I last wrote about the cloud computing standards work of ISO/JTC1/SC38, which is the ISO committee concerned with distributed application platforms and services, back in October of 2013. Here’s an update.
The final round of balloting was completed on March 24, 2014 and two new standards were approved with minor edits. These standards are:
– ISO/IEC DIS 17788 Information technology – Cloud Computing – Overview and Vocabulary
– ISO/IEC DIS 17789 Information technology – Cloud Computing – Reference architecture
These standards were developed in collaboration with the ITU-T who will also be adopting and publishing them.
These two standards represent a broad consensus on a definition for cloud computing:
“Cloud computing is a paradigm for enabling network access to a scalable and elastic pool of shareable physical or virtual resources with self-service provisioning and administration on-demand.” (DIS17788/9)
Also included is a high level description of the major concepts and components for a reference model that will allow cloud computing to be described more clearly. These concepts include:
- Parties, roles, sub-roles and activities;
- Cloud service customers, partners and providers;
- Service categories and deployment models;
- Cross cutting activities (i.e., activities that have a wider impact than on role);
- Functional layers, components and multi-layer functions; and
- Various other concepts such as multi-tenancy, federated clouds, and inter-cloud interworking.
These standards are derived from but are not identical to the NIST definition, which is described in NIST SP800-145.
An important next question is: What new standards work should SC38 start in order to crystallize and solidify the underpinning standards for cloud computing?
Some progress has already been made on a standard (to be called ISO/IEC 19086) for cloud computing service level agreements (SLAs). It will be developed in two parts: Part 1 will be the Overview and concepts; and Part 2 will be Supporting Metrics. The next committee meeting at the end of April in Australia will hopefully move significantly forward with this work.
Three new work items have also been recommended by a planning committee and it is expected that these will proceed to a vote after the Australia meeting. The items of new work are:
- Proposed New Work Item on Data Flow (SC38 document N1010)
- Proposed New Work Item on Cloud Computing Lifecycle (SC38 document N1006)
- Proposed New Work Item on Interoperability and Portability (SC38 document N1005)
If you are interested in any of these items and would be willing to volunteer to help the Canadian SC38 committee participate, please contact the Standards Council of Canada (www.scc.ca) and let them know. The Canadian committee meets regularly, usually via teleconference and occasionally face-to-face.
Understanding how IBM Spectrum Protect enables hybrid data protection
Abdicating your company’s data protection responsibilities to the first cloud solution provider you encounter is just as unwise as doing nothing at all to leverage the cloud. On the other hand, it can be a wise decision to investigate what results you might achieve by choosing a backup technology that is capable of supporting a hybrid protection approach capable of covering both on-premises technology and offsite cloud capabilities.