Cloud Computing For Dummies
There was once a time when you entered “cloud” on Google, and the results you got on the first page were of the cumulo-nimbus and cirrus varieties, in other words, those that dealt with the clouds which form through condensation of atmospheric water vapour. Not so today. We will help educate those who require cloud computing for dummies.
Nowadays, you are more likely to find allusions to “cloud computing” than to garden-variety clouds that bring us rain. And as each generation gets progressively more dependent on the Internet for information, time is not far when a child looking up at the clouds will associate them more with computation than precipitation.
A lot of terms have become part of the cloud computing lexicon, none more popular than SaaS, PaaS and IaaS. Here’s an attempt to remove the layers of complexity and present them in a language even technophobes can understand.
SaaS: Software as a Service (SaaS) is software that is deployed over the Internet, available to the end user as and when wanted. Hence, it’s also known as “software on demand”. Payment can either be as per usage, on a subscription model or even free if advertisement is part of the equation.
While SaaS offers several advantages like accessibility from any location, rapid scalability and bundled maintenance, there may be certain security concerns, especially for users who desire high security and control, as that domain is in the hands of the provider. In fact, that is one of the arguments forwarded by open-source proponent Richard Stallman against SaaS.
SaaS may be considered the oldest and most mature type of cloud computing. Examples include Salesforce.com sales management applications, NetSuite, Google’s Gmail and Cornerstone OnDemand.
PaaS: Platform as a Service (PaaS) is a combination of a development platform and a solution stack, delivered as a service on demand. It provides infrastructure on which software developers can build new applications or extend existing ones without the cost and complexity of buying and managing the underlying hardware and software and provisioning hosting capabilities. In other words, it provides the supporting infrastructure to enable the end user develop his own solutions.
In addition to firms’ IT departments who use PaaS to customize their own solutions, its users include independent software vendors (ISVs) as well, those who develop specialized applications for specific purposes. While earlier application development required hardware, an operating system, a database, middleware, Web servers, and other software, with the PaaS model only the knowledge to integrate them is required. The rest is taken care of by the PaaS provider.
Sometimes, PaaS is used to extend the capabilities of applications developed as SaaS. Examples of PaaS include Salesforce.com’s Force.com, Google’s App Engine, and Microsoft’s Azure.
IaaS: Infrastructure as a Service (IaaS) delivers computer infrastructure – typically a platform virtualization environment – as a service. This includes servers, software, data-center space and network equipment, available in a single bundle and billed as per usage in a utility computing model.
IaaS is generally used by organizations that have the in-house expertise to manage their IT requirements but don’t have the infrastructure. They then hire the required infrastructure from IaaS providers and load up their libraries, applications, and data, after which they configure them themselves.
A popular use of IaaS is in hosting websites, where the in-house infrastructure is not burdened with this task but left free to manage the business. Amazon’s Elastic Compute Cloud (EC2) is a major example of IaaS. Rackspace’s Mosso and GoGrid’s ServePath are other IaaS offerings.
One important thing to note here: there is considerable overlap between SaaS, PaaS and IaaS, and with the rapid changes in the field, definitions are in a flux. In fact, the same service may be categorized into either of the three depending on who is making the categorization – developer, system administrator or a manager.
By Sourya Biswas
Principal Security Consultant at NCC Group
13+ years of experience in Client Engagement, Business Development, Project Management and Management Consulting in the Information Security & Risk Management and IT Strategy domains.
250+ articles on Cloud Computing, technical editor of a reputed textbook.
MBA (double major in Consulting & Business Leadership) on full scholarship from Notre Dame, Bachelor’s engineering degree in Information Technology from a top 10 engineering institute in India.
Professional certifications include the CISSP, CISM, PMP, PSM and several ITIL Intermediates.