Nist Definition of Cloud Computing Special Publication 800-145

This article is a summary of the nist.gov website. With the following link: Although just completed, NIST`s working definition of cloud computing has long been the de facto definition. In fact, prior to its official publication, the draft was the U.S. contribution to the InterNational Committee for Information Technology Standards (INCITS), when that group was working on an international definition of the cloud computing standard. After years of work and 15 drafts, the National Institute of Standards and Technology`s (NIST) working definition of cloud computing, the 16th and final definition was published under the title The NIST Definition of Cloud Computing (NIST Special Publication 800-145). NIST`s definition of cloud computing offers three categories of possible cloud services (called service models): The researchers received a large amount of feedback, mostly regarding interpretations. The definition, from design to final definition, has remained essentially the same and only a modest number of changes have been made to ensure consistent interpretation. The NIST definition of Cloud Computing (SP 800-145) is available on csrc.nist.gov/publications/PubsSPs.html#800-145. The first draft of the definition of cloud computing was created in November 2009. “We reviewed many versions while reviewing them with government and industry before we had a stable one.” Version 15 was released on the NIST Cloud Computing website in July 2009. In January 2011, this version was released as Public Project PS 800-145 for public comment. This document explicitly defines each of the attributes that we have enclosed in quotation marks.

These definitions are as follows: In the context of Special Provision 800-145 and this document, the term “hardware” means that each cloud service provider (CSP) must be able to offer and provide all hardware functionality to the cloud service customer (CSC) for a given service. This document provides flexibility to determine whether an IT function is considered a cloud service by providing options for evaluating each feature. Supporting documents: PS 800-145 (EPUB) (txt) Press release (other) www.nist.gov/publications/nist-definition-cloud-computing The NIST definition lists five key characteristics of cloud computing: on-demand self-service, extended network access, resource pooling, elasticity or rapid expansion, and measured service. It also lists three “service models” (software, platform, and infrastructure) and four “delivery models” (private, community, public, and hybrid), which together categorize ways to deliver cloud services. The definition is intended to serve as a means of comprehensive comparisons of cloud services and deployment strategies, and to provide a basis for discussion, from cloud computing to how to get the most out of cloud computing. “When agencies or companies use this definition,” says Peter Mell, an IT scientist at NIST, “they have a tool to determine how well the IT implementations they`re considering fit the characteristics and patterns of the cloud. This is important because by adopting an authentic cloud, they are more likely to reap the promised benefits of the cloud: cost savings, energy savings, rapid deployment, and customer empowerment. And adapting an implementation to the definition of the cloud can help assess the security features of the cloud. Cloud computing is a ubiquitous, convenient, on-demand network access model to a common pool of configurable computing resources (such as networks, servers, storage, applications, and services) that can be quickly provisioned and shared with minimal administrative overhead or interaction with the service provider. This cloud model consists of five key features, three service models, and four deployment models. These services are exposed in the service layer that is part of the service orchestration stack. SaaS, PaaS and IaaS are best distinguished by two factors: This section provides a detailed analysis of the five essential characteristics of cloud computing.

Acts and Regulations Federal Act on the Modernization of Information Security; OMB Circular A-130.