Cloud computing ( German about: computing in the cloud) describes dynamically adapted to the needs of the approach, abstracted IT infrastructure (eg computing power, data storage, network capacity or finished software ) over a network to provide. From a user perspective the provided abstracted IT infrastructure seems distant and opaque, as veiled by a "cloud ". Offer and use of these services are provided exclusively through defined technical interfaces and protocols. The range of services offered in the context of cloud computing encompasses the entire spectrum of information technology and includes, among other infrastructure (such as processing power, disk space ), platforms and software.

Simplifies the concept can be described as follows: A part of the IT landscape (in this context about hardware such as data center, data storage and software) is not even operated on the user side or provided locally, but rented from one or more suppliers as a service, the is often located geographically far away. The applications and data are no longer on the local computer or corporate data center, but in the ( metaphorical ) cloud ( cloud- English ). The design element of an abstract Cloud outline is commonly used in a network diagram showing an unspecified portion of the Internet.

Access to the remote systems via a network, such as the Internet. But there are also companies in the context of so-called " private clouds " in which there is provided via a corporate intranet. Most providers of Cloud solutions leverage the pooling effects that arise from the sharing of resources for their business model.

  • 5.1 Advantages and problems
  • 5.2 distinguish it from other forms of service
  • 8.1 Privacy
  • 8.2 Performance debt


2009, the National Institute of Standards and Technology ( NIST) a definition that met with widespread acceptance and different approaches to definition bundles:

Cloud computing describes the three service models:

In addition, the definition of the National Institute for Standards and Technology (NIST ) has four delivery models:

The NIST lists five essential characteristics of cloud computing:

  • Even allocation of services to the cloud by the user or users that should be available when needed ( " Self-service provisioning " and "as- needed availability" ).
  • Scalability provides the decoupling of usage fluctuations and infrastructure limitations ( scalability ).
  • Reliability ( "reliability " ) and fault tolerance ( "fault - tolerance" ) guarantee permanently defined quality standards of the IT infrastructure for the user.
  • Optimization and consolidation offers efficiency and economy in adapting to ongoing environmental standards, which can be gradually optimized by the cloud service provider ( Optimization / Consolidation).
  • Quality assurance and quality control can be continuously monitored and ensured by the service provider without the user would have to be loaded (QoS - Quality of Service).

Accordingly goes " cloud computing " beyond other approaches currently under discussion ( " Organic Computing " ) ( virtualization ). Under the condition of public availability, similar for example to the public telephone network, you can " cloud computing " depending on the architecture view also as the sum of SaaS and " utility computing ".


Since clouds are primarily caused by the scaling ideas can be found there also the strongest differentiators.

In order to approach the architecture, one can imagine a simple calculator. He processor cores, memory, hard drive and programs. These elements are also found in a cloud, but in a form which permits massive scale.

Accordingly, the characteristics of a " cloud hard drive " then read differently than that of a traditional hard drive in the computer. Amazon says about his persistence layer (S3 ): " The number of storable objects is unlimited. " Google has its persistence Google File System on about 15,000 individual computers distributed (as of 2009 ).

Similar large dimensions apply to the other components, such as programs or processor cores. Why this is so can be explained solely by the numbers. In 2008, Google announced 10 billion documents that are distributed over 1000 physical computer to be able to sort within of 68 seconds.

"We are excited to announce we were able to sort 1TB ( stored on the Google File System as 10 billion 100 - byte records in uncompressed text files) on 1,000 computers in 68 seconds. "

"We are pleased to announce that we are able to 1TB ( stored in the Google File System in 10 billion documents with 100 bytes of data set size in uncompressed text files), spread over 1000 computers to sort within of 68 seconds. "

Technical realizations of cloud computing

There are different types of cloud computing. A possible structure is the so-called technical cloud stack with three layers can build on the lower layers in the upper layers, but it does not have:

  • Infrastructure
  • Platform
  • Application

Each layer provides a level of abstraction here dar. In this way can the different types of "Clouds" are classified.

Infrastructure ( IaaS)

This model is referred to as Infrastructure-as -a-Service (IaaS ).

The infrastructure or "Cloud Foundation " represents the lowest layer in the " cloud computing " dar. The user accesses Here to to existing services within the system, manages its computing instances (see virtual server ) but largely self services within the IaaS concept are typically distributed persistence ( see Amazon's Simple Storage Service ) and a news service (see message Oriented middleware ). Are cloud services even designed yet highly -scaling, this does not necessarily lead to the programs that run on the introduced user computing entities.

The advantage over traditional data centers is scalability: The computing instances can be reduced depending on the requirements extended to any other instances or. The user has full access to the instances with the property that he is responsible for the instances from the operating system level itself.

The biggest example of this is Amazon Web Services.

Platform ( PaaS)

→ Main article: Platform as a Service (PaaS )

The developer creates the application and loads it into the cloud. This will take care of itself for the division on the actual processing units. Unlike IaaS, the user has no direct access to the computing instances here. He also runs any virtual server. In PaaS scenario, he brings his exclusive program logic in the cloud, which appears to him as a programming interface.

