4 CLOUD DEPLOYMENT MODELS

When we discuss cloud computing and the network security framework around it, we frequently refer to NIST.

NIST stands for the National Institute of Standards and Technology. It promotes the U.S. economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure. The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems.

The NIST Definition of Four Deployment Models of Cloud Computing

Cloud computing has four deployment models: private cloud, community cloud, public cloud and hybrid cloud.

According to NIST, cloud deployment models are described as follows:

Private cloud

Private cloud may exist on or off premises. It is meant for exclusive use by a single organization comprising multiple business units. It may be owned, managed, and operated by the organization, a third party, or some combination of them.

Community cloud

Private cloud may also exist on or off premises. It is meant for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them.

Public cloud

Public cloud exists only on the premises of the cloud provider. It is meant for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them.

Hybrid cloud

The cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability.

Source: https://csrc.nist.gov/publications/detail/sp/800-145/final