The Shared Responsibility Model
Cloud is NOT "set it and forget it." Both you and the cloud provider share security and operational responsibilities.
On-Premise (Your Responsibility: 100%)
┌─────────────────────┐
│ Application │ ← YOU
├─────────────────────┤
│ Data │ ← YOU
├─────────────────────┤
│ Runtime / Middleware │ ← YOU
├─────────────────────┤
│ OS │ ← YOU
├─────────────────────┤
│ Virtualization │ ← YOU
├─────────────────────┤
│ Servers │ ← YOU
├─────────────────────┤
│ Storage │ ← YOU
├─────────────────────┤
│ Networking │ ← YOU
└─────────────────────┘
IaaS (Infrastructure as a Service)
Provider manages: Virtualization, Servers, Storage, Networking You manage: Application, Data, Runtime, Middleware, OS
Responsibility Model
┌─────────────────────┐
│ Application │ ← YOU
├─────────────────────┤
│ Data │ ← YOU
├─────────────────────┤
│ Runtime / Middleware │ ← YOU
├─────────────────────┤
│ OS │ ← YOU
├─────────────────────┤
│ Virtualization │ ← PROVIDER
├─────────────────────┤
│ Servers │ ← PROVIDER
├─────────────────────┤
│ Storage │ ← PROVIDER
├─────────────────────┤
│ Networking │ ← PROVIDER
└─────────────────────┘
IaaS Examples
AWS EC2 - Virtual machines
aws ec2 run-instances --image-id ami-0c55b159cbfafe1f0 --instance-type t2.microAzure VMs - Virtual machines on Azure
az vm create --resource-group myGroup --name myVM --image UbuntuLTSGoogle Compute Engine - GCP VMs
gcloud compute instances create my-instance --zone=us-central1-aIaaS Use Cases
✅ Testing and development ✅ Website and web app hosting ✅ Storage, backup, and recovery ✅ High-performance computing ✅ Big data analysis
PaaS (Platform as a Service)
Provider manages: Everything except Application and Data You manage: Application, Data
Responsibility Model
┌─────────────────────┐
│ Application │ ← YOU
├─────────────────────┤
│ Data │ ← YOU
├─────────────────────┤
│ Runtime / Middleware │ ← PROVIDER
├─────────────────────┤
│ OS │ ← PROVIDER
├─────────────────────┤
│ Virtualization │ ← PROVIDER
├─────────────────────┤
│ Servers │ ← PROVIDER
├─────────────────────┤
│ Storage │ ← PROVIDER
├─────────────────────┤
│ Networking │ ← PROVIDER
└─────────────────────┘
PaaS Examples
Heroku - App platform
heroku create my-app
git push heroku mainAWS Elastic Beanstalk - Managed platform
eb create production-env
eb deployGoogle App Engine - Serverless PaaS
gcloud app deploy app.yamlPaaS Use Cases
✅ API development and management ✅ Business analytics/intelligence ✅ Database management ✅ Rapid application development ✅ IoT applications
SaaS (Software as a Service)
Provider manages: Everything You manage: Nothing (just use it)
Responsibility Model
┌─────────────────────┐
│ Application │ ← PROVIDER
├─────────────────────┤
│ Data │ ← PROVIDER (encrypted)
├─────────────────────┤
│ Runtime / Middleware │ ← PROVIDER
├─────────────────────┤
│ OS │ ← PROVIDER
├─────────────────────┤
│ Virtualization │ ← PROVIDER
├─────────────────────┤
│ Servers │ ← PROVIDER
├─────────────────────┤
│ Storage │ ← PROVIDER
├─────────────────────┤
│ Networking │ ← PROVIDER
└─────────────────────┘
SaaS Examples
Salesforce - CRM Microsoft 365 - Office suite Slack - Team communication GitHub - Version control
SaaS Use Cases
✅ Email and collaboration ✅ CRM and enterprise applications ✅ HR and finance systems ✅ Productivity tools ✅ Social media
Comparison Matrix
| Aspect | IaaS | PaaS | SaaS |
|---|---|---|---|
| Flexibility | Very High | Medium | Low |
| Ease of Setup | Low | High | Very High |
| Management Burden | High | Medium | None |
| Cost | Pay per hour | Pay per app | Pay per user |
| Customization | Unlimited | Limited | Very Limited |
| Vendor Lock-in | Low | Medium | High |