network.
Private Clouds
A private cloud is owned by a single
organization.
Private clouds enable an organization
to use cloud computing technology as
a means of centralizing access to IT
resources by different parts, locations,
or departments of the organization.
Community
Cloud
Community cloud definition
The cloud infrastructure
is shared by several
organizations and
supports a specific
community that has
shared concerns (e.g.,
mission, security
requirements, policy,
and compliance
considerations).
Community Clouds
A community cloud is similar to a
public cloud except that its access
is limited to a specific community
of cloud consumers.

An example of a
“community” of
organizations accessing IT
resources from a
community cloud.
 Hybrid Cloud
• The cloud infrastructure is a
composition of two or more
clouds (private, community, or
public) that remain unique
entities but are bound together
by standardized or proprietary
technology that enables data
and application portability (e.g.,
cloud bursting
for load-balancing between
clouds).
Cloud bursting is a configuration method that uses cloud
computing resources whenever on-premises infrastructure
reaches peak capacity
Hybrid Clouds
A hybrid cloud is a cloud environment
comprised of two or more different
cloud deployment models.

An organization using a hybrid cloud

architecture that utilizes both a private
and public cloud.
Other Cloud Deployment Models
Additional variations of the four base cloud deployment models can
exist. Examples include:
• Virtual Private Cloud – Also known as a “dedicated cloud” or “hosted cloud,”
this model results in a self-contained cloud environment hosted and managed
by a public cloud provider and made available to a cloud consumer.
• Inter-Cloud – This model is based on an architecture comprised of two or
more inter-connected clouds.
Cloud computing deployment models

Cloud Hybrid On-premises

(private cloud)

© 2019 Amazon Web Services, Inc. or its Affiliates. All rights

reserved. 79
Cloud
Ecosystem
 Common roles associated with cloud-based interaction and
relationships include the cloud provider, cloud consumer, cloud
service owner, and cloud resource administrator.
An organizational boundary represents the physical scope of IT
resources owned and governed by an organization. A trust boundary
is the logical perimeter that encompasses the IT resources trusted by
an organization.
Summary On-demand usage is the ability of a cloud consumer to self-provision
(Cloud and use necessary cloud-based services without requiring cloud
provider interaction. This characteristic is related to measured usage,

Terminologies which represents the ability of a cloud to measure the usage of its IT
resources.

and Roles) Ubiquitous access allows cloud-based services to be accessed by

diverse cloud service consumers, while multitenancy is the ability of a
single instance of an IT resource to transparently serve multiple cloud
consumers simultaneously.
The elasticity characteristic represents the ability of a cloud to
transparently and automatically scale IT resources out or in. Resiliency
pertains to a cloud’s inherent failover features.
 Summary (cont..) Cloud Delivery Models
The IaaS cloud delivery model offers cloud consumers a high level of administrative control
over “raw” infrastructure-based IT resources.
The PaaS cloud delivery model enables a cloud provider to offer a pre-configured
environment that cloud consumers can use to build and deploy cloud services and solutions,
albeit with decreased administrative control.
SaaS is a cloud delivery model for shared cloud services that can be positioned as
commercialized products hosted by clouds.
Different combinations of IaaS, PaaS, and SaaS are possible, depending on how cloud
consumers and cloud providers choose to leverage the natural hierarchy established by
these base cloud delivery models.
Summary (cont..) Cloud Deployment Models
A public cloud is owned by a third party and generally offers commercialized
cloud services and IT resources to cloud consumer organizations.
A private cloud is owned by an individual organization and resides within the
organization’s premises.
A community cloud is normally limited for access by a group of cloud consumers
that may also share responsibility in its ownership.
A hybrid cloud is a combination of two or more other cloud deployment models.
Questions?