Cloud Computing

Deployment Models

[Chapter Three]
Dr. Ethar Abdul Wahhab

‫السيبان‬
‫ر‬ ‫ فرع االمن‬/ ‫ المرحلة الرابعة‬/ ‫ قسم علوم الحاسوب‬/ ‫كلية العلوم‬
Chapter Three Cloud Computing Deployment Models

Cloud Computing Deployment Models

3.1 Introduction
According to the National Institute of Standards and Technology (NIST),
cloud computing is made up of four deployment models that cover the
cloud’s basic structure as shown in Figure (3.1). These models are public,
private, community, and hybrid clouds which reflect the different types of
cloud environments that users and organizations can choose from, and are
distinguished by ownership, scale, and access. These models are:

Figure (3.1). Cloud computing deployment models

Dr. Ethar Abdul Wahhab Page 28

Chapter Three Cloud Computing Deployment Models

3.2 Public Cloud

A public cloud is a type of computing in which a service provider makes

resources available to the public via the internet. Resources vary by provider
but may include storage capabilities, applications, or virtual machines. Public
cloud allows for scalability and resource sharing that would not be possible
for a single organization to achieve.

A key advantage of public cloud architecture is the ability to access a service

or application on any connected device. Public cloud solutions allow
organizations to scale at a near infinite rate. As a business grows, it doesn't
need to acquire additional hardware or maintain a sprawling network. But it
has lots of issues related to security because it is available to anyone with an
internet connection, there is a risk of unauthorized access or data breaches.
Public cloud resources are typically available on a pay-per-usage basis. Other
services may be free to access or sold on a subscription-based model.
Common public cloud examples include services like Amazon Web Services,
Gmail, Google Drive, and Hotmail.

Providers operate public cloud services in logically isolated locations within

public cloud regions. These locations, called availability zones. Availability
Zones (AZs) are isolated data centers located within specific regions in
which public cloud services originate and operate. Cloud computing
businesses typically have multiple worldwide availability zones. For
example, an AWS Availability Zone (AZ) is the logical building block that
makes up an AWS Region.

Dr. Ethar Abdul Wahhab Page 29

Chapter Three Cloud Computing Deployment Models

Currently AWS operates 96 Availability Zones within 30 Regions around

the world, which are isolated locations or data centers within a region.
Figure (3.2) AWS documentation for a visual representation of Availability
Zones within Regions:

Figure (3.2). AWS Availability Zones within Region

Each Region is designed to be isolated from the other Regions. This

achieves the greatest possible fault tolerance and stability and give user the
flexibility to launch production applications and resources that are highly
available, and scalable as compared to using a single data center.

Dr. Ethar Abdul Wahhab Page 30

Chapter Three Cloud Computing Deployment Models

Within the constructs of AWS, users are encouraged to run their workloads
in more than one Availability Zone. This ensures that user applications can
withstand even a complete Availability Zone failure.

3.3 Private Cloud

The cloud infrastructure is operated for a private organization. It may be

managed by the organization, and may exist on premise or off premise. It is
used within a single company. If any organization set up their own private
cloud and create their own servers having physical hardware servers that
put virtualization layer top on them then they would make resources
available only internally. This cloud architecture provides higher security
than other cloud models because only authorized users may access the
organization’s system. This strategy is ideal for companies that prioritize
security as a top priority.

In private cloud, it is easier to address the relationship between the service

provider and user because the infrastructure operated and owned by the
same organization . It employs the capabilities of cloud management
software to ensure reliable delivery service and integrity of the external
resources. However, the cost is significantly higher because expertise and
training are needed for the server administrator, virtualization specialist,
and network specialist. There are two types of this model:

 Internal Private Cloud

An internal private cloud is present at the organization’s local data center.

All the resources are owned by the organization itself. This allows more
control over the resources of the organization.
Dr. Ethar Abdul Wahhab Page 31
Chapter Three Cloud Computing Deployment Models

The cost in this model is high. It is difficult to scale and offers higher
latencies as servers are deployed on-premises.

 External Private Cloud

An external private cloud is hosted by a third-party cloud provider for the

organization. They dedicate resources on behalf of the organization. This
gives lesser control to the organization. The cost in this model is low and
expenses are variable. It is easy to scale and offers lower latencies as
servers can be deployed in different locations.

The advantages of using a private cloud are as follows:

1- Customer information protection : In the private cloud security

concerns are less since customer data and other sensitive
information do not flow out of private infrastructure.

2- Infrastructure ensuring SLAs : Private cloud provides specific

operations such as appropriate clustering, data replication, system
monitoring, and maintenance, disaster recovery, and other uptime
services.

3- Compliance with standard procedures and operations : Specific

procedures have to be put in place when deploying and executing
applications. This is not possible in the case of the public cloud.

Figure (3.3) explain the public cloud and private cloud.

Dr. Ethar Abdul Wahhab Page 32

Chapter Three Cloud Computing Deployment Models

Figure (3.3) Public cloud and private cloud

The main difference between the public cloud and private cloud can be
summarized in the following table:

Table (3.1). Public cloud vs. private cloud

Parameter Public cloud Private cloud

A cloud provider manages and A single organization

delivers IT infrastructure over manages and delivers IT
Setup
the network for external use. infrastructure over the
network for internal use.

Scale, variety, and quality of It’s not possible to privately

resources is very high. replicate the range and scale
Infrastructure of the public cloud.
Infrastructure quality and
variety is limited.

