Cloud computing is an evolving paradigm. The NIST definition characterizes important aspects of cloud computing and is intended to serve as a means for broad comparisons of cloud services and deployment strategies, and to provide a baseline for discussion from what is cloud computing to how to best use cloud computing. The service and deployment models defined form a simple taxonomy that is not intended to prescribe or constrain any particular method of deployment, service delivery, or business operation.
Cloud computing allows computer users to conveniently rent access to fully featured applications, to software development and deployment environments, and to computing infrastructure assets such as network-accessible data storage and processing. This document reprises the NIST-established definition of cloud computing, describes cloud computing benefits and open issues, presents an overview of major classes of cloud technology, and provides guidelines and recommendations on how organizations should consider the relative opportunities and risks of cloud computing. Cloud computing has been the subject of a great deal of commentary. Attempts to describe cloud computing in general terms, however, have been problematic because cloud computing is not a single kind of system, but instead spans a spectrum of underlying technologies, configuration possibilities, service models, and deployment models. This document describes cloud systems and discusses their strengths and weaknesses. Depending on an organization's requirements, different technologies and configurations are appropriate. To understand which part of the spectrum of cloud systems is most appropriate for a given need, an organization should consider how clouds can be deployed (deployment models), what kinds of services can be provided to customers (service models), the economic opportunities and risks of using cloud services (economic considerations), the technical characteristics of cloud services such as performance and reliability (operational characteristics), typical terms of service (service level agreements), and the security opportunities and risks (security).
The adoption of cloud computing into the US Government (USG) and its implementation depend upon a variety of technical and non-technical factors. A fundamental reference point, based on the NIST definition of Cloud Computing, is needed to describe an overall framework that can be used government- wide. This document presents the NIST Cloud Computing Reference Architecture (RA) and Taxonomy (Tax) that will accurately communicate the components and offerings of cloud computing. The guiding principles used to create the RA were 1) develop a vendor-neutral architecture that is consistent with the NIST definition and 2) develop a solution that does not stifle innovation by defining a prescribed technical solution. This solution will create a level playing field for industry to discuss and compare their cloud offerings with the US Government (USG). The resulting reference architecture and taxonomy for cloud computing was developed as an Actor/Role based model that lays out the central elements of cloud computing for Federal CIOs, Procurement Officials and IT Program Managers. The cloudscape is open and diversified and the accompanying taxonomy provides a means to describe it in an unambiguous manner. The RA is presented in two parts: a complete overview of the actors and their roles and the necessary architectural components for managing and providing cloud services such as service deployment, service orchestration, cloud service management, security and privacy. The Taxonomy is presented in its own section and appendices are dedicated to terms and definitions and examples of cloud services.
The Overview of the Reference Architecture describes five major actors with their roles & responsibilities using the newly developed Cloud Computing Taxonomy. The five major participating actors are the Cloud Consumer, Cloud Provider, Cloud Broker, Cloud Auditor and Cloud Carrier. These core individuals have key roles in the realm of cloud computing. For example, a Cloud Consumer is an individual or organization that acquires and uses cloud products and services. The purveyor of products and services is the Cloud Provider. Because of the possible service offerings (Software, Platform or Infrastructure) allowed for by the cloud provider, there will be a shift in the level of responsibilities for some aspects of the scope of control, security and configuration. The Cloud Broker acts as the intermediate between consumer and provider and will help consumers through the complexity of cloud service offerings and may also create value-added cloud services as well. The Cloud Auditor provides a valuable inherent function for the government by conducting the independent performance and security monitoring of cloud services. The Cloud Carrier is the organization who has the responsibility of transferring the data akin to the power distributor for the electric grid.
The Architectural Components of the Reference Architecture describes the important aspects of service deployment and service orchestration. The overall service management of the cloud is acknowledged as an important element in the scheme of the architecture. Business Support mechanisms are in place to recognize customer management issues like contracts, accounting and pricing and are vital to cloud computing. A discussion on Provisioning and Configuration points out the requirements for cloud systems to be available as needed, metered and have proper SLA management in place. Portability and Interoperability issues for data, systems and services are crucial factors facing consumers in adopting the cloud are also undertaken here. Consumers need confidence in moving their data and services across multiple cloud environments.
