Cloud Stakeholders
The International Information Systems Security Certification Consortium (ISC2) CCSP Common Body of Knowledge (CBK) identifies multiple cloud computing stakeholders with specific responsibilities, based primarily on the following International Organization for Standardization (ISO) / International Electrotechnical Commission (IEC) standards and NIST special publications:
- ISO/IEC 17789 Cloud Computing Reference Architecture (CCRA)
- NIST SP 500-292 CCRA
Note
You can read more about the ISO/IEC 17789 CCRA here - https://www.iso.org/standard/60545.html, and the NIST SP 500-292 CCRA here - https://www.nist.gov/publications/nist-cloud-computing-reference-architecture.
The key differences you need to be aware of concerning the identification of these cloud stakeholders are as follows:
- The ISO/IEC 17789 CCRA defines three main roles with multiple sub-roles in each main role
- The NIST CCRA defines five key actors
Note
It is important to focus on the cloud service models and cloud delivery models in this chapter. You will learn about the shared responsibility model, the three service models, and the six common deployment models (as mentioned in the NIST definition) in Chapter 2, Cloud Reference Architecture.
You will now go through each role and actor of ISO/IEC 17789 CCRA and NIST CCRA respectively.
ISO/IEC 17789 CCRA Roles and Sub-Roles
ISO/IEC 17789 is a standard developed by the ISO and the IEC, providing an extensive framework for CCRA. The purpose of this standard is to establish a common language, concepts, and structure to create, deliver, and manage cloud services across various domains.
ISO/IEC 17789 defines a CCRA that includes numerous roles and sub-roles, representing the major actors within the cloud computing ecosystem. You will learn about the duties and interactions between entities within this environment for effective operation and efficiency.
Cloud Service Customer
A Cloud Service Customer (CSC) is an entity that purchases cloud services from a CSP for itself or its users. CSCs can include organizations, departments within organizations, and individuals.
Sub-Roles of the CSC
A Cloud Service User (CSU) is an individual or application that utilizes cloud services provided by the CSP on behalf of the CSC.
CSP
A CSP is the entity responsible for supplying, running, and supporting cloud services. CSPs offer various cloud solutions such as SaaS, PaaS, and IaaS that CSCs can access.
Sub-Functions of a CSP
There are three sub-functions of a CSP:
- Cloud Service Development: The Cloud Service Development (CSD) sub-role is responsible for designing, creating, and deploying cloud services that meet the demands of CSCs.
- Cloud Service Operation: The Cloud Service Operation (CSO) sub-role is responsible for managing, monitoring, and operating cloud services provided by the CSP. This involves ensuring those services’ availability, performance, and security.
- Cloud Service Support: The Cloud Service Support (CSS) sub-role is responsible for offering technical assistance, troubleshooting, and resolving issues related to cloud services for CSCs.
Cloud Service Partner
A Cloud Service Partner (CSN) is an entity that collaborates with the CSP to provide value-added services or support to CSCs. CSNs can be suppliers, resellers, or other organizations working closely with the CSP to improve cloud services as a whole.
Sub-Functions of a CSN
There are two sub-functions of a CSN as listed below:
- Cloud Broker: The Cloud Broker (CB) serves as an intermediary between the CSC and various CSPs.
- Cloud Carrier: The Cloud Carrier (CC) facilitates network connectivity between a CSP and the CSCs to guarantee secure, dependable communication.
Cloud Auditor
The Cloud Auditor (CA) is an independent body that reviews and validates a CSP and its services’ adherence to applicable standards, laws, and best practices.
You will now learn about the key actors as per the NIST CCRA.
NIST Cloud Computing Key Actors
NIST Cloud Computing Reference Architecture (NIST SP 500-292), is a document published by the NIST, with the aim of offering an in-depth framework to comprehend, design, and implement cloud computing services and solutions. This reference architecture is intended to produce a uniform, technology-neutral framework that allows communication, cooperation, and the creation of cloud computing standards among diverse stakeholders, such as CSPs, users, and regulators.
The NIST CCRA is composed of five essential components, often termed as actors. These components describe the fundamental functions and duties inside a cloud computing system, therefore clarifying their interrelationships. The five major elements of the NIST CCRA are as follows.
Cloud Consumer
The cloud consumer is a person, group, or business that utilizes cloud services offered by the cloud provider. The cloud consumer obtains and administers cloud services in accordance with its needs and can access these services through a variety of interfaces and devices.
Cloud Provider
The cloud provider is the entity tasked with making cloud services accessible to the cloud customer. This covers the design, management, and maintenance of the cloud infrastructure, platforms, and applications necessary to offer the services. Cloud providers can provide a variety of service models, including IaaS, PaaS, and SaaS.
Cloud Broker
The cloud broker is an agent that helps cloud customers choose, manage, and integrate cloud services from numerous cloud providers. Cloud brokers can provide value-added services, such as collecting and integrating various offers, negotiating contracts, and maintaining Service-Level Agreements (SLAs) to guarantee that the demands of cloud consumers are satisfied.
Cloud Auditor (CA)
The CA is an independent, responsible body that assesses and evaluates the cloud services offered by the cloud provider. This involves confirming the cloud services’ performance, security, and compliance with industry standards, legislation, and best practices. CAs contribute to the confidence and trust of cloud consumers by verifying that cloud providers achieve the necessary service levels and customer expectations.
Cloud Carrier (CC)
The CC is responsible for delivering the connectivity and transport services required for cloud consumer access to a cloud provider’s cloud services. CCs provide the delivery of data and communication between cloud consumers and cloud providers, guaranteeing safe and dependable access to cloud services.
In addition to these core aspects, the NIST CCRA highlights many cross-functional characteristics that are essential to the installation and operation of cloud computing services. They include security, privacy, and compliance, which are vital for ensuring data protection and adherence to applicable laws and regulations.
By providing a structured and thorough reference architecture, NIST SP 500-292 fosters a shared understanding of cloud computing ideas and terminology, enabling stakeholders to make informed decisions and ease the development of interoperable cloud computing solutions. This reference design is a great resource for enterprises intending to adopt cloud computing or to enhance their current cloud-based services.
You will now understand the definitions and specifics of cloud stakeholders as seen from the perspective of two organizations. The ISO/IEC 17789 CCRA, with its focus on the CSC, the sub-role of the CSU, the CSP (with its associated sub-roles), the CSN, and the CA, offers a comprehensive view of the dynamics of each of the aforementioned roles, while the NIST reference architecture looks at the five primary actors of consumer, provider, broker, CA, and CC. Both are equally important, and it is essential to understand the differences between the two for the CCSP exam.
In the next section, you will dive into the key core technologies that allow cloud computing to exist and be used at scale for those requiring the use of the cloud.
