Cloud Service Delivery Models & Market Leaders

PDF version of this report
You must have Adobe Acrobat reader to view, save, or print PDF files. The reader
is available for free

Cloud Service Delivery Models
& Market Leaders

by James G. Barr

Docid: 00021187

Publication Date: 1904

Report Type: MARKET


The cloud computing paradigm has evolved to encompass three delivery models:
SaaS, or software-as-a-service; PaaS, or platform-as-a-service; and IaaS, or
infrastructure-as-a-service. In simplest terms, these models are designed to
accommodate application users (SaaS), application developers (PaaS), and
enterprise IT resource managers (IaaS).

Report Contents:

Executive Summary

[return to top of this report]

In an effort to present a
coherent image of cloud computing – and, thus, improve the prospects for cloud
adoption, particularly among enterprise customers – the cloud community in
concert with standards bodies like the National Institute of Standards and
Technology (NIST) have defined three distinct cloud
delivery models: SaaS, or software-as-a-service; PaaS, or platform-as-a-service;
and IaaS, or infrastructure-as-a-service.

  • SaaS providers present consumers with finished applications that they can
    run from the cloud.
  • PaaS providers present consumers (normally
    enterprise consumers) with application development platforms that they can
    utilize to develop (and even host) new applications.
  • IaaS providers present consumers (again, normally enterprise consumers)
    with pay-as-you-go computing resources including processing power, storage,
    and even networking assets.

Not surprisingly, cloud market leaders include Internet mainstays like Amazon,
Microsoft, Google, and IBM.

Market Dynamics

[return to top of this report]

According to a report
from the University of California at Berkeley, even in 2009, "Cloud
computing services [were] already five to seven times more cost effective
than traditional data center ones."1

What Is Cloud Computing?

At the simplest
level, cloud computing is a computing paradigm in which applications
that normally run "on-premise" in an enterprise data center
are run on an extra-enterprise network like the Internet. Today, the most popular manifestation of
cloud computing is SaaS,
or software-as-a service. The concept of cloud computing,
however, can encompass much more, such as providing pay-as-you-go,
on-demand computing resources.

There are no generally-accepted cloud computing standards, with the effect that major cloud computing
vendors, such as Amazon, Microsoft, Google, and IBM, are free to develop cloud
computing "solutions" that complement their network product and
service offerings.

While standards remain an issue, the cloud computing industry –
seeking to ensure that the nature of cloud computing is not as amorphous as the
adjective "cloud" suggests – has generally coalesced around the concept of
service models, embracing "software-as-service" or SaaS, a term already well
established in the cloud computing lexicon, and adding "platform-as-a-service"
or PaaS, and "infrastructure-as-a-service" or IaaS.

  • SaaS providers present consumers with finished applications that they can
    run from the cloud.
  • PaaS providers present consumers (normally enterprise consumers) with
    application development "platforms" that they can utilize to develop (and
    even host) new applications.
  • IaaS providers present consumers (again, normally enterprise consumers)
    with pay-as-you-go computing resources, including processing power, storage,
    and even networking resources.

NIST Cloud Definition Framework

In an effort to formalize these descriptions, the US National Institute of Standards and Technology (NIST)
has proposed – in collaboration with government and industry experts – a NIST
Cloud Definition Framework, which defines SaaS, PaaS, and IaaS as follows:

Software as a Service (SaaS). The capability provided to the consumer is to use the provider’s applications
running on a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser (e.g., web-based email), or a program interface. The consumer does not manage or control the underlying
cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.

Platform as a Service (PaaS). The capability provided to the consumer is to deploy onto the
cloud infrastructure consumer-created or acquired applications created using programming
languages, libraries, services, and tools supported by the provider. The consumer does not manage or control the underlying
cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application-hosting environment.

Infrastructure as a Service (IaaS). The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying
cloud infrastructure but has control over operating systems, storage, and deployed applications; and possibly limited control of select networking components (e.g., host firewalls).2


The SaaS model is relatively mature and can trace its roots back to the 1960s
when "service bureaus" provided dial-in access to specialty applications via a
"time-sharing" vehicle. Around 2000, the proponents of software-as-a
service tried to sell the concept as "application service provisioning," or ASP. While ASP never quite took hold, timing is everything, and when ASP was
rebranded as SaaS and combined with another new and intriguing notion, cloud
computing, IT professionals and the consumers they serve began to take notice.