The infrastructure of the cloud itself here cares about the required instantiation of the processing units and the distribution of the data to be processed.

As an example, can be assigned to the platform layer here the products of Microsoft Windows Azure, " App Engine " from Google or " " of

Because the user only supplies its application logic here, the cloud can increase or reduce the number of people actually working instances at will. The abstraction of any technical component here is explicitly intended, because the users of the cloud primarily to process data, but do not want to administer the system.

Application ( SaaS)

→ Main article: Software as a Service ( SaaS)

The application point of view, the most abstract view of cloud services dar. Here, the user brings his application either in the cloud an even he has to deal with scalability and data management. He uses an existing application that offers him the cloud to the outside. This use case includes the two underlying layers, as the cloud functionalities such hochskalierender, distributed memory, fail-safe infrastructure and usually a hochskalierendes Queuingsystem indeed are the basis of the application used, the users of the SaaS service so that however does not come into contact.

A " cloud application " in the SaaS model typically considers the following aspects:

  • The design is modular and service- oriented ( Aufsetzbarkeit on the PaaS scenario).
  • The load is not predictable, because over -use intensity and number of users of an application can often no reliable statement can be made.
  • The application should be dynamic, distributed and multi-client capable.

Known examples of cloud applications are Google Drive, Microsoft Skydrive, ownCloud or

Organisational Types of Clouds

It is next to the technical CloudStack also distinguish between different forms of organization of "Clouds", which have a role depending on the application:

Cloud computing in business

Advantages and problems

As well as the Virtualization enables " cloud computing " cost advantages over conventional systems. This is the case if, for example, the payment on the duration of use of the service oriented and the service is used only occasionally. Local resources ( software and hardware) can be saved. Increasingly, these resource efficiency is also brought in connection with the sustainable use of ICT systems, where such considerations are not new. A frequently cited example is the implementation of e -mail systems based on " cloud computing ", because here, the complexity of the application by measures for prevention of Kompromittierungsversuchen to continuously so that small businesses can benefit from outsourcing. There are also benefits in the case of strongly fluctuating demand: Normally you would have to hold enough capacity to serve peak loads. When using " cloud computing " can the unused capacity variable adapted to the actual needs in the short term. This is especially true for volatile business that must comply with external requirements immediately, such as logistics. Constantly fluctuating and dependent on market goods volumes require timely response and the continuous availability of the necessary capacity to perform. The flexibility and the scalability of the variable cloud deployment would be much cheaper and easier to manage than it is currently with static systems, the case required resources for logistic software (such as WMS, TMS, ERP, etc.). According to a recent study by the Fraunhofer Institute for Material Flow and Logistics IML a cost reduction in the area of ​​warehouse management by up to 56 percent in the first year and 48 percent in subsequent years is feasible. Concepts to practical implementation exist and are already in use. Further cost benefits for service users in public cloud offerings for example in the IT governance (such as ( partially) outsourcing in the IT audit to the service provider ), due to the lower investment requirements and the (tax and commercial law ) approach of monthly fees the full amount.

The problem arises represents data security in cloud computing:

One of the fundamental problems, namely the protection of access to the application data during the transfer between the local client and the remote server can be now solved satisfactorily. There are numerous developments in the field of the safe transfer, such as SSL / TLS encryption. Another fundamental problem is the encryption of data that is stored in databases and file systems of the cloud. This problem is basically solved technically and is used by state-of- the-art cloud providers ( cryptography). However, one finds (as of 2012) to this no information in the privacy policies of the major cloud providers.

The third fundamental problem, namely that the administrators of the cloud provider and the services have access to user data during processing is, however, not yet been resolved.

Critics fear, therefore, that the control of the private data of users by the market- dominant providers, such as Google, this way out of hand would take. However, there are now algorithms, the calculations can split individual instances so that it is even all instances together is not possible to draw conclusions on the processed data. This is merely the executing instance, as only she knows the exact algorithm by which the partial results are merged again. Another approach, which is suitable to resolve this problem is the use of a fully homomorphic encryption. It is anticipated within the cloud exclusively on encrypted data, which can then be decrypted in the private sector again. The challenge here, however, is to find encryption algorithms that work efficiently enough for a massive, large-scale use of cloud computing.

An alternative approach, which makes the data inaccessible also in the cloud, is the concept of Sealed Cloud. Here, a key distribution is used, although an encryption of the data but not the decryption key permits, which are the administrators accessible, and there is a parent backup and subsequent deletion of unencrypted data before an administrator, for maintenance purposes, for example, gets access to the computing infrastructure.

Another challenge in the cloud is the dependency ( lock-in effect) from the respective cloud provider, because the interfaces offered are usually very specific to the manufacturer. Home users are also faced with the question of what happens to their data in the cloud, if the provider of a cloud service goes bankrupt. Therefore, new entrants have to restore the data on your own computer.

Since many home users increasingly are concerned about storing their data in large companies, as they could for example change their conditions at any time, ask a lot of NAS systems for the home functions, as they are known from cloud operators. In this case one speaks of a personal cloud, as the infrastructure is operated entirely by the user.

