Cloud Computing: Clarity or Confusion?

June 13, 2016
Sifting through the buzzwords will help you determine the real value of cloud services

There has been a fair amount of confusion surrounding “cloud computing” for at least the last 10 years — one of the main ones being how that buzzword is truly defined. In addition, many security integrators, dealers and others who may have a loose understanding of the term would benefit from the proper perspective from which to think about cloud computing — a perspective that takes into account the evolution of the Internet, what we now loosely call “the cloud.”

This second in a series of articles on cloud-based security systems takes a closer look at some of the basic terminology surrounding cloud computing. Look for follow-up articles in the coming months that will guide integrators in the evaluation of cloud services and how to provide value-added components to cloud services for customers.

Technology Evolution & Buzzword Confusion

Your mobile phone can and does evolve in your hand. That has never happened before in the history of phones, and it means that the value of the phone in your hand continues to grow after you have purchased it. Similarly, cloud computing technology is always evolving. This means that the terminology that defines cloud computing will keep changing — either the words or their meanings.

Unfortunately, this will remain a source of potential confusion. Old terms that we are accustomed to will “reappear” in the context of the new technology, which means the frame of reference for those terms will change. Their basic meanings will remain the same, but the words will be pointing to new-technology versions of what they used to point to.

Over the past 10 years, there has been much confusion over “the Cloud” and “cloud services.” Business marketing materials often seem to be written to maximize buzzword impact in an attempt to “resonate” with prospects and customers. But a lack of crystal-clear concepts and meaningful illustrations only results in more confusion and fuzzy thinking relating to the buzzwords.

For example, Global Language Monitor (www.languagemonitor.com) contains a 2008 article entitled, Most Confusing High Tech Buzzwords of the Decade, where “Cloud Computing” topped the list. That year, Cloud Computing was commonly defined as “distributing or accessing programs and services across the Internet (the Internet is represented as a cloud).

Just three years later, the U.S. National Institute of Standards and Technology (NIST) published a three-page document, The NIST Definition of Cloud Computing that defined the term as “a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”

That’s quite a change in just a few years, reflecting a significant degree of advancement not just in the technology capabilities, but also in the manageability of the technology.

Cloud Computing Characteristics

Today, cloud computing is the most cost-effective and efficient way to provide hosted services. Currently many hosted systems are not cloud-based; however, in the future, cloud-based systems will be the common approach, primarily because of the advantages of cloud computing. Robust hosted systems can be provided under one of the cloud computing service models defined by NIST, Software as a Service (SaaS), a term you have probably already seen or heard.

According to NIST, there are five characteristics of a cloud computing:

1. On-demand self-service. Subscribers to cloud services can add or subtract computing capabilities, such as server time and network storage, at any time without needing help from an individual at the cloud computing service provider’s company.

2. Broad network access. Thanks to the Internet (the network of “the cloud”), it is possible to access the same cloud service from just about anywhere, using mobile phones, tablets, laptops, and workstations.

3. Resource pooling (sharing). The investment in high-quality cloud computing equipment is shared across many cloud service customers, including storage, processing, memory, and network bandwidth.

4. Rapid elasticity (scaling capabilities up and down). Capabilities can be elastically provisioned and released, in some cases automatically, directly in response with the demand for cloud computing services.

5. Measured service. The cloud services customer’s use of resources is monitored, controlled, and reported, providing transparency for both the cloud service provider and the customer. Typically cloud computing service charges are implemented on a pay-per-use or charge-per-use basis.

The differences between Software as a Service, Platform as a Service and Infrastructure as a Service —the three service delivery models define by NIST — will be examined closely in the next article in this series. They have a lot to do with what integrators should look for in a cloud-based service offering and what the service provider’s contract with the integrator should contain.

Get into Cloud Thinking

I had decided to use the Axis Video Hosting System (AVHS), a cloud-based platform, as an example in this article. So I got in touch with Fredrik Nilsson, general manager at Axis Communications, and shared some of my thoughts with him about using AVHS as an example.

