Excursus on Deployment and Service Models

Different Deployment Models: For whom and how is it provided?

Cloud computing environments can be constructed and implemented differently while organizing the access to and the use of the cloud computing service in different ways. These different models are referred to as Deployment Models. The most commonly known Deployment Models are

  • Private Cloud,
  • Virtual Private Cloud,
  • Public Cloud, and
  • Community Cloud.

Hybrid Cloud is a mixture of such models. To show their differences they are often compared with a solution which is implemented and operated by the user organization in its own datacenter. This model (which is not a cloud computing service) is often referred to as “on premise”. Table 1 shows three Deployment Models of cloud computing and the “on- premise” solution for the sake of comparison. For each Deployment Model some characteristics are given. Note that the term “user” rather refers to the contracting party of the Cloud Service Provider (CSP), i.e. to organizations and not to individuals using the cloud.

Table 1: Deployment Models (cloud) plus on-premise (source: [8])

Different Deployment Models differ in their risk profile. If a cloud computing service is offered to everyone, it must be accessible publicly. Private environments can user other means to restrict accessibility. They entail lower risks than public ones. Moreover, confining who can be a user may reduce risks. Sharing the environment with trusted neighbors entails lower risks than sharing it with a great number of unknown and potentially untrusted parties. So, the Deployment Model does matter when it comes to IT security and risks. Moreover, different Deployment Models may require implementing security measures in a different way.

Different Deployment Models do not differentiate with respect to the functionality provided by the core cloud computing service. They differentiate with respect to its use and provisioning. Different Deployment Models require the cloud computing environment to be configured differently. Accesses require connectivity. Networks and accesses are configured differently. Specific components may be required additionally while not be present in other models. Size, products and other technical parameters can be different as well. Though, the cloud computing core service may not differ significantly, other areas are affected and implemented in a different manner. This needs to be considered when it comes to IT security and compliance.