Distinguish it from other forms of service

Cloud computing is related in some elements with the classic online outsourcing. However, it distinguishes itself in essential points from this. In general, the IT infrastructure is shared by multiple customers, so capacity peaks can be easily distributed and reserves are shared in the area of ​​infrastructure as a service provider. How can cloud services be adjusted in the short term and thus differ from the classical model to use in the customer's computer infrastructure "exclusive". Furthermore, the control and administration of the services is performed by the user via the web interface itself

History of cloud computing

The cloud is one of the oldest symbols of information technology and, as such, for computer networks, whose interior is insignificant or unknown.

The term " cloud computing " was heavily influenced by a few fast-growing Internet companies like Amazon, Google and Yahoo. These companies were due to the rapid growth of its user base before the problem of having to constantly hold up growing systems ( eg this would be the Christmas shopping season for Amazon ) provide sufficient performance even at peak load times.

For Amazon this peak was a factor of 10 higher than the base load in the daily business in 2006. To address this problem, it was decided to make the ( service-oriented ) architecture and services that had been designed and established for coping with the sometimes highly fluctuating or very high numbers of users to a product that you offer to the outside, that is, that this problem is distributed in peak load times on the users of the cloud.

For Amazon this step the mid-2000s was a logical consequence, since they had swung around internally at this time already to small fast - moving team ( fast-moving "two- pizza teams" ), the new functionalities based on the existing cloud infrastructure implemented. The scaling effects of cloud services thus became the basis of the product " cloud computing " itself, which was offered from there not only internally but also externally. Amazon is now the world's largest provider of cloud computing.

Mandatory condition for the use and adoption of cloud computing services are so fast broadband connections that it makes no difference whether data is stored locally on a PC or on remote servers in a cloud. Thus, the increasing relevance of cloud computing for home users is coupled to the supply market with equally fast and reliable and cost effective broadband and LTE connections.

The slow growth of cloud computing in Europe is, inter alia, on the grounds that no pay-as- you-go services are available and that there is particular concern as to whether in the case of regulation of cloud computing all market participants - including small businesses - are treated fairly and priced. In particular, it is also unclear whether, given the legal fragmentation in Europe the national IT and data protection law of the country of the user, the provider or of the country is considered in which the data is stored.

Distinguish it from other technologies

In " grid computing " is about the shared use of common resources and there is no central control. In the case of " cloud computing " you have a provider of resources and a user. The control of resources is centralized.

Legal issues

Legally, both the relationships between cloud providers and their customers as well as the rights of third parties concerned must be considered.

Privacy Policy

After judgment of the European Court of Justice only limited data may arrive in the U.S., where there is more than 90 % of the infrastructure of cloud computing. National data protection agencies are based on the work of ENISA, when asked to explain why cloud computing despite Safe Harbor for schools is prohibited. The data protection officer of Switzerland in particular warn against infringement of data protection law in the use of data centers abroad.

If third party personal data are placed in the cloud, for example German Contracting Authority must advance and then regularly traceable on-site visits in the cloud from the fact that the provisions of the Federal Data Protection Act are complied with. Because well-known cloud providers to share information holdings of their customers, the customers threaten fines. Cloud service providers based in the United States are subject to U.S. law and therefore the Patriot Act. Company based in the United States are therefore obliged to deliver data to U.S. authorities also located on servers in a foreign jurisdiction. This has been confirmed, for example, Amazon, Microsoft and Google.

Not least because of these problems in privacy and in the extent to which the individual the power to dispose of its data actually reserves, received the cloud or cloud computing as a technique in 2012 the negative price Big Brother Award in the category "Communication", the laudation was Rena tangent FoeBuD.

Power fault

In the cloud - specific services usually web or file space, databases, applications and hosting services are provided. When web hosting (also for storage management ), are stored in the data to the host of your hosting provider, is held that this is not ff BGB is a lease under § § 535, but a work contract according to § § 631 et seq. The hosting provider shall pay, as only power that the customer's website is stored with him somewhere and that they can be accessed on the Internet. Actual power is thus the storage of information and their making available for retrieval on the Internet. For the customer is particularly important that the contents are continuously available. As the hosting provider or cloud provider provides this service, the customer is indifferent. This is not left primary memory, but primarily a success, namely the accessibility on the Internet owed. The storage of the site is only a technical requirement of the outstanding success.

In the available group of applications a software-as -a-Service (SaaS ) or "Application Service Providing " (ASP) model is usually chosen. Here, a customer will be charged the temporary use of applications available from the ASP provider. The Federal Court has ruled that in principle to Application Service Providing contracts the tenancy shall apply. Although the decision was certainly important, but it requires a substantial contractual design, especially when designing the service levels, since the tenancy provisions of § § 535 ff BGB alone is not likely to be sufficient.

The classification of contracts for hosting databases in the vertragstypologische classification of the Civil Code is based on the contractually agreed performance. This is basically to distinguish whether as described above file space to store the database is made available by the provider ( called database hosting ) or an application such as an Oracle database is made ( for temporary use ) are available. Owes the cloud IT provider about your hosting service also services, such as in the design of databases, the provisions of § § 87a are to be observed to 87e Copyright Act.