Technical Glossary

Cloud Spectator’s Cloud Glossary can be used to define unfamiliar terminology associated with cloud computing. To suggest additions to the list, please email contact@cloudspectator.com.

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

A

AES See Advanced Encryption Standard.

Advanced Encryption Standard Advanced Encryption Standard is a standard for the encryption of electronic data. AES is the standard set by the U.S. government and organizations around the world. It is fast on both software and hardware. AES ciphers go through multiple repetitions to convert plaintext into ciphertext then reverse rounds are applied to convert ciphertext back into plaintext.

Anything as a Service Anything as a Service (XaaS) refers to the services offered through cloud computing; specifically, IaaS (Infrastructure as a Service), Paas (Platform as a Service), and SaaS (Software as a Service). Cloud Storage is also included, but is named an “as a Service.”

API See Application Program Interface.

Application Program Interface The Application Program Interface serves as a communication tool between software to facilitate interaction.

Asymmetric Cryptography A security measure employed by SSL, asymmetric cryptography employs different encryption and decryption key.
↑Back to the top

B

Bandwidth How fast data travels within a certain duration. This is usually measured in bits per second (bps).

Bandwidth In The traffic measurement from the individual’s computer to the host server.

Bandwidth OutThe traffic measurement from the host serve to the individual’s computer.
↑Back to the top

C

CLI See Command Line Interface.

Cloud The overarching term encompassing all computer virtualization services through networking including (but not limited to) cloud storage, IaaS, and PaaS.

Cloud Computing Commonly used in place of the term cloud, cloud computing may refer to either the general term or specifically to IaaS/PaaS, the sectors of the cloud that require virtual hardware components to process data.

Cloud Storage Cloud Storage is defined as the ability to back up data over the Internet, which is accessible through a web interface offered by a service provider. Benefits of cloud storage include monetary savings, convenience, flexibility, and scalability. Many companies are now employing cloud storage options to backup their important files.

Command Line Interface The Command Line Interface (CLI) offers user access to the computing system via a command prompt.

CPU Refer to Central Processing Unit.

Central Processing Unit
↑Back to the top

D

Data Center The physical building(s) housing the hardware necessary for a cloud service’s virtualization. Geography is important; it may become a physical security concern, depending on the location of the data center. Top cloud service providers take precautions to physically secure their facilities against intentional and/or unintentional breaches.
↑Back to the top

Dedicated Server A server reserved for one purchaser specifically for a desired user task. Dedicated servers can be rented via IaaS providers.

E

Enterprise Cloud The Enterprise Cloud offers a virtualized computing structure that inexpensively simulates a private cloud. It allows for much more control over the resources used as compared to the control in a public cloud.
↑Back to the top

F

FISMA See The Federal Information Security Management Act of 2002.

The Federal Information Security Management Act of 2002 A security provision provided by some cloud services. FISMA requires agencies to inventory information systems, categorize information and information systems by risk level, meet minimum security requirements, complete risk assessments, develop a system security plan, continuously monitor information systems, and receive certification and accreditation for meeting all of the above requirements on an annual basis. Agencies have flexibility in how they meet these requirements, but there are minimum expectations they must meet in an audit to remain certified.
↑Back to the top

G

Graphic User Interface The Graphic User Interface (GUI, sometimes pronounced gooey) is a type of user interface that allows for a visual control over the communication between user and the cloud system.

GUI See Graphic User Interface.
↑Back to the top

H

Hard Disk Space See storage.

Health Insurance Portability and Accountability Act A security provision provided by some cloud services. The HIPAA Act was enforced by Bill Clinton in 1996 to preserve the privacy of users’ health information, such as records, transactions, etc. Entities covered by HIPAA must produce documentation of their practices available to the government and should also provide a written record of all configuration settings possible across every component of their network.

HIPAA

Hypervisor See Virtual Machine Manager.
↑Back to the top

I

Iaas See Infrastructure as a Service.

IN See Bandwidth In.

Inbound See Bandwidth In.

Infrastructure as a Service Infrastructure as a Service (IaaS) refers to the sector of cloud computing that provides virtual data centers to users. Instead of purchasing, maintaining and utilizing personal hardware, users rent virtual data centers hourly/monthly/yearly and increase or decrease the amount of equipment as necessary. The primary benefit to a user is a lower cost of ownership and more flexibility in the utilization of the data center.

