Public cloud: this is also called external cloud sometimes and it basically involves an organization that sells readily available cloud services to the general public. Business organizations with sensitive corporate data are reluctant to adopt this model because it increases the threat of exposing confidential data to unauthorized access by third parties and potential cyber criminals. The advantage of using the public cloud is that an organization itself does not have to manage the cloud computing infrastructure nor maintain operational activities. The disadvantage of utilizing the services from a public cloud provider is that it is entirely dependent upon another business entity that is offering resources through public cloud.
Private cloud: also referred to as internal cloud which means that cloud infrastructure and services are explicitly made available for a single organization. This deployment model can be located on premise or off site as it can also be managed by the organization itself or can be outsourced to a third party. Privately-hosted cloud services tend to be more costly but safer than other deployment models because organizations can retain control of their sensitive data and applications and implement their own security measures. The advantage for maintaining the private cloud is that an organization can retain full control of all the computing resources (e.g. applications, data, and systems) related to a cloud infrastructure. The disadvantage of such a deployment model is that an organization has to invest significantly in computing and storage resources and bear the cost of maintaining all software and computing platforms.
Community cloud: organizations who share the same concerns and goals (e.g. security controls, privacy concerns, organizational mission, and regulatory compliance requirements) can join this deployment model to share the cloud infrastructure which could exist on-premise or off-premise as it could be managed by a third party as well.
Hybrid cloud: this deployment model can span two or more other deployment models such as private, public, or community. In this model, data and applications are still standardized and enabled by a proprietary technology. The benefit of this model is that it offers a blend of cost effectiveness and scalability without exposing sensitive business data to external threats. This is possible because the hybrid model allows organizations to maintain their mission-critical applications in a private cloud (which provides security and control of in-house computing resource) and migrate their non-critical applications and platforms to the public cloud. Data availability, control, and performance are some of the disadvantages that can arise from adopting the hybrid cloud model.
Software as a Service (SaaS): in this model, the cloud provider has control of the underlying cloud infrastructure such as servers, operating system, processing, storage, and even the applications capabilities. Cloud provider has the responsibility of managing application capabilities while allowing cloud customers to use and access the application capabilities from their own devices via a thin client interface such as a web browser. Cloud subscribers who adopt this service model will generally have the least control over cloud applications while they have very limited freedom in changing user specific configuration settings (the cloud security alliance guide, 2009); a good example for this type of service model is the Gmail application which is a web-based e-mail provided by Google as a SaaS.
Platform as a Service (PaaS): this computing model is similar to the previous one in that cloud consumers do not have any control over the underlying cloud infrastructure such as network, servers, storage, processing, and applications. This model allows cloud customers to deploy their own application (created by customer) onto the cloud infrastructure that enables them to control and mange those applications. Furthermore; cloud clients do not need to purchase or manage the cloud computing infrastructure while they are provided with capabilities to develop and use software applications.
Infrastructure as a Service (IaaS): this is the foundation of cloud services because it provides capabilities for cloud consumers to deploy fundamental computing resources such as operating systems, applications, servers, bandwidth, storage, and processing. As with the other two models, this model does not demand cloud consumers to manage or
control the underlying cloud infrastructure.
Cloud Deployment Models for Cloud Computing