Another critical dynamic feeding the acceptance of SaaS was the renewed
interest among business executives in outsourcing their IT operations, saving
money and, perhaps just as important, helping facilitate compliance with
increasingly burdensome government regulations. The rationale is as
follows: If applications and data
were offsite, perhaps the responsibility for safeguarding such applications and
data would also be offsite. After all, it’s easier for an enterprise
customer to get a SaaS provider to attest to the efficacy of their cloud
security measures than to actually implement those measures in support on an "on
premise" application deployment.

Until the advent of two new cloud service delivery models, PaaS and IaaS,
the term SaaS was virtually synonymous with cloud computing.

Today, SaaS is considered a viable model for e-mail, sales force automation (SFA),
and other applications that are fairly standard across the enterprise space,
i.e., they require little or no customization. Conversely, applications
like enterprise resource planning (ERP) and supply chain management (SCM) are
poorer SaaS candidates. Even though ERP and SCM vendors may offer a SaaS
option, an enterprise customer may elect to install an on-premise version to
enable an enterprise-specific configuration.

An initial resistance to SaaS was fueled by its "multi-tenant architecture,"
which caused concern that enterprise "A" users might be able to see data
deposited by enterprise "B". While that fear has largely evaporated, there
is growing concern about the overall security of SaaS installations, especially
from hacker and other attacks.


The PaaS model is significant because it lowers the barrier for entry into the
application development space, especially for small companies and smart

With limited capital, developers with access to the Internet can use popular
application development tools and pay-as-you-go computing resources to fashion
the type of new programs and services which were once the exclusive province of
large enterprises or major development shops. Even these large-scale
developers can take advantage of PaaS offerings to expedite development, particularly if their internal provisioning process is slower than that
offered by a comparable PaaS provider.

PaaS platforms are used to build out the functionality around SaaS applications. Given the expected growth in SaaS, PaaS should benefit as a principal SaaS

Today, many PaaS providers also offer extensive infrastructure services,
further blurring the never-quite-distinct line between PaaS and IaaS. As a
result, many self-identified PaaS providers embrace a PaaS/IaaS hybrid status
when describing their portfolios.


For enterprise customers, IaaS offers a simple, yet compelling, value
proposition. According to one estimate, about 50 percent of present IT
budgets are dedicated to infrastructure acquisition and management,
a figure that includes:

  • Hardware and software procurement
  • Repair and maintenance
  • Planned inventory turnover (to replace aging and obsolete equipment)
  • Systems management functions, such as asset or configuration management,
    capacity planning, and performance management

The IaaS delivery model provides enterprise IT managers with a "just-in-time"
acquisition capability. Moreover, acquired resources can be eliminated
from the enterprise portfolio as soon as the need for those resources (a major
application development effort, for example) disappears.

This "now-you-see-it, now-you-don’t" aspect of IaaS makes it possible to
pursue second- or even third-tier projects, since these projects would not
compete for on-premise information assets with more mainstream enterprise development

From a provider’s perspective, IaaS resources are the easiest to provision. As the basic building blocks of IT (processors, servers, and storage), they lack
the volatility of software applications (SaaS) and application development
platforms (PaaS).

Market Leaders

[return to top of this report]

New fourth quarter 2018 data from Synergy Research Group shows that spending on
cloud infrastructure services jumped 45 percent from the final quarter of

"Amazon, the clear market leader, nudged its market share upwards and remains
equivalent in size to its next four competitors combined. Meanwhile revenue
growth at Microsoft, Google and Alibaba again far surpassed [the] overall market
growth rate, so all three gained substantial market share, with Microsoft in
particular jumping ahead. The market share gains of these four was primarily at
the expense of small-to-medium sized cloud operators, who collectively have lost
five percentage points of market share over the last four quarters. Many of
those smaller players are still growing revenues but find themselves unable to
keep pace with the market leaders.

"Among the leaders, IBM’s prime focus is a little different from the others
as it remains the strong leader in the hosted private cloud services segment of
the market."3

Presently, the top five providers of cloud infrastructure services, which
includes IaaS, PaaS, and hosted private clouds) are, in order:

  • Amazon
  • Microsoft
  • Google
  • IBM
  • Google4

[return to top of this report]

IaaS Providers Will Add Converged Infrastructure Systems to Their Resource Pool

To keep pace with new computing demands, IaaS providers will embrace the "converged infrastructure" model where compute, storage, memory (cache),
and network components are integrated into single systems. This "unified
computing" model, first promoted by Cisco and HP, has encouraged the formation
of new firms like Nutanix, which pioneered the "hyperconverged
infrastructure" space.