Instance Instance is the commonly used term for an IaaS measurement based on the amount of RAM (usually in gigabytes), CPU (usually measured in cores/logical processors), and/or storage (usually measured in gigabytes) within a duration (measured by hour, month, or year, depending on the service provider’s contract options).

ISO 27001 See ISO/IEC 27001:2005.

ISO/IEC 27001 See ISO/IEC 27001:2005.

ISO/IEC 27001:2005 A security provision provided by some cloud services. A standard for information security published by the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC). ISO 27001 mandates formal and specific requirements so that organizations can be officially audited and certified for compliance with the standard.

↑Back to the top

J

↑Back to the top

K

↑Back to the top

L

↑Back to the top

M

MAC See Message Authentication Code.

Message Authentication Code A message authentication code (MAC) authenticates a message in order to protect the message’s data integrity and authenticity.
↑Back to the top

N

↑Back to the top

O

Off-Instance Persistent Storage Off-instances persistent storage provides storage that is independent of the interval of an IaaS instance. Most IaaS providers use instance-store volumes, which are temporary storage. When an instance is terminated, either on purpose or due to a failure, the stored data is lost. Off-instance persistent storage often acts as a hard drive and will not lose data when an instance is terminated.

OUT See Bandwidth Out.

Outbound See Bandwidth Out.
↑Back to the top

P

PaaS See Platform as a Service.

Pay-As-You-Go A standardized option for IaaS plans that allows users to pay only for the resources they use, measured hourly. Not all providers offer the pay-as-you-go option.

PCI DSS See The Payment Card Industry Data Security Standard.

The Payment Card Industry Data Security Standard A security provision provided by some cloud services. The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle credit card, debit card, ATM, and prepaid card information. The standard increases the control of cardholder data and reduces credit card fraud. Compliance must be audited annually by a Qualified Security Assessor (QSA) for large companies or by a Self-Assessment Questionnaire (SAQ) for small companies.

Persistent Storage See Off-Instance Persistent Storage.

Platform as a Service Platform as a Service (“PaaS”) facilitates the building, testing, and execution of custom applications, both web applications and enterprise applications, using cloud technology. PaaS solutions allow IT departments to focus on application development and not worry about run-time system and deployment details such as capacity provisioning, load balancing, and auto-scaling.

Private IP Address Private IP addresses are not publicly registered with the National Information Center NIC because computers on private TCP/IP LANs (networks) do not need to be accessed by the public.

Public IP Address Public IP addresses (also known as Static IP addresses) are publicly registered with the NIC in order to prevent address conflicts. They are visible to the public and allow other parties to find information about and access your computer, much like a web server.

↑Back to the top

Q

Query Relevant to computing, query is a common operation in SQL used to search and retrieve information from a database.
↑Back to the top

R

RAM See Random Access Memory.

Random Access Memory Computer memory that can be accessed byte by byte without having to access preceding bytes. Although not important for cloud storage, RAM (usually rented out per gigabyte) becomes necessary in IaaS and PaaS to provide efficient data processing.
↑Back to the top

Redundancy Redudancy is a security measure employed by cloud service providers. Redundant systems back up data and services in multiple data center locations to preserve data in emergency situations, e.g., the loss of a storage center in a natural disaster.

S

SaaS See Software as a Service.

Safe Harbor Principles A security provision provided by some cloud services. Safe Harbor Pinciples, or International Safe Harbor Privacy Principles, is a process for United Sates and European Union (EU) organizations to comply with the EU Directive 95/46/EC on the protection of personal data. Under Safe Harbor Principles, individuals must be notified that their data is being collected, individuals must have the ability to opt out of the collection of data, data transfer can only occur between organizations with adequate data protection principles, adequate information security must be in place, collected data must be collected for a relevant reason, individuals must be able to access the information collected about them, and there must be a way for management to enforce all of these principles.

The Sarbanes-Oxley Act of 2002 A security provision provided by some cloud services. The Sarbanes-Oxley Act of 2002 is commonly called the Sarbanes-Oxley, Sarbox, or SOX. It is a United States federal law from 2002 that set enhanced accounting standards for public companies and public accounting firms.

SAS 70 See Statement on Auditing Standards No. 70 Type II.

SAS 70 Type I See Statement on Auditing Standards No. 70 Type II.

