Cloud computing

Network as a Service (NaaS) is one of the representative cloud service categories, in which the capability provided to the cloud service customer (CSC) is transport connectivity and related network capabilities. NaaS services can provide any of three cloud capabilities as: NaaS application service, NaaS platform service and NaaS connectivity service. All the three kinds of NaaS service face particular security challenges such as application security vulnerabilities, security risks of network virtualization, eavesdropping, etc. Recommendation ITU-T X.SRNaaS analyses the security challenges and security requirements of NaaS application, NaaS platform and NaaS connectivity. This Recommendation could help NaaS service providers to address on the security issues. The capabilities provided by this Recommendation will take into account the national legal and regulatory obligations in individual Member States in which the NaaS services operate.The methodology of this proposal would follow the recommendations of clause 10 in Recommendation ITU-T X.1601.

Infrastructure as a Service (IaaS) is one of the representative categories of cloud services, in which the cloud capabilities service provided to the CSC is an infrastructure capabilities type. IaaS environments and virtualized services are facing more challenges and threats than traditional information technology infrastructure and application. Platforms that share computing, storage, and network services need protections specific to the threats in the IaaS environment. If these threats are not carefully addressed, it will have very negative impact on the development of IaaS services.Recommendation ITU- X.SRIaaS aims to document the security requirements of public IaaS. This will be helpful for IaaS CSPs to improve the overall security level throughout the planning, constructing and operating stages of IaaS platform and services. This work also complements the security standardization activity related to Software Defined Networks

Recommendation ITUT X.SRCaaS recommends the security requirements of communication as a service (CaaS) application environments with the identification of the risks. The Recommendation describes the scenarios and the features of CaaS, into which multicommunication capabilities are plugged. Moreover, some special /unique risks are identified, which are caused by the unique features of CaaS. The corresponding security requirements are recommended for the following aspects: Identity fraud, orchestration security, multi devices security, countering spam, privacy protection, infrastructure attack, attack from infrastructure, Intranet attack and so on. The Recommendation refers to the common security requirements of Recommendation ITUT X.1602 to avoid duplicated work. These measures in the requirements take into account the national legal and regulatory obligations in individual member states in which the platforms operate. The work applies the methodology standardized in clause 10 of Recommendation ITU-T X.1601.

Recommendation X.1643 analyses security threats and challenges on virtualization container in cloud computing environment and specifies a reference framework with security guidelines for virtualization container in cloud.

This document provides terms and definitions for vocabulary used in the field of cloud computing.

Interoperability and Portability for Cloud Computing: A Guide was written to provide a clear definition of interoperability and portability and how these concepts relate to various aspects of cloud computing and to cloud services.
 
The aim of this guide is to give both cloud service customers and cloud service providers guidance in the provision and selection of cloud services indicating how interoperability and portability affect the cost, security, and risk involved.
 
Version 2.0 is updated to reflect the ISO/IEC 19941 Cloud Computing Interoperability and Portability standard and its facet models of interoperability, data portability, and application portability. Containers and their associated technologies are addressed in the paper, as well as automation in the use of cloud services.

The “Software Defined Perimeter (SDP) protocol,” is designed to provide on-demand, dynamically provisioned, air-gapped networks. Air-gapped networks are trusted networks that are isolated from all unsecured networks and this may allow them to mitigate network-based attacks. The SDP protocol is based on workflows invented by the Department of Defense (DoD) and used by some Federal Agencies. Networks based on these workflows provide a higher level of security, but are thought to be very difficult to use compared to traditional enterprise networks.
 

The Software Defined Perimeter (SDP) has adapted the generalized DoD workflow but has modified it for commercial use and made it compatible with existing enterprise security controls. Where applicable, SDP has followed NIST guidelines on cryptographic protocols. SDP can be used in government applications such as enabling secure access to FedRAMP certified cloud networks as well as enterprise applications such as enabling secure mobile phone access to public clouds.

The Practical Guide to Cloud Service Agreements was written to help enterprise information technology (IT) and business decision makers analyze cloud service agreements (CSAs) from different cloud service providers.
 
CSAs are written to set clear expectations for service between the cloud customer (buyer) and the cloud provider (seller), but should also exist between a customer and other cloud entities, such as the cloud carrier, the cloud broker and even the cloud auditor. This guide focuses primarily on the CSA details between the cloud customer and cloud provider.
 
The “Guide for Evaluating Cloud Service Agreements” section is the heart of the paper. It provides a prescriptive series of steps that cloud customers should take to evaluate CSAs in order to compare multiple cloud providers or to negotiate terms with a selected provider

The Practical Guide to Platform-as-a-Service was written to help enterprise information technology (IT) managers, business decision makers, application architects and application developers understand the Platform-as-a-Service (PaaS) cloud service category and how it can be used to solve business challenges rapidly and cost effectively.
 
This guide contains best practices for using PaaS in terms of architecture, development processes, integration, deployment and operation.
 
Differences between traditional application development and delivery and the appropriate techniques for PaaS platforms are highlighted, since in many cases the biggest gains for the enterprise result from the adoption of newer, more efficient, more rapid and less error-prone techniques for creating, testing and deploying applications.

The Practical Guide to Cloud Computing was written to help enterprise information technology (IT) and business decision makers adopt cloud computing to solve business challenges.
 
This guide will help you evaluate the cloud computing market from the point of view of your organization’s needs and contains information that is helpful in selecting a cloud architecture and an implementation approach through the use of in-house staff, cloud vendor(s) or both.
 
The “