"Big Iron" Vendors Like IBM and HPE Will
Pursue a Dual IaaS Strategy

IBM, HPE, and other major hardware providers are profiting from the IaaS phenomenon by:

  1. Leveraging their hardware and data center assets to offer their own cloud
    infrastructure services.
  2. Becoming suppliers of choice to other IaaS providers. Instead of
    selling mainframes, servers, and storage systems to enterprise customers that have
    migrated to the cloud, these industry giants are stocking the data centers of cloud providers and other large companies that are building out
    their cloud services infrastructure.

Cloud Consumers Will Continue to Worry About Security, Privacy, and Availability

As often happens, business leaders, beguiled by the prospect of outsourcing
costly IT operations to the cloud, are being forced to consider the potentially
negative consequences of cloud computing: security, privacy, and

Reflecting their collective angst, in December 2011, the US National Institute
of Standards and Technology (NIST) published SP
800-144: "Guidelines on Security and Privacy in Public Cloud Computing."
SP 800-144 provides an overview of the security and privacy challenges
for public cloud computing and gives recommendations that organizations should
consider when outsourcing data, applications, and infrastructure to a public
cloud environment.

SaaS Providers Will Augment Their Offerings with Artificial Intelligence

As reported by, "[Bessemer Venture Partners] predicts that enterprise SaaS solutions will start
adding an AI layer to help users interact with their software. AI also presents
deep learning opportunities that can be unraveled in business analytics, a
timely feature to address the ‘breadth and depth of data,’ said BVP.

"With AI already
driving cars and dabbling in customer support, we expect more SaaS vendors to
start incorporating this technology in their software quite soon."5


[return to top of this report]

Projected Public Cloud Revenue Growth

According to Gartner, projected revenue from the public cloud sector is
expected to be approximately $206.2 billion in 2019, up from $175.8 billion in 2018.
That represents a healthy increase
of 17.3 percent.

"Demand for integrated IaaS and PaaS offerings is driving
the next wave of cloud infrastructure adoption," said Sid Nag, research
director at Gartner. “We expect that IaaS-only cloud providers will continue
to exist in the future, but only as niche players, as organizations will
demand offerings with more breadth and depth for their hybrid environments.
Already, strategic initiatives such as digital transformation projects
resulting in the adoption of multicloud and hybrid cloud fuel the growth of
the IaaS market."6

The Emergence of Edge Computing

As the term implies, "edge computing" is computing at the network edge.
According to Gartner, "Edge computing describes a computing topology in which
information processing and content collection and delivery are placed closer to
the sources of this information."7

Some proponents of edge computing suggest that edge will eventually replace
cloud computing. Others insist that the two computing paradigms (one
distributed, the other centralized) are actually complementary. In industrial
environments, for example, edge systems can capture, process, and rapidly act
upon relevant data. They might then forward that data to the cloud for add-on
analysis – analysis aimed at improving edge operations.

Edge computing helps relieve connectivity, latency, bandwidth, and other
issues that sometimes plague cloud computing. At the same time, cloud computing
can be employed to store and mine massive amounts of data, informing
improvements in machine learning and other "backend" operations.

Too Big to Fail

The 2008 financial crisis, and resultant bank bailouts, provoked a debate,
which is still unresolved, about whether our largest financial institutions are
"too big to fail." This conversation may recur as public policy
officials contemplate the cost to our economy if a major cloud provider, like
Amazon, Microsoft, Google, or IBM, were permitted to fail for any of the traditional
business reasons.

Beyond the wholesale collapse of a major cloud provider, enterprise customers
must consider:

  • How will cloud providers comply with new regulatory regimes like the EU’s
    General Data Protection Regulation (GDPR)?
  • How will cloud
    providers respond to e-discovery and other mandatory legal and regulatory
  • How will the value proposition for cloud
    computing change as enterprise officials realize the need to exert more
    oversight relative to an expanding array of cloud partners?
  • How will enterprise shareholders respond when,
    inevitably, cloud providers – and vital enterprise business partners – are hacked?
  • Will enterprise IT departments dwindle to the
    point that reclaiming outsourced IT services will be impossible or, at
    least, impractical? Is there a proverbial "point of no return" when it
    comes to certain cloud deployments?
  • What is the enterprise business continuity strategy if a major cloud partner fails?

[return to top of this report]


About the Author

[return to top of this report]

James G. Barr is a leading business continuity analyst and
business writer with more than 30 years’ IT experience. A member of
"Who’s Who in Finance and Industry," Mr. Barr has designed,
developed, and deployed business continuity plans for a number of Fortune
500 firms. He is the author of several books, including How to
Succeed in Business BY Really Trying
, a member of Faulkner’s Advisory
Panel, and a senior editor for Faulkner’s Security Management
. Mr. Barr can be reached via e-mail at

[return to top of this report]