Cloud computing

The TOSCA Simple Profile in YAML specifies a rendering of TOSCA which aims to provide a more accessible syntax as well as a more concise and incremental expressiveness of the TOSCA DSL in order to minimize the learning curve and speed the adoption of the use of TOSCA to portably describe cloud applications.
 
This proposal describes a YAML rendering for TOSCA. YAML is a human friendly data serialization standard (http://yaml.org/) with a syntax much easier to read and edit than XML. As there are a number of DSLs encoded in YAML, a YAML encoding of the TOSCA DSL makes TOSCA more accessible by these communities.
 
This proposal prescribes an isomorphic rendering in YAML of a subset of the TOSCA v1.0 XML specification ensuring that TOSCA semantics are preserved and can be transformed from XML to YAML or from YAML to XML. Additionally, in order to streamline the expression of TOSCA semantics, the YAML rendering is sought to be more concise and compact through the use of the YAML syntax.

The Impact of Cloud Computing on Healthcare was written to help enterprise information technology (IT) and business decision makers of the healthcare industry as they analyze and consider the implications of cloud computing on their business.
 
This guide contains guidance and strategies to help decision makers evaluate and compare cloud computing offerings from different providers, taking into account requirements from various actors including medical practices, hospitals, research facilities, insurance companies and governments. The paper covers current market dynamics, challenges and benefits of cloud computing on healthcare IT.
 
Throughout the paper, the role that management and IT standards play to improve the flexibility, interoperability and portability of cloud computing environments is highlighted.
 
Topics covered in detail:

• Key factors influencing cloud computing adoption in the healthcare industry, the barriers to address, and considerations for service and deployment models
• Specific IT trends in the healthcare industry that are addressed most effectively, both technically and economically, by cloud computing as opposed to traditional IT environments
• Cloud computing services for healthcare currently available that provide substantial benefits to healthcare organizations and patients
• The planning process for migrating healthcare IT systems and applications to the cloud
• Recommendations for how best to achieve the benefits of cloud computing while maintaining an acceptable level of risk

Cloud Customer Architecture for Enterprise Social Collaboration describes how to leverage social collaboration tools to harness ideas, exchange information, and increase the speed of innovation across the business.
 
This cloud reference architecture was written for enterprise Information Technology (IT) and business decision makers to assist in understanding the technical capabilities and integration requirements necessary to deliver Enterprise Social Collaboration solutions. It is a vendor-neutral and best practices approach to describe the flows and relationships between business capabilities, functional areas, and architectural components delivered as a cloud solution.
 
This paper discusses how social collaboration solutions can be applied to different industries and aligned with key business initiatives.

Migrating Applications to Public Cloud Services: Roadmap for Success was written to provide a practical reference to help enterprise information technology (IT) and business decision makers analyze and consider application migration to the cloud. This paper details strategic and tactical activities for developing a business plan and detailed migration plan. Guidance is provided on the types of applications that are best suited for migration to the cloud.
 
Key considerations include costs of migration, the potential need for application redesign, longevity, performance and availability, security and privacy requirements, the selection of locations, and other potential regulatory requirements.
 
Version 2.0 takes into account the increasing diversity of approaches used to migrate applications to the cloud. Much of this focuses on the use of containers, virtual machines, and serverless functions, as well as on the increasing use of hybrid cloud solutions. Concerns related to security, privacy, and data residency have also become stronger since the initial version. The guide addresses how to mitigate those issues.

Migrating Applications to the Cloud: Assessing Performance and Response Time Requirements is a supplement to the CSCC paper, Migrating Applications to Public Cloud Services: Roadmap for Success.
 
Assessing applications and workloads for readiness for migration to cloud computing allows organizations to determine which applications and data can (or cannot) be readily moved to a cloud computing environment and which delivery models (public, private, or hybrid) can be supported.
 
Emphasis is placed on mapping business requirements to the underlying technology to improve decisions regarding the suitability of cloud computing for a particular workload. By testing and quantifying performance and response time implications early on, performance issues can be avoided or mitigated.

Public Cloud Service Agreements: What to Expect and What to Negotiate was written to help cloud customers understand and evaluate public cloud service agreements (CSAs) from different providers.
 
