Apache CloudStack

Apache CloudStack creates, manages, and deploys clouds. It is an open-source application. It is software utilized to deploy and manage large networks of virtual machines, that need to be highly available.
It is deployed as a highly scalable IaaS computing platform.


Capacity is the measurement of the degree to which the cloud can support or provide service.

Cloud App

A cloud application is a software application accessed via the internet and which may include an agent or applet installed locally on the user's device.

Cloud Application Management for Platforms (CAMP)

CAMP is a specification geared towards PaaS. The specification indicates that for consumers this will provider for "portability between clouds." This is accomplished by standardization of the management API, which allows use cases for deploying, stopping, starting, and updating applications.

Cloud Appropriateness

A pitfall in which application development in cloud environments is much different since applications are built on web service frameworks and typically do not support legacy systems and programming languages.

Cloud Bursting

Augmenting internal, private datacenter capabilities with managed services during times of increased demand.
The organization might have datacenter assets it owns, but it can't handle the increased demand during times of elevated need (crisis situations, heavy holiday shopping periods, and so on), so it rents the additional capacity as needed from an external cloud provider.

Cloud Deployment

Deals with which type of cloud you will be leveraging: private, public, community, or hybrid.

Cloud Migration

Cloud migration is the process of transitioning all or part of a company's data, applications, and services from onsite premises to the cloud, where the information can be provided over the Internet on an on-demand basis. The steps in a cloud migration include:
  • Choosing a provider
  • Planning
  • Migrating
  • Testing and validation
  • Maintaining
Concerned with the actual movement of the data, application, and services to the cloud.

Cloud Provisioning

A term used to describe the deployment of a company's cloud computing strategy, which typically first involves selecting which applications and services will reside in the public cloud and which will remain on-site behind the firewall or in the private cloud.

Cloud Standards Customer Council (CSCC)

The Cloud Standards Customer Council (CSCC) is an end-user advocacy group. It is dedicated to accelerating cloud's successful adoption, as well as to drilling down into the standards, security, and interoperability issues that surround the transition to the cloud.

Cloud Testing

Cloud testing is load and performance testing conducted on the cloud applications and services, to ensure optimal performance and scalability under a wide variety of conditions.

Cloud Washing

The act of adding the name "cloud" to a non-cloud service and selling it as a cloud solution.

Compliance as a Service (CompaaS/CaaS)

Includes a variety of compliance services such as data encryption, disaster recovery, reporting, and vulnerability scanning.

Data Science as a Service (DSaaS)

Involves an outside company providing advanced analytics applications (gathered using data science) to corporate clients for their business use.

Dynamic Optimization

The process in which cloud environments are constantly monitored and maintained to ensure that the resources are available when needed and that nodes share the load equally so that one node doesn't become overloaded.


The flexibility of allocating resources as needed for immediate usage, instead of purchasing resources according to other variables.


Eucalyptus is a paid and open-source computer software building AWS-compatible private and hybrid cloud computing environments.


Multitenancy refers to the notion of hosting multiple cloud tenants on a single host while sharing resources.

Networking as a Service (NaaS)

Includes network services from third-parties to customers that do not want to build their own networking infrastructure.


New computing resources can be assigned and allocated without any significant additional capital investment on the part of the cloud provider, and at an incremental cost to the cloud customer.


Usage and administration of cloud services ought to be transparent to cloud customers and users; from their perspective, a digital data service is paid for and can be used, with very little additional input other than what is necessary to perform their duties.


A phenomenon that occurs when the number of VMs on a network reaches a point where the administrators can no longer manage them effectively.
Sprawl is a virtualization risk that occurs when the amount of content grows to such a degree that management is near impossible.
To prevent sprawl, the administrator should define and enforce a process for the deployment of VMs and create a library of standardized VM image files.

Tenancy Separation

Tenants, while running on the same host, are maintained separately in their virtual environments. This is known as tenancy separation.

Vertical Cloud Computing

Refers to the optimization of cloud computing and cloud services for a particular vertical (e.g., a specific industry) or specific-use application.

Cloud Computing


Cloud computing, as defined by NIST in SP 800-145 is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
There are three pillars of cloud services:
  • Processing data (CPU)
  • Moving data (networking)
  • Preserving data (storage)
To determine the effectiveness of a cloud security program:
  1. 1.
    Business/Information Technology Functions
  2. 2.
    Risk Management Functions
  3. 3.
    Internal Audit


Building block technologies of cloud services include:
  • Servers
  • Virtualization
  • Storage
  • Network
  • Management
  • Security
  • Backup and recovery
  • Infrastructure systems (converged infrastructures)
  • Databases
  • Memory (RAM)
  • Processing (CPU)
Add-on services that are not considered building blocks might include:
  • Encryption
  • SSO
Cloud environments do not have a static definition for the perimeter. The perimeter could be the demarcation point, it could be the borders around the individual customers services, it could be nearly no perimeter at all. The standard definition of what constitutes a network perimeter takes on different definitions and deployment models.