Dr. Ethar Abdul Wahhab Page 33

Chapter Three Cloud Computing Deployment Models

The cloud provider is The organization is

responsible for the security of responsible for the security
physical and virtual of the hardware and software
Security
infrastructure. The user is infrastructure, as well as the
responsible for the security of data and applications.
their data and applications.

Straightforward using API Requires complex

Deployment calls or few clicks on the technologies and significant
graphical UI. IT expertise.

No upfront costs. Potentially High initial investment in

free for a limited period or a hardware and software
limited usage range. Low licensing. High ongoing
Costs
ongoing costs based on exact costs for infrastructure
usage due to economies of maintenance, security, and
scale. upgrades.

3.4 Hybrid Cloud

Hybrid Cloud refers to a cloud computing model that uses a combination

of at least one private cloud and at least one public cloud, which works
together to provide a flexible mix of cloud computing services.

Some applications ( such as Real-time gaming, Augmented and virtual

reality (AR/VR)) require immediate client and server communication with
less than a second of lag time. For such services, applications can use
existing cloud infrastructure or bring cloud infrastructure and services close
to where end users are located. Hybrid cloud infrastructure generally
includes a public infrastructure as a service (IaaS) or platform as a service

Dr. Ethar Abdul Wahhab Page 34

Chapter Three Cloud Computing Deployment Models

(PaaS) options, a private cloud or datacenter, and access to a secure

network. Many hybrid models leverage local area networks (LAN) as well
as wide area networks (WAN).

With a hybrid cloud, organizations get the best of both other models in a
flexible environment capable of adapting to their specific needs. The
benefits of hybrid cloud solutions include:

 Greater control over resource management

 Faster to deploy applications
 Stronger security implementation and execution
 Flexible scalability and quicker provisioning
 Cost and resource optimization
Even though the private and the public sides of the hybrid cloud are linked,
they remain separate entities. There are conditions where the hybrid cloud
might not be the best solution:

 Smaller organizations operating on a limited cost financial plan might

best be served by a purely public cloud solution.

 An application that requires the highest possible speed might not be

suitable for hybrid cloud, depending on the specific cloud
implementation.

AWS Outposts, Azure Stack, Azure Arc, Microsoft Azure VMware

Solution, Google Anthos, Netflix and iCloud examples of most popular
hybrid cloud. Figure (3.4) explain the hybrid cloud deployment model.

Dr. Ethar Abdul Wahhab Page 35

Chapter Three Cloud Computing Deployment Models

Figure (3.4). Hybrid cloud deployment model

3.4.1. Hybrid cloud security challenges

1. Hybrid cloud setups make cybersecurity more difficult by combining

the challenges of the private and public cloud counterpart.

2. As sensitive data is distributed across multiple cloud providers, it

must be protected at all stages of transfers.

3. Access management also becomes more complex as organizations

must consistently apply security policies across all environments.

4. As organizations move more of their applications and workloads to

the cloud, the responsibility for security is shared between the
organization and the cloud provider.

Dr. Ethar Abdul Wahhab Page 36

Chapter Three Cloud Computing Deployment Models

5. When authorizing a hybrid cloud deployment, executives must

recognize that there are potential risks associated with Service Level
Agreements (SLAs).

3.5 Community Cloud

Community cloud is a hybrid form of private cloud for different

organizations and companies which belong to the same community
with the common concerns and have uniform security, privacy and
performance requirements. Organizations in the financial, health,
educational, and legal sectors can greatly benefit from the community
cloud. The main purpose of the community cloud model is to join
people remotely and work on the same project, which presents a
centralized and common cloud infrastructure. The community cloud
model is useful when organizations share a common business issue or
project and focus on a common goal.

Before adopting the Community cloud, some factors have to be

clarified before proceeding towards this cloud model, and they are as
follows:.

 It enables data sharing among different organizations while

commitment to strict rules and security requirements.

 Service level agreements (SLA) should be reviewed and

understood by organizations.

 The trading companies need to understand the economic model

of the community cloud.

Dr. Ethar Abdul Wahhab Page 37

Chapter Three Cloud Computing Deployment Models

 Organizations should consider the data storage, availability and

security issues of the community cloud.

 Organizations should evaluate how tenants manage issues when

selecting a community cloud.

Cisco’s Community Cloud, Microsoft Government Community Cloud

(GCC) and IBM LinuxONE are examples of Community Cloud. Figure
(3.5) shows Community cloud deployment model.

Figure (3.4). Community cloud deployment model

There are several important factors can help to determine which cloud to
use for which workload such as: Data security, Computing environment
requirements, Cloud computing technology, Price and accessibility.

Dr. Ethar Abdul Wahhab Page 38

Chapter Three Cloud Computing Deployment Models

3.6 Service level agreements (SLA)

A service-level agreement (SLA) is a commitment between a cloud service

provider (CSP) and the user. It defines the level of service expected by the
user from a CSP. SLA lays out the metrics by which that service is
measured, and the remedies or penalties should the agreed on service levels
not be achieved. Usually, SLAs are between companies and external CSP.
The three most common SLA types are:

1. Customer-based SLAs: A customer-based service-level agreement is

designed to meet the individual requirements of a single customer.
This type of SLA covers all the services that the client uses.

2. Service-based SLAs: Service-based service-level agreements apply

to all customers using the services provided. It is a standardized
agreement, which means it’s easier to administer because there’s
only one agreement for any number of customers.

3. Multilevel SLAs: Multilevel service-level agreements are a

combination of customer-based and service-based SLAs. They
provide a balance between standardization and customization,
allowing you to provide different levels of service for different
customer groups.

Q // How to write SLA?

Dr. Ethar Abdul Wahhab Page 39