The paper describes the current anatomy of a cloud service agreement, covering the customer agreement, acceptable use policies, cloud service level agreements and privacy policies.
 
The heart of the guide is a series of ten steps that cloud service customers should take to evaluate CSAs in order to compare public cloud service providers or negotiate terms with a provider. The recommendations are based on a thorough assessment of publicly available agreements from leading providers

Security for Cloud Computing: 10 Steps to Ensure Success provides a practical reference to help enterprise information technology (IT) and business decision makers analyze the security implications of cloud computing on their business.
 
The guide includes a list of ten steps designed to help decision makers evaluate and compare security and privacy offerings from different cloud providers in key areas, covering:

• Security and privacy challenges pertinent to cloud computing and considerations that organizations should weigh when migrating data, applications, and infrastructure
• Threats, technology risks, and safeguards for cloud computing environments and the insight needed to make informed IT decisions on their treatment
• A Cloud Security Assessment to assess the security capabilities of cloud providers

 
Version 3.0 introduces new and updated security standards, worldwide privacy regulations, and stresses the importance of including security in continuous delivery and deployment approaches, among other things.

Cloud Security Standards: What to Expect and What to Negotiate is a guide to security standards, frameworks, and certifications that exist for cloud computing. This guide will help you assess the security standards support of cloud service providers.
 
As customers transition their applications and data to use cloud computing, it is important that the level of security provided in the cloud environment is equal to or better than the security provided by their traditional IT environment. Cloud security standards and their support by prospective cloud service providers and within the enterprise is a critical area of focus for cloud service customers.
 
The landscape has matured with new cloud-specific security standards, like ISO/IEC 27017 and ISO/IEC 27018 for cloud computing security and privacy, being adopted.

Cloud Customer Architecture for Securing Workloads on Cloud Services was written as practical reference to help IT architects and IT security professionals architect, install, and operate the information security components of solutions built using cloud services.
 
Many cloud services are now available covering infrastructure, platform and application capabilities. Building business solutions using these cloud services requires a clear understanding of the available security services, components and options, allied to a clear architecture which provides for the complete lifecycle of the solutions, covering development, deployment and operations.
 
This paper introduces best practices for architecting the security of cloud service solutions.

As data is increasingly accessed and shared across geographic boundaries, a growing web of conflicting laws and regulations dictate where data can be transferred, stored, and shared, and how it is protected. The Object Management Group® (OMG®) and the Cloud Standards Customer Council™ (CSCC™) completed a significant effort to analyze and document the challenges posed by data residency.
 
This discussion paper defines data residency as:
 
“...the set of issues and practices related to the location of data and metadata, the movement of (meta)data across geographies and jurisdictions, and the protection of that (meta)data against unintended access and other location-related risks.”
 
This paper covers issues and risks, laws and regulations, applicable and related standards.

The aim of this guide is to provide a practical reference to assist enterprise Information Technology (IT) managers and business decision makers with best practices for developing and growing a “cloud-enabled” next generation IT workforce.
 
Cloud computing and related technologies like blockchain, data science, and AI are transforming the nature of IT, resulting in skill shortages in some domains and staffing surpluses in others. Demand is increasing for cloud-knowledgeable solution IT architects, operations staff, and DevSecOps teams to apply cloud services and related technologies to these challenges for increased agility and efficiency.
 
Now that cloud computing is a mainstream initiative within most enterprises and large organizations, it is an opportune time to embrace training and knowledge-sharing.
 
This paper outlines:

• the business reasons for developing a skilled cloud-enabled workforce
• a strategic framework for meeting today's and tomorrow's skill needs
• best practices for cloud skills training, employee development and career growth
• a survey of available cloud training and certification programs

Cloud Customer Architecture for Big Data and Analytics describes the architectural elements and cloud components needed to build out big data and analytics solutions.
 
Big data analytics and cloud computing are a top priority for CIOs. Harnessing the value and power of big data and cloud computing can give your company a competitive advantage, spark new innovations, and increase revenue. Many companies are experimenting and iterating with different cloud configurations as a way to understand and refine requirements for their big data analytics solutions without upfront capital investment.
 
This paper includes proven architecture patterns that have been deployed in successful enterprise projects and a description of capabilities offered by cloud providers.