cloud auditor (p. 20): A party that can conduct independent assessment of cloud services, information system operations, performance and security of the cloud implementation (†517)
cloud broker (p. 20): An entity that manages the use, performance and delivery of cloud services, and negotiates relationships between Cloud Providers and Cloud Consumers. (†515)
cloud carrier (p. 20): The intermediary that provides connectivity and transport of cloud services between Cloud Providers and Cloud Consumers. (†516)
cloud consumer (p. 20): Person or organization that maintains a business relationship with, and uses service from, Cloud Service Providers. (†513)
cloud provider (p. 20): Person, organization or entity responsible for making a service available to service consumers.
(†514)
community cloud (p. 21): The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be managed by the organizations or a third party and may exist on premise or off premise. (Source: NIST CC Definition)
(†525)
hybrid cloud (p. 21): The cloud infrastructure is a composition of two or more clouds (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load-balancing between clouds). (Source: NIST CC Definition) (†527)
information security (p. 20): Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide: (A) integrity, which means guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity; (B) confidentiality, which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information; (C) availability, which means ensuring timely and reliable access to and use of information. (Source: [SOURCE: Title III of the E-Government Act, entitled the Federal Information Security Management Act of 2002 (FISMA)])
(†518)
Infrastructure as a Service (IaaS) (p. 21): The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly limited control of select networking components (e.g., host firewalls). (Source: NIST CC Definition) (†522)
Platform as a Service (PaaS) (p. 21): The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly application hosting environment configurations. (Source: NIST CC Definition) (†521)
privacy (p. 20): Information privacy is the assured, proper, and consistent collection, processing, communication, use and disposition of disposition of personal information (PI) and personally-identifiable information (PII) throughout its life cycle. (Source: adapted from OASIS) (†519)
private cloud (p. 21): The cloud infrastructure is operated solely for an organization. It may be managed by the organization or a third party and may exist on premise or off premise. (Source: NIST CC Definition) (†524)
public cloud (p. 21): The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services. (Source: NIST CC Definition) (†526)
resource pooling : The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or datacenter). Examples of resources include storage, processing, memory, and network bandwidth (†529)
security audit (p. 21): Systematic evaluation of a cloud system by measuring how well it conforms to a set of established security criteria. (†523)
Software as a Service (SaaS) (p. 20): The capability provided to the consumer is to use the provider's applications running on a cloud infrastructure. The applications are accessible from various client devices through a thin client interface such as a web browser (e.g., web-based email). The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings. (Source: NIST CC Definition) (†520)