Platform as a service (PaaS)

714
Chapter 16 
■
Managing Security Operations
Infrastructure as a service (IaaS)
Infrastructure as a service (IaaS)
models provide basic 
computing resources to consumers. This includes servers, storage, and in some cases, network-
ing resources. Consumers install operating systems and applications and perform all required 
maintenance on the operating systems and applications. The CSP maintains the cloud-based 
infrastructure, ensuring that consumers have access to leased systems. The distinction between 
IaaS and PaaS models isn’t always clear when evaluating public services. However, when leas-
ing cloud-based services, the label the CSP uses isn’t as important as clearly understanding 
who is responsible for performing different maintenance and security actions. 
NIST SP 800-145, “The NIST Definition of Cloud Computing,” provides 
standard definitions for many cloud-based services. This includes 
definitions for service models (SaaS, PaaS, and IaaS), and definitions for 
deployment models (public, private, community, and hybrid). NIST SP 
800-144, “Guidelines on Security and Privacy in Public Cloud Computing,” 
provides in-depth details on security issues related to cloud-based 
computing.
The cloud deployment model also affects the breakdown of responsibilities of the cloud-
based assets. The four cloud models available are public, private, community, and hybrid. 
■
A
public cloud
model includes assets available for any consumers to rent or lease and 
is hosted by an external CSP. Service-level agreements can be effective at ensuring that 
the CSP provides the cloud-based services at a level acceptable to the organization. 
■
The
private cloud
deployment model is used for cloud-based assets for a single organi-
zation. Organizations can create and host private clouds using their own on-premises 
resources. If so, the organization is responsible for all maintenance. However, an organiza-
tion can also rent resources from a third party for exclusive use of the organization. Main-
tenance requirements are typically split based on the service model (SaaS, PaaS, or IaaS). 
■
A
community cloud
deployment model provides cloud-based assets to two or more 
organizations. Assets can be owned and managed by one or more of the organizations. 
Maintenance responsibilities are shared based on who is hosting the assets and the ser-
vice models. 
■
A
hybrid cloud
model includes a combination of two or more clouds. Similar to a com-
munity cloud model, maintenance responsibilities are shared based on who is hosting 
the assets and the service models in use.

Download 19,3 Mb.

Do'stlaringiz bilan baham: