Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).
Final Version of NIST Cloud Computing Definition Published
From NIST Tech Beat: October 25, 2011
After years in the works and 15 drafts, the National Institute of Standards and Technology's (NIST) working definition of cloud computing, the 16th and final definition has been published as The NIST Definition of Cloud Computing (NIST Special Publication 800-145).
Cloud computing is a relatively new business model in the computing world. According to the official NIST definition, "cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction."
The NIST definition lists five essential characteristics of cloud computing: on-demand self-service, broad network access, resource pooling, rapid elasticity or expansion, and measured service. It also lists three "service models" (software, platform and infrastructure), and four "deployment models" (private, community, public and hybrid) that together categorize ways to deliver cloud services. The definition is intended to serve as a means for broad comparisons of cloud services and deployment strategies, and to provide a baseline for discussion from what is cloud computing to how to best use cloud computing.
"When agencies or companies use this definition," says NIST computer scientist Peter Mell, "they have a tool to determine the extent to which the information technology implementations they are considering meet the cloud characteristics and models. This is important because by adopting an authentic cloud, they are more likely to reap the promised benefits of cloud—cost savings, energy savings, rapid deployment and customer empowerment. And matching an implementation to the cloud definition can assist in evaluating the security properties of the cloud."
While just finalized, NIST's working definition of cloud computing has long been the de facto definition. In fact before it was officially published, the draft was the U.S. contribution to the InterNational Committee for Information Technology Standards (INCITS) as that group worked to develop a standard international cloud computing definition.
The first draft of the cloud computing definition was created in November 2009. "We went through many versions while vetting it with government and industry before we had a stable one." That one, version 15, was posted to the NIST cloud computing website in July 2009. In January 2011 that version was published for public comment as public draft SP 800-145.
Researchers received a large amount of feedback, which mainly dealt with interpretations. The definition from draft to final remained substantively the same and only a modest number of changes were made to ensure consistent interpretations. The NIST Definition of Cloud Computing (SP 800-145) is available at http://csrc.nist.gov/publications/PubsSPs.html#800-145.