What is the Shared Responsibility model? – Introduction to Cloud Computing
What is the Shared Responsibility model?
The Shared Responsibility model is a security model and is critically important to understand when operating resources within a public or hybrid cloud environment.
You should understand when it is your responsibility to provide the appropriate level of security and where it’s not your responsibility but that of the cloud services provider.
This responsibility level may dictate what cloud computing services models you decide to deploy, such as IaaS, PaaS, or SaaS, to determine how much control and responsibility you must provide or hand off to the cloud services provider.
There are three levels of responsibility to be considered:
- Responsibilities that the consumer of the cloud services always retains
- Responsibilities that can vary by the resource type
- Responsibilities that will transfer to the cloud services provider:
Figure 1.3 – Shared Responsibility model
This security model illustration aims to visually set out the division or separation of responsibilities between the consumer of the cloud resources and the cloud services provider itself.
The most critical to be aware of is the responsibilities that the consumer of cloud services always retains and your responsibilities to secure and protect.
What are the cloud computing delivery models?
Cloud computing generally has three deployment models: public cloud, private cloud, and hybrid cloud:
- Public cloud, in a nutshell, is a shared entity (multi-tenant) computing model. Hardware and resources such as compute, storage, and networking are owned by the cloud provider and shared with other tenants on the platform, known as multi-tenant or multi-tenancy. Think of this as an apartment block, where you are a tenant that shares the building with other tenants; you pay rent to a landlord for your apartment. In cloud computing, this is the service provider.
- Private cloud, in a nutshell, is a dedicated entity (single-tenant) computing model. Hardware and resources such as compute, storage, and networking are dedicated to your organization use only; this is single-tenant. Think of this as a house as opposed to an apartment block; you are the single tenant, and you do not share the building with any other tenants. You either own the building or you rent the property and pay a landlord; that is, a private cloud can be hardware that you own in your facility or a third-party hosting provider, colocation data center facilities provider. Alternatively, this could be their hardware that they dedicate to you, which is traditional dedicated server hosting.
- Hybrid cloud, in a nutshell, is a combination of a shared entity (multi-tenant) computing model and a dedicated entity (single-tenant) computing model. Some computing resources you choose to have running in your private cloud environment and some resources you choose to have running in a public cloud environment based on your needs. This model offers the most agility and flexibility to changes in demand and business requirements:
Figure 1.4 – Cloud computing delivery models
This illustration aims to outline some key aspects of the three delivery models of public, private, and hybrid cloud.
In the following section, we will compare each of these delivery models and look at the characteristics of each model in more detail.
Leave a Reply