It's been nearly five years since the NIST (National Institute of Standards and Technology) published what has become the standard definition of cloud computing. Both the tech industry and IT organizations have been good about following the NIST definitions for IaaS and SaaS -- not so much for PaaS, a terms that remains confusing and is used confusingly.
The NIST definition (PDF) of PaaS still stands, as far as I'm concerned:
Platform as a Service (PaaS): The capability provided to the consumer to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure, including network, servers, operating systems, or storage, but [it does have] control over the deployed applications and possibly configuration settings for the application-hosting environment.
[ Cloud computing shares resources that were never shared before, creating a new set of risks and demanding a new set of security best practices. Learn about those new security practices from the Digital Spotlight: Cloud Security PDF special report. | Stay up on the cloud with InfoWorld's Cloud Computing Report newsletter. ]
PaaS is about the development and the deployment of applications using programming languages and tools supported by the provider. Although infrastructure is typically involved, that infrastructure is not a part of the PaaS.
But most PaaS providers, including Microsoft and Google, also provide IaaS services, thus making it difficult for enterprises to figure out where the PaaS stops and the IaaS begins. Even Amazon Web Services has added a PaaS to its IaaS offering (Elastic Beanstalk).
Now that everyone is mixing a cloud cocktail, the concept of PaaS has gone on a bender. Today, you'll see PaaS variations such as integration services PaaS (iPaaS) and mobile PaaS (mPaaS), to name just two. I called it the *PaaS movement: Whatever your technology category is, put its first letter in front of "PaaS." The *PaaS movement further confuses the PaaS term.
The PaaS providers are also in the game of confusing the term to make their offerings appear special. Or they'll use a term the customer doesn't really understand to sell something else. For example, many cloud providers now define PaaS as resource-governance or cloud-management platforms that support complex heterogeneous cloud architectures. Some providers define them as security systems, and most providers define PaaS as configurable infrastructure. It's none of those.
No wonder enterprises are confused! PaaS now means anything and everything -- that is, it means nothing.
Companies that sell PaaS should be focused on its true value: enabling enterprises to easily and quickly build business-critical applications that solve real business problems. That's it.
If you're not delivering that, stop using the PaaS term and call your offering what it is.
This article, "What does PaaS really mean? Let us know if you find out," originally appeared at InfoWorld.com. Read more of David Linthicum's Cloud Computing blog and track the latest developments in cloud computing at InfoWorld.com. For the latest business technology news, follow InfoWorld.com on Twitter.