The IT Law Wiki



A private cloud is a cloud infrastructure

provisioned for exclusive use by a single organization comprising multiple cloud service customers (e.g., business units). It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises.[1]

U.S. Department of Defense[]

A private cloud is a

Cloud in which services are provided for the exclusive use of the DoD; supporting multiple DoD tenants or DoD sponsored tenants in the same cloud. The DoD maintains ultimate authority over the usage of the cloud services, and any non-DoD use of services must be authorized and sponsored through the DoD. Resources providing the cloud services must be dedicated to DoD use and have physical separation from resources not dedicated to DoD use.[2]


A private cloud gives a single cloud consumer's organization the exclusive access to and usage of the infrastructure and computational resources. It may be managed either by the cloud consumer organization or by a third party, and may be hosted on the organization's premises (i.e., on-site private clouds) or outsourced to a hosting company (i.e., outsourced private clouds).

In private clouds, services are provided exclusively to trusted users via a single-tenant operating environment. Essentially, an organisation's data centre delivers cloud computing services to clients who may or may not be in the premises.[3]

Onsite cloud

On-site Public Cloud

Outsourced cloud

Outsourced Private Cloud


  1. Cloud Service Level Agreement Standardisation Guidelines, at 13.
  2. DoD Cloud Computing Security Requirements Guide, at B-1.
  3. The Cloud: Understanding the Security, Privacy and Trust Challenges, at x.

See also[]