At first, I had been thinking that NIST’s five cloud computing characteristics were not necessarily relevant to AVHS end-users. Axis says AVHS is suitable for up to 10 cameras per site, which can be just right for a small business like a sandwich shop or a greeting card store. So, if the system is maxed out at 10 cameras, how does the rapid elasticity characteristic (the ability to scale up or down, in some cases automatically) apply to a system that’s maxed out at 10 cameras? I had been thinking about scalability from the perspective of large enterprise systems and security system expansion — the size of systems that I most often deal with.

Mr. Nilsson helped me tweak my cloud thinking with regard to smaller systems. One of my pet peeves has been how DVR and NVR recorder designs are often undersized, in the sense that if you have a 16-port recorder, to put 16 cameras on it you have to seriously throttle back the recording frame rates and reduce the image resolution — if you do not, the unit really supports only 4 to 8 cameras.

Cloud computing can eliminate this issue. Even for a system that’s capped at a specific number of cameras, here is how the rapid elasticity characteristic of cloud-computing applies in a well-designed cloud-based service:

  • The customer can decide to record more or less video (retention, frame rate and resolution) without running into the limits of on-premise hardware. The cloud resources can scale up to handle it.
  • The cloud service can provide automatic backups of video, which is not feasible with on-premise recording.
  • The cloud service provider monitors the functionality of the system, and keeps it updated and well-maintained.
  • The system can scale up if the small shop owner customer, for example, decides to open three more stores.

Many companies inside and outside the security industry maximize their use of cloud-related buzzwords, which can make it unclear of the offering’s actual capabilities. It was good to discover that Axis did not take that approach. The company accurately refers to its cloud-based offering as a hosting system, calling it VSaaS (Video Surveillance as a Service), and making only minimal mention in plain language, of the cloud computing aspect of the platform.

This non-buzzword approach enables customers to make decisions. In reality, most customers are negatively impressed by buzzwords.

New Context for Old Terminology

The first article of this series, “Avoid Key Cloud Services Mistakes” (www.securityinfowatch.com/12177153) says the first mistake is thinking that a “cloud system” is any kind of server or system connected to the Internet. This came about because companies — not just in the security industry — provided “hosted systems,” which were client-server systems that customers could connect to over the Internet, and then came to think that “cloud” was just a new name for what they already had in place. That is still a common confusion. That does not mean a hosted system cannot be established in the cloud. It just says that an old-style hosted system (computer plus Internet connection) is not a cloud system.

To completely eliminate the confusion on this topic, we need to look at what exactly a hosted system is and where the term came from. The following definitions apply. Important note: There is more than one definition for some of the terms. This is because the use of the terms has evolved over time. This is why the word “host” is a common source of confusion, as it is not always clear from context which definition of host applies.

  • Host (noun) 1. A shortened form of host computer. She installed software on the new host. (verb) 2. To run applications or store data on a host computer for access by other computers on a network. We can host this software on one of the computers in the data center.
  • Host Computer (noun) 1a. A networked computer that controls or performs certain functions for other computers on the same network; 1b. a computer that runs software programs for access from another computer. We have five host computers in the computer room. (noun) 2. Any computer that is connected to a TCP/IP network; all computers on a TCP/IP network are hosts. In client-server computing, some hosts function as server computers and some hosts function as client computers. Note: this definition applies whether the computer is a physical machine or a virtual machine. A virtual machine connected to a TCP/IP network is also host computer.
  • Hosted Services (noun) 1. Software or data services that an organization runs on its host computers and makes available to users (individuals or other computers) outside of the organization, typically through the Internet, and often for a fee. We use hosted services for email instead of running an email service inside our own building.
  • Hosted System (noun) 1. A computer system (whether physical or virtual) whose use is being provided under a hosted services model. The store owner uses a cloud-based hosted system to record video.
  • Hosting Services (noun) 1. The business of providing hosted services, typically via the Internet. The company across the street provides website hosting services.
  • Hosting System (noun) 1. A computer-based system for providing hosting services.

Ray Bernard, PSP CHS-III, is the principal consultant for Ray Bernard Consulting Services (RBCS), a firm that provides security consulting services for public and private facilities (www.go-rbcs.com). Mr. Bernard is a Subject Matter Expert Faculty of the Security Executive Council and an active member of the ASIS International member councils for Physical Security and IT Security.