As a major architectural component of the cloud, Security and Privacy concerns need to be addressed and there needs to be a level of confidence and trust in order to create an atmosphere of acceptance in the cloud‟s ability to provide a trustworthy and reliable system. Security responsibilities, security consideration for different cloud service models and deployment models are also discussed.
The NIST Cloud Computing Security Working group was created to achieve broad collaboration between Federal and private stakeholders in efforts to address the security-related concerns expressed by Federal managers. One of the tasks of the NIST Cloud Computing Working Group is to design a Cloud Computing Security Reference Architecture that supplements SP 500-292: NIST Cloud Computing Reference Architecture (RA) with a formal model and identifies the core set of Security Components recommended for building a successful and secure cloud computing Ecosystem. The document provides for an understanding of the security interdependencies of cloud services, Actors, and requirements that USG agency technical planning and implementation teams and agency procurement offices should identify and address in order to acquire cloud services with security levels that meets agency needs. Under development
(The group seems to be dormant after 2013)
This document describes how an author can set a referrer policy for documents they create, and the impact of such a policy on the Referer HTTP header for outgoing requests and navigations.
Scope of the SC : Standardization of graphic character sets and their characteristics, including string ordering, associated control functions, their coded representation for information interchange and code extension techniques. Excluded: audio and picture coding.
SC 2 experts have been working hard to develop Universal Coded Character Set , ISO/IEC 10646, and related standards which are the fundamental basis of Information systems and being referred from every standards involving character based information exchange and/or processing.
The first version of ISO/IEC 10646 standardized 32,884 characters and published in 1993. Edition 5 of it, the latest version currently under development, will cover over 130,000 characters.
SC2 will keep quality and speed of its work to develop standards for character. And close cooperation between SC2 and other all committees to develop standards involving character codes is important.
Business Requirement Specification for the sourcing of Market Survey results, using the UN/CEFACT Modelling Methodology (UMM) approach and Unified Modelling Language to describe and detail the business processes and transactions involved.
A Market Research project typically initiated in a setting where the need for certain information is identified, either by a MR company, by a producer or marketer of goods or services, or by an official institution, university etc. This starts a process of more exact definition of the information needs.
The definition process is often iterative, and may involve many parties. The responsible party for the process is appointed (own organization or sub-contractor When this process is concluded, the information search process starts, i.e. the Sourcing of Marker Survey Information. This may involve different search methods. The results of the search process are evaluated.
This document describes the extent and limits of the business process within the information chain.
The class diagram of export certification has been developed to specify the cross border exchange of information to enable business information entities to be re-used. It includes business information entities specifically required by government regulators to describe products being traded and aid the transfer of information from an export certificate system to an import clearance system. Document : BRS – E-cert Page : 5 of 29 This document describes the electronic exchange of export certificate data between government regulators to facilitate cross border entry of agricultural products.
This document describes the extent and limits of the business process within the information chain being described in this document. The class diagram of the data exchange proxy is developed such as way that it specifies all information of data exchange proxy given by the agricultural party, reusable business information entities.
The Quotation process is used by a customer to obtain an offer from a potential supplier for the delivery of products or services. During the Quotation process either party may reject the conditions proposed. The Quotation is then not accepted and neither party has residual obligations. For reasons of compatibility with existing practices the Customer may in his rejection include suggestions on conditions that would be acceptable for him. Again, the use of this feature is not preferred.
Specification that describes the business processes and requirements for the cross industry remittance advice process.This version of the specification is expanding the function of the previous version of the cross industry remittance advice process
Standardization in the area of Internet of Things and related technologies.
Serve as the focus and proponent for JTC 1's standardization programme on the Internet of Things and related technologies, including Sensor Networks and Wearables technologies.
Provide guidance to JTC 1, IEC, ISO and other entities developing Internet of Things related applications.
