# Cloud Computing*

# Overview

Cloud computing, as defined by NIST in SP 800-145 is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

There are three pillars of cloud services:

  • Processing data (CPU)
  • Moving data (networking)
  • Preserving data (storage)

To determine the effectiveness of a cloud security program:

  1. Business/Information Technology Functions
  2. Risk Management Functions
  3. Internal Audit

# Infrastructure

Building block technologies of cloud services include:

  • Servers
  • Virtualization
  • Storage
  • Network
  • Management
  • Security
  • Backup and recovery
  • Infrastructure systems (converged infrastructures)
  • Databases
  • Memory (RAM)
  • Processing (CPU)

Add-on services that are not considered building blocks might include:

  • Encryption
  • SSO

Cloud environments do not have a static definition for the perimeter. The perimeter could be the demarcation point, it could be the borders around the individual customers services, it could be nearly no perimeter at all. The standard definition of what constitutes a network perimeter takes on different definitions and deployment models.