PCI DSS Compliance in a Cloud Computing Environment. Part 2Posted: March 2, 2013
Cloud computing recently became a popular topic and has been adopted by many enterprises. The National Institute of Standards and Technology (NIST) has defined cloud computing as follows: “Cloud computing as a model for enabling convenient, on-demand network access to a shared pool of configurable resources (e.g. networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction” 
1. Overview and history
According to Hamdaqa  cloud computing is based on two basic paradigms: virtualization, which abstracts the physical architecture and allows use of it as a software and atomic computing, which enables self-management of distributed systems
The basis of cloud computing is a notion of time sharing,  developed in the 1950s and allowed shared use of mainframes CPU time through terminal connection.
Later, the availability of cheap computers and high-bandwidth networks, coupled with development hardware virtualization technologies, resulted in the rapid growth of cloud computing , , .
2. Service and deployment models
Cloud service providers (CSPs) offer services, which could be divided into three main categories: Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). There are also four types of cloud deployment models: Private Cloud, Public Cloud, Hybrid Cloud and Community Cloud. ,  (Figure 1)
Figure 1- NIST Visual Model of Cloud Computing Definition 
Companies before making a decision on each type of cloud should weigh all benefits and limitations of each type in terms of cost and security, among others.
Dillon, Wu, and Chang  identify the following challenges related to the adoption of cloud computing:
– Costing Model
– Charging Model
– Service Level Agreement
– What to migrate
However, the authors only briefly discuss each of these areas and focus mainly on the results of survey , not paying attention to such sensitive aspects of cloud computing as legal, privacy, compliance, governance, etc.
Zhang, Qi, Lu Cheng, and Boutaba  also present only a brief overview of cloud computing technology and discuss core research challenges. The paper does not develop new models or concepts, but instead only analyses current developments and trends.
Although the researchers touch on security issues in general, they focus mainly on basic issues with confidentiality, integrity and availability, failing to address and explore important problems such as compliance in depth.
 Mell, and Grance (2011) “The NIST definition of cloud computing”. NIST special publication 800-145
 Hamdaqa (2012). “Cloud Computing Uncovered: A Research Landscape”. Elsevier Press. p. 312. ISBN 0-12-396535-7
 Strachey (1959). “Time Sharing in Large Fast Computers”. Proceedings of the International Conference on Information processing, UNESCO p. 336–341
 “Cloud Computing: Clash of the clouds”. The Economist. (2009). http://www.economist.com/node/14637206?story_id=14637206
 “Gartner Says Cloud Computing Will Be As Influential As E-business”. Gartner. http://www.gartner.com/newsroom/id/707508
 Gruman (2008). “What cloud computing really means”.InfoWorld. http://www.infoworld.com/d/cloud-computing/what-cloud-computing-really-means-031
 Zhang, Cheng, Boutaba. (2010) “Cloud computing: state-of-the-art and research challenges.” Journal of Internet Services and Applications 1, p. 7-18.
 NIST Visual Model of Cloud Computing Definition
 Dillon, Wu, Chang (2010) “Cloud Computing: Issues and Challenges” 24th IEEE International Conference on Advanced Information Networking and Applications
 IDC Survey (2009) http://blogs.idc.com/ie/?p=730