• 02/26/2015
    8:00 AM
  • Rating: 
    0 votes
    Vote up!
    Vote down!

Treating The Cloud As A Utility

A NIST report indicates that federal agencies want cloud providers to operate with more utility-like standardization.

For all the hullaballoo this month over net neutrality and the potential for the Internet to be regulated as a utility at the federal level, the overlooked story is that federal agencies apparently also want the cloud to be treated as a utility.

Last fall, the National Institute of Science and Technology (NIST) released the first two of three volumes of the US Government Cloud Computing Technology Roadmap.  At a combined 140 pages, the two volumes aim "to lay the groundwork to more directly tackle a subset of cloud computing technology scope."   The document is a compilation of numerous requirements, goals, and proposals related to cloud computing as identified by federal agencies.

One of the pain points of cloud computing that the roadmap seeks to address is the lack of standardization in the industry.  In addition to calling upon cloud stakeholders in the private sector and academia to adopt a consensus on and conformity with new standards to improve security, reliability, and interoperability, NIST expresses frustration with the lack of utility-like standardization in the terminology and cost models that cloud providers use in their SLAs. 

More specifically, the report claims that cloud service metrics are insufficient as being "relatively imprecise" and lacking "standardized units of measurement."  It particularly blasts Amazon Web Services (which dominates the cloud market and upon which federal agencies have begun to rely on more) for its Elastic Compute Unit, calling the ECU "informal," "imprecise," and failing to "account for workload mix or speed to memory."

"Therefore, consumers cannot determine and request cloud services as a utility with a high degree of predictability and cannot achieve maximum cost-effectiveness in cloud computing service application," according to the NIST report.

Throughout the paper, cloud computing is compared to utilities, with references to vague "utility characteristics" of the cloud and likening it to electricity and fuel.  Twice, NIST expressly states that cloud computing "uses a utility model"  despite relying on a description of cloud characteristics that amount to little more than an abstracted subscription model. 

As such, in trying to fit the square peg of cloud computing into the round hole of basic utilities, the document (Volume I in particular) is filled with hand-wringing over the fact that cloud computing providers do not behave exactly like utility companies.

This might be because cloud computing is not quite a utility.  Foreseeing the possibility of government regulation of cloud computing as a utility back in 2011, information security consultant Robert Graham argued in a blog post that cloud computing "is [a] fungible commodity like oil and copper, not a utility like electricity or sewage."

Nonetheless, the signaling from the federal government is clear.  Volume I of the NIST report repeatedly recommends to the cloud computing community that it engage in "voluntary self-tasking" in accomplishing a laundry list of "priority action plans" consistent with the roadmap's stated goals and ideals.  In other words: "Regulate yourselves the way we want, or we'll do the regulating for you."

The takeaway, then, is that cloud providers should at least work on better standardization and explanation of their metrics and other taxonomies in their SLAs.  Such appeasement, after all, may help cloud also-rans to better compete with cloud titan Amazon for federal contracts.  A failure to follow NIST's recommendations quickly enough, however, may well lead to explicit calls -- and action -- to attempt to regulate the cloud as a utility outright.

Learn about building and managing cloud deployments at Cloud Connect @ Interop Las Vegas this spring. Don't miss out! Register now for Interop, April 27 to May 1, and receive $200 off.


I Loved the Explicit Criticism of the Big Companies here!

Great Blog!

Particularly loved what NIST had to say here-

the report claims that cloud service metrics are insufficient as being "relatively imprecise" and lacking "standardized units of measurement."  It particularly blasts Amazon Web Services ( for its Elastic Compute Unit, calling the ECU "informal," "imprecise," and failing to "account for workload mix or speed to memory."

Its really awesome that someone has finally stepped up to the plate and raised the Issue of Amazon's Services here.Amazon has simply come to dominate the market by aggressively Discounting and under-cutting the Competition.That however is not a sustainable business model in the Long-run.

Customer-Service matters immensely,Whether These Mega-Corps like it or not!




