Your company is developing a microservice-based E-Commerce system to sell toys world-wide. The system shall be packaged in containers and deployed on multiple nodes in the cloud. Critical services are organized into clusters or swarms to support availability and elasticity. Which of the following is the best deployment model?
A. IaaS
B. PaaS
C. SaaS
D. Public cloud
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is D. Public cloud.
The question is asking about the best “deployment model,” which comprises private, community, public, and hybrid cloud. IaaS, PaaS, and SaaS are service models of cloud computing.
NIST SP 800-145
The following is a digest of NIST SP 800-145, The NIST Definition of Cloud Computing.
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models.
Essential Characteristics
- On-demand self-service: computing capabilities are provisioned without requiring human interaction with each service provider.
- Broad network access: computing capabilities are accessed through network and heterogeneous client platforms.
- Resource pooling: multi-tenant model and location independence
- Rapid elasticity: scale rapidly outward and inward
- Measured service: on a pay-per-use or charge-per-use basis
Service Models
- Infrastructure as a Service (IaaS)
- The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications.
- The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, and deployed applications; and possibly limited control of select networking components (e.g., host firewalls).
- Platform as a Service (PaaS)
- The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools supported by the provider.
- The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application-hosting environment.
- Software as a Service (SaaS)
- The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser (e.g., web-based email), or a program interface.
- The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.
Deployment Models
- Private cloud
- The cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units).
- It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises.
- Community cloud
- The cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations).
- It may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them, and it may exist on or off premises.
- Public cloud
- The cloud infrastructure is provisioned for open use by the general public.
- It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider.
- Hybrid cloud
- The cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds).
NIST SP 500-292
| Actor | Definition |
| Cloud Consumer | A person or organization that maintains a business relationship with, and uses service from, Cloud Providers. |
| Cloud Provider | A person, organization, or entity responsible for making a service available to interested parties. |
| Cloud Auditor | A party that can conduct independent assessment of cloud services, information system operations, performance and security of the cloud implementation. |
| Cloud Broker | An entity that manages the use, performance and delivery of cloud services, and negotiates relationships between Cloud Providers and Cloud Consumers. |
| Cloud Carrier | An intermediary that provides connectivity and transport of cloud services from Cloud Providers to Cloud Consumers. |
Reference
- NIST SP 500-291 Version 2: NIST Cloud Computing Standards Roadmap
- NIST SP 500-292: NIST Cloud Computing Reference Architecture
- NIST SP 800-144: Guidelines on Security and Privacy in Public Cloud Computing
- NIST SP 800-145: The NIST Definition of Cloud Computing
A BLUEPRINT FOR YOUR SUCCESS IN CISSP
My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.
- It is available on Amazon.
- Readers from countries or regions not supported by Amazon can get your copy from the author’s web site.
貴公司正在開發基於微服務的電子商務系統,以在全球範圍內銷售玩具。 該系統應包裝在容器(container)中並部署在多個雲端的節點(node)上。 關鍵服務被組織為叢集(cluster)或群集(swarm),以支持可用性和彈性(elasticity)。 以下哪個是最佳部署模型(deployment model)?
A. IaaS
B. PaaS
C. SaaS
D. Public cloud
As always your references for suggested answer are fantastic
Thank you, Kenneth! I’m glad you like them!