Cloud computing

This document defines the artifacts and APIs that need to be offered by a Platform as a Service (PaaS) cloud to manage the building, running, administration, monitoring and patching of applications in the cloud. Its purpose is to enable interoperability among self-service interfaces to PaaS clouds by defining artifacts and formats that can be used with any conforming cloud and enable independent vendors to create tools and services that interact with any conforming cloud using the defined interfaces. Cloud vendors can use these interfaces to develop new PaaS offerings that will interact with independently developed tools and components.

Convergence of Social, Mobile and Cloud: 7 Steps to Ensure Success is a practical reference to help enterprise information technology (IT) and business decision makers analyze and consider the implications of social, mobile and cloud technologies on their business. Organizations increasingly value how these technologies can improve customer engagement, forge new partnerships and drive competitive advantage and seek to understand the impact on new and existing business processes.
 
This guide contains guidance and strategies to help decision makers evaluate and compare offerings in key areas from different providers. Along with the base technologies of social, mobile and cloud, the guide discusses the importance of supporting technologies like integration, Big Data analytics and DevOps that enhance the business value of convergence. Industry-specific use cases are used to highlight business impact.

Convergence of Social, Mobile and Cloud: 7 Steps to Ensure Success is a practical reference to help enterprise information technology (IT) and business decision makers analyze and consider the implications of social, mobile and cloud technologies on their business. Organizations increasingly value how these technologies can improve customer engagement, forge new partnerships and drive competitive advantage and seek to understand the impact on new and existing business processes.
 
This guide contains guidance and strategies to help decision makers evaluate and compare offerings in key areas from different providers. Along with the base technologies of social, mobile and cloud, the guide discusses the importance of supporting technologies like integration, Big Data analytics and DevOps that enhance the business value of convergence. Industry-specific use cases are used to highlight business impact.

Migrating Applications to Public Cloud Services: Roadmap for Success was written to provide a practical reference to help enterprise information technology (IT) and business decision makers analyze and consider application migration to the cloud. This paper details strategic and tactical activities for developing a business plan and detailed migration plan. Guidance is provided on the types of applications that are best suited for migration to the cloud.
 
Key considerations include costs of migration, the potential need for application redesign, longevity, performance and availability, security and privacy requirements, the selection of locations, and other potential regulatory requirements.
 
Version 2.0 takes into account the increasing diversity of approaches used to migrate applications to the cloud. Much of this focuses on the use of containers, virtual machines, and serverless functions, as well as on the increasing use of hybrid cloud solutions. Concerns related to security, privacy, and data residency have also become stronger since the initial version. The guide addresses how to mitigate those issues.

Cloud Customer Architecture for Enterprise Social Collaboration describes how to leverage social collaboration tools to harness ideas, exchange information, and increase the speed of innovation across the business.
 
This cloud reference architecture was written for enterprise Information Technology (IT) and business decision makers to assist in understanding the technical capabilities and integration requirements necessary to deliver Enterprise Social Collaboration solutions. It is a vendor-neutral and best practices approach to describe the flows and relationships between business capabilities, functional areas, and architectural components delivered as a cloud solution.
 
This paper discusses how social collaboration solutions can be applied to different industries and aligned with key business initiatives.

Blockchain technology has the potential to have a major impact on how institutions process transactions and conduct business.
 
Blockchain technology provides a secure transaction ledger database through a decentralized network. It has the potential to reduce operational costs and friction, create transaction records that are secure and immutable, enable transparent ledgers with nearly instant updates, and open up new opportunities for growth.
 
This whitepaper introduces basic blockchain concepts that define a standard reference architecture that can be used in creating blockchain applications.
 
Sections of the paper include:

• Blockchain fundamentals
• Key characteristics of a blockchain network
• Blockchain reference architecture capabilities
• An example supply chain scenario using the Hyperledger Fabric blockchain implementation
• Cloud deployment considerations
• Specific examples of blockchain applications

Hybrid Cloud Considerations for Big Data and Analytics is a companion guide to the CSCC's Cloud Customer Architecture for Big Data and Analytics.
 
Today, the majority of big data and analytics use cases are running on hybrid cloud computing infrastructure. A hybrid cloud is a combination of on-premises and local cloud resources integrated with one or more dedicated cloud(s) and one or more public cloud(s), allowing for increased scalability and computational power for big data and analytics capabilities.
 
This whitepaper summarizes what hybrid cloud is, explains why it is important in the context of big data and analytics, and discusses implementation considerations

Cloud Customer Architecture for Big Data and Analytics describes the architectural elements and cloud components needed to build out big data and analytics solutions.
 
Big data analytics and cloud computing are a top priority for CIOs. Harnessing the value and power of big data and cloud computing can give your company a competitive advantage, spark new innovations, and increase revenue. Many companies are experimenting and iterating with different cloud configurations as a way to understand and refine requirements for their big data analytics solutions without upfront capital investment.
 
This paper includes proven architecture patterns that have been deployed in successful enterprise projects and a description of capabilities offered by cloud providers.

The aim of this guide is to provide a practical reference to assist enterprise Information Technology (IT) managers and business decision makers with best practices for developing and growing a “cloud-enabled” next generation IT workforce.
 
Cloud computing and related technologies like blockchain, data science, and AI are transforming the nature of IT, resulting in skill shortages in some domains and staffing surpluses in others. Demand is increasing for cloud-knowledgeable solution IT architects, operations staff, and DevSecOps teams to apply cloud services and related technologies to these challenges for increased agility and efficiency.
 
Now that cloud computing is a mainstream initiative within most enterprises and large organizations, it is an opportune time to embrace training and knowledge-sharing.
 
This paper outlines:

• the business reasons for developing a skilled cloud-enabled workforce
• a strategic framework for meeting today's and tomorrow's skill needs
• best practices for cloud skills training, employee development and career growth
• a survey of available cloud training and certification programs

As data is increasingly accessed and shared across geographic boundaries, a growing web of conflicting laws and regulations dictate where data can be transferred, stored, and shared, and how it is protected. The Object Management Group® (OMG®) and the Cloud Standards Customer Council™ (CSCC™) completed a significant effort to analyze and document the challenges posed by data residency.
 
This discussion paper defines data residency as:
 
“...the set of issues and practices related to the location of data and metadata, the movement of (meta)data across geographies and jurisdictions, and the protection of that (meta)data against unintended access and other location-related risks.”
 
This paper covers issues and risks, laws and regulations, applicable and related standards.

Cloud Customer Architecture for Securing Workloads on Cloud Services was written as practical reference to help IT architects and IT security professionals architect, install, and operate the information security components of solutions built using cloud services.
 
Many cloud services are now available covering infrastructure, platform and application capabilities. Building business solutions using these cloud services requires a clear understanding of the available security services, components and options, allied to a clear architecture which provides for the complete lifecycle of the solutions, covering development, deployment and operations.
 
This paper introduces best practices for architecting the security of cloud service solutions.

Cloud Security Standards: What to Expect and What to Negotiate is a guide to security standards, frameworks, and certifications that exist for cloud computing. This guide will help you assess the security standards support of cloud service providers.
 
As customers transition their applications and data to use cloud computing, it is important that the level of security provided in the cloud environment is equal to or better than the security provided by their traditional IT environment. Cloud security standards and their support by prospective cloud service providers and within the enterprise is a critical area of focus for cloud service customers.
 
The landscape has matured with new cloud-specific security standards, like ISO/IEC 27017 and ISO/IEC 27018 for cloud computing security and privacy, being adopted.