NIST certainly has been influential with its early definitions of cloud computing; I've seen the definitions in countless presentations. It will be interesting to see how much influence this report has.


Cloud resources have become very important for the economy to function at an acceptable level of efficiency, however, regulation could create out comes that are both beneficial and damaging. Stability in cloud resources would cause a greater number of businesses to depend upon the cloud, there will still be the odd outage but, prices would be understood by a greater number of businesses. The downside is that a standardization unit that has been created by force and one that has not naturally evolved out of the market would create value to be allocated in meaningless metrics. In the long term, this could cause the wrongful deployment of resources.

Intel and AMD faced a similar situation a few years ago with their processors, AMD wanted to allow its customers to be able to compare their processors against processors from Intel. So AMD created a numbering format for instance, 2400+ is the same as an Intel 2.4Ghz processor, however, the market quickly decided that this was not as valuable as a dynamic benchmark tool.


@Brian, Stability in cloud sounds like long time project, there number of transition in technology, hardware, SLA poilicies and couple of other things. Although CSP has already gained some pace in terms of customer, as end user are now relying for their applications processing and storage.


Stability and innovation seems to be mutually exclusive events. However, either event can be good for the economy. Creating stability would be hard to achieve because of a number of problems. The absences of an already standardized unit in the market is one example that Joe already mentioned, another problem is that of definitions for instance, is the government referring to only IaaS and PaaS resources, or is SaaS also included in cloud technology?

Cloud is not a utility; NIST is not a good critic

I feel critical of the big cloud suppliers too. They have given me no way to compare the pricing of one virtual server to another. But the NIST report goes too far, or in another sense, not far enough. It clearly doesn't know what the answer is cause it can't lay out the metric that it believes in and wishes to use. Its criciticism requires it to do so, but in doing so, it would open itself up to criticism that it didn't know what it was talking about. In fact, I think it will it will take a set of simple metrics if we are ever to compare one cloud to another. We've yet to settle on the first one, but my candidate is the compute power of the virtual server. Other pertinent issues? I/O speed, network available, security available, speed of application response time, etc.  

Re: Cloud is not a utility; NIST is not a good critic

NIST recently released guidance which covers protecting the information processed, which are devices that copy, print or scan documents, images or objects. My concern here is do we really need that now, people are educated enough to take precautions and save their data. The only thing required right now is making cloud secure place for data to reside.

Re: Treating The Cloud As A Utility

NIST at does have a leg to stand on here: 'cloud' is a daily part of most work environments now. While the it's subjective where this line lies, with size does inevitably come regulation - think of the laws requiring all smartphones to use interchangeable chargers. Part of the trouble is that 'cloud' doesn't really refer to a specific technology, or a specific resource/service. It could be just about anything. Charlie's mention of concerns like security and availablity highlight this issue - how could we possibly cover all that with a single metric? Do you put a tilde and an 'S' next to the number if it comes with good security? That said, I agree that Amazon is dropping the ball here. I browsed around the AWS site the other day for a while checking out some different services, and I'll be darned if I could find out how much something actually costed. It's amusing to me picturing some of our favorite politicians trying to sign up.

Now, I'll agree with you that none of this gives NIST the right to regulate Amazon or other CSPs, and I found myself thinking that several times as I was reading this article. In the end, though, it doesn't really look like they're trying to - they're just suggesting self-regulation, which they're certainly within their rights to do. The suggestion that this portends to a threat is sort of speculation (not that it's outside the realm of possibility), isn't it? On the comparison of utility vs fungible good, I don't think either is quite appropriate. I'd liken your CSP to someone leasing or renting physical space they own to you. It could be as small as a storage locker, or as large as a warehouse, and what you do with it is up to you. Nevertheless, there are still relevant laws, necessary documents, and do's and dont's in this area.

Re: Treating The Cloud As A Utility

zerox203, I agree that NIST is really just making suggestions in this report; I don't think it comes close to actually threatening regulation.