SAS 70 Type II See Statement on Auditing Standards No. 70 Type II.

Secure Sockets Layer Secure Sockets Layer (SSL) is a cryptographic protocol that provides security over the Internet. SSL encrypts segments of network connections using asymmetric cryptography and a keyed message authentication code. These two functions provide privacy and reliability.

Shared Servers One server is allocated among multiple purchasers and its resources are shared. Although costs are cheaper for this option (compared to dedicated servers), CPU core performance cannot be guaranteed.

SICE See Strongly Isolated Computing Environment.

Software as a Service Software as a Service (SaaS) is a sector of the cloud industry, which provides virtual on-demand software and applications to the user(s). Google Docs is the most common example of a SaaS application: the application runs a document service, but the data is virtualized and not within physical proximity to the user.

SOX See The Sarbanes-Oxley Act of 2002.

SSEA 16 Report A security provision provided by some cloud services. The SSEA 16 is considered an enhanced version of SAS 70. It includes international components while the SAS 70 is specific to the United States. Companies that perform outsourced services that affect the financial statements of outside companies are expected to be SSEA 16 certified. The SSEA 16 standards went into effect on June 15, 2011, so it is still a new auditing standard.

SSL See Secure Sockets Layer.

Static IP Address See Public IP Address.

Statement on Auditing Standards No. 70 A security provision provided by some cloud services. Statement on Auditing Standards No. 70, or SAS 70, is an auditing standard created by the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA). There are two types of audit reports for SAS 70. A Type I service auditor’s report includes the auditor’s opinion on the suitability of the operational controls within an organization. A Type II service auditor’s report includes all the information and opinions of Type I and the auditor’s opinion on whether the operational controls were effective.

Storage (Storage Space) A segment of cloud storage, IaaS, and PaaS. When asked, “How much storage do you need?” by a cloud representative, he/she refers to the amount (per gigabyte in most instances) of disk space in request.

Strongly Isolated Computing Environment The Strongly Isolated Computing Environment (SICE) is developed by Ahmed M. Azab and Peng Ning of North Carolina State University and Xiaolan Zhang of IBM’s T. J. Watson Research Center, and is currently in a prototype stage. The goal is to securely operate sensitive computing processes alongside the less sensitive and secure workloads operating in the same hardware.

SysTrust A security provision provided by some cloud services. SysTrust was jointly developed by the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA). SysTrust specialists evaluate and test a system for reliability measured against three principles: availability, security, and integrity. A benefit of SysTrust over SAS 70 is that SysTrust has established criteria whereas SAS 70 does not.
↑Back to the top

T

↑Back to the top

U

↑Back to the top

V

Versioning Generally a feature of cloud storage, versioning allows users to maintain a history of every file uploaded to data centers. By adding this feature, users can restore old versions of files that have been erroneously altered or deleted.

Virtual Simulation via use of software.

Virtual Local Area Network A virtual local area network (virtual LAN or VLAN) is a group of hosts that communicate as if they were on the same domain regardless of their physical location. A VLAN has the same attributes as a physical LAN, but a VLAN allows workstations to be grouped together even if they are on different network switches (a hub that connects network segments). VLANs address issues with scalability, security, and network management.

Virtual LAN See Virtual Local Area Network.

Virtual Machine In reference to computers, a virtual machine is a software implementation of a physical computer, able to execute processes and programs much like a physical computer.

Virtual Machine Manager Virtual Machine Manager, also referred to as hypervisor, is a technique that allows different operating systems to run simultaneously within one host computer.

Virtual Private Network A virtual private network (VPN) is a network that utilizes the public Internet to provide users access to a central organizational network from a remote location. VPNs provide security, however, because they require users to be authenticated and secure data with encryption technologies such as SSL and AES.

Virtual Private Server The virtual private server simulates the environment of a dedicate server by allocating specified sections of the physical server to perform for a user. This option is optimal for users whom do not have the money to purchase dedicated servers, and cannot fit their services into a shared server.

VLAN See Virtual Local Area Network.

VMM See Virtual Machine Manager.

VPN See Virtual Private Network.

VPS See Virtual Private Server.
↑Back to the top

W

↑Back to the top

X

XaaS See Anything as a Service.
↑Back to the top

Y

↑Back to the top

Z

↑Back to the top