How the Cloud Service Models are Similar to Baking a Cake


There's nothing more comforting than indulging in a slice of homemade cake paired with a piping hot cup of coffee or tea. Sounds rejuvenating, right? Take the flour, eggs to beat, powdered sugar and a cup of milk. Follow the recipe and viola the cake is ready to eat...

Are you wondering if the focus of this blog has shifted to food recipes rather than security? Well, that’s not the case. However, we can learn a lot from our kitchen friends and apply them to understand quite a few concepts of security. Today we will learn about the various cloud service models and how are they so similar to baking a cake.

If you have not heard the term “cloud” , there is nothing to worry about. In the simplest of terms, you can consider cloud as “someone else’s computer - a very big one which has unlimited storage and processing capacity.” The official definition is as follows:

“Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction”

Let’s understand in simple terms. Cloud takes a set of resources such as processors and memory and puts them into a big pool. Consumers can ask for what they need out of the pool and pay as they use. These resources can also include platforms and applications in some cases. If you have used a public email service such as Gmail, then this can be a perfect example for you to understand the cloud from a beginner’s perspective. When you sign up for Gmail, you are provided with an email service along with some storage to process and store your emails. All emails including yours are stored in servers located across the globe.

What makes you call a cloud a cloud? The following 5 characteristics are must to call a service to be a cloud service.
  • Resource Pooling - The most fundamental characteristic. The cloud service provider ( think Amazon, Google, Microsoft) collects a pool of resources, portions of which can be allocated to consumers.
  • On-Demand Self Service- You can provision the resources as per your needs at any point in time. You need an extra 50 servers with a particular operating system. Just order it right away.
  • Broad Network Access - All resources are available on a network without any need for direct physical access. Your needs are provisioned and delivered to you in the cloud through the network only.
  • Measured Service - If you order 10 burgers, you pay for 10. In a similar manner, cloud service models allow you to pay as per what you use. 
  • Rapid Elasticity- Its festive time, so order most resources for the festive sales. Expand or contract your resources at any time as per your organization’s needs.

In the traditional IT model, everything needs to be provisioned and thought of within the company. The company requires to pay and maintain all the infrastructure by themselves. It’s very similar to baking a cake at home all by yourself. You go and buy all the ingredients - cake, sugar, eggs, milk, pots, pan, oven and start preparing all by yourself.

Before we move further, it’s important to name the various cloud service models. There are 3 categories defined as per the Cloud Security Alliance, although in today’s world, there are unlimited such models being created for marketing purposes.

  • Infrastructure as a Service (IaaS)
  • Platform as a Service (PaaS)
  • Software as a Service (SaaS)

To help understand these models, we will compare them to baking a cake as we did in the case of traditional IT. The following picture will help you understand the 3 models and the responsibilities of the CSP ( cloud service provider) and the organization in them respectively.



IaaS, or, Infrastructure as a Service, offers access to a resource pool of fundamental computing infrastructures such as network and storage. The rest has to be taken care of by the organization.

Extending the cake analogy, IaaS can be understood as “Buy Cake Mix, Bake it at Home”. The CSP is responsible for storage, network, and servers only in IaaS. In a similar sense, you only buy the cake mix from outside and prepare the cake accordingly. You still need to add other ingredients (applications, data, runtime environment) and bake it yourself.

The next service model allows you to take some rest. It is based on the premise “Buy a Cake, Serve it at Home”. Not everyone knows how to bake a cake ( count me in) and hence you and I can decide to go to a bakery and order that as per our specifications. We can pay for what we ordered and bring that home and enjoy it. The PaaS, platform as a service model is exactly that. The applications and data are provided by the organization, however, the complete platform and the underlying infra is taken care of by the cloud service provider.

If you are in the mood for pampering yourself, you can always go to a nice bakery shop and decide as to what you wish to order. The premise is “Dine at a Restaurant that Serves Cake!” Here there is no concept of customization. You need to pick and choose what's on the menu and that would be served on the plate. The SaaS, software as a service model is just exactly that. In this scenario, the entire process is managed by a vendor. You only need to choose from the menu, pay and enjoy!

To summarize, the below diagram explains it all.

What are your thoughts on this? Do you have any other analogies to share? I would love to hear them in the comments section below.

Comments

You may also like to read...

How to Pass the CISSP Exam in First Attempt

The CISSP CAT Exam Experience

How to Pass SSCP Exam in the First Attempt