It should come as no surprise that it is possible to have a private cloud within a public cloud infrastructure, in much the same way as we have virtual private networks (VPNs) over the public Internet. The most common unschooled view of the cloud is unfortunately one of confusion, with the belief that it is an amorphous collection of compute resources at an indistinct group of third party sites. That definition more closely resembles the Internet itself, however. Before addressing public and private clouds, and whether a
private cloud can exist within a
public cloud, "cloud" itself has to be defined.
[ Cloud computing encourages enterprises to reassess their IT service sourcing strategies. The Cloud, Managed Hosting, Colo or In-house? complimentary research outlines some interesting considerations when deciding on public / private cloud. ]
There are of course, a handful of generally accepted definitions, but generally speaking,
cloud computing is computing that takes place at a centralised location and is then delivered as a service over an IP connection, usually the Internet. When that centralised location is a third party data centre, it is a public cloud. When the centralised
data centre is either on premise, controlled by the end using party, it is a private cloud. But, because of the very nature of things like encryption and
virtualisation, the lines get a little . . . cloudy.
Gartner's 
definition of a private cloud is that it is "a form of cloud computing where service access is limited or the customer has some control/ownership of the service implementation." By that definition, actual location and ownership of the data centre is irrelevant, so long as control by the end user is maintained. That control could be through a provider tunnel that establishes boundaries and limits access to a narrowly defined group of authorised individuals.
[ Unified Management delivers the ability to manage the physical and virtual infrastructure, and to provision and protect IT services, while ensuring compliance with strict service level requirements. Learn more in this complimentary white paper: The Future of Cloud Computing: Unified Management & Automation ]
1. An internal private cloud is where the physical infrastructure is located in a facility under the direct control of a single, exclusive end user.
2. A virtual private cloud is where the physical infrastructure is located externally and managed by a third party, but delivered through tunnelling protocols that establish a virtual private connection that restricts access and establishes a more direct avenue for control over the cloud and its resources.
To make the definition of internal private cloud even fuzzier, an internal private cloud can either be an actual on premise data centre, or it could be housed in an off-site, third party co-location facility. Either way, it remains exclusively under the control of the user. The difference between the co-location option and the cloud data centre is exclusivity - when your cloud emanates from a co-location facility, you are still using, paying for, and managing your own equipment, and the facility is really just an extension of your own premises. A cloud data centre on the other hand, even though it may be delivering compute resources via tunnelling protocols so as to make it seem private, is still using the same group of resources for the benefit of multiple clients.
The final question the implementer of cloud services must ask then, is how much control they actually need, and whether the prospect of implementing an on premise private cloud eliminates too many of the cloud benefits the organisation sought out in the first place.