It is tempting to subtitle this section ‘Hey you get off of my cloud': those familiar with the lyrics of the well known Rolling Stones song will be aware that it concerns clashes of different cultural expectations and mores that are not dissimilar to some of the issues faced by different types of organisation sharing space in the cloud.
Clouds, ie the locations where services are acquired and data is stored, can take various forms. Multi-tenancy is another term that is often used in a very vague sense to denote different organisations in the same cloud space and it is important to determine what form of deployment is being used and how the space is partitioned for security purposes. The most widely used definition of cloud deployment models is that adopted by NIST (Mell & Grance 2009; Badger et al 2011):
Each of the models has its own pros and cons. The public cloud offers state-of-the-art technology, elastic and (theoretically) unlimited scalability and the potential for genuinely pay-per-use pricing. Community and private clouds may come at a higher cost (this is not necessarily true for some of the types of computing carried out in HE see the section on experiences of cloud computing) and be less infinitely scalable but offer more control over who has access to data and where the data is stored.
There is much debate relating to security issues in the cloud (see the section on risks of cloud computing): the large organisations operating the public cloud have considerable resource to put into state-of-the-art security, they are nonetheless a major target and may not always be able to guarantee compliance with institutional data management policies. There is more on this topic in the section on security in the cloud.
There is similarly, considerable debate about which of these models may or may not be appropriate for activities in the education sector. A report produced for Jisc in 2010 on Cloud computing for research (Hammond et al 2010) concluded that the development of a private cloud for research purposes was unlikely to offer real benefits, although a parallel Technical Review of Using Cloud for Research (TeciRes) (Wills et al 2010) thought there may be some potential in this approach.
Depending on the type of computing being undertaken, an organisation might use either a public or private cloud space as a test bed to gain experience and capability before moving in the opposite direction. This is explored further in the section on practical steps towards cloud computing. They may also wish to develop the capacity for ‘cloud bursting’ ie to avail themselves of public cloud space at times of peak need or to create a hybrid model that permits load balancing across clouds.
"In a public cloud, a single machine may be shared by the workloads of any combination of subscribers. In practice, this means that a subscriber’s workload may be co-resident with the workloads of competitors or adversaries."
Badger et al 2011
"Scaling to larger sets of subscribers and resources is one of the important strategies for public clouds to achieve low costs and elasticity; if this scaling is achieved, however, it also implies a large collection of potential attackers."
"Public clouds weren’t built to archive 1 TB of data; they were built to store and process smaller volumes of data and to provide elastic services in case of sudden peaks in demand."
Simon Waddington, Kings College London
"A UK academic cloud would not have the scale to realise the key benefits of cloud computing, yet would still accrue most of the disbenefits."
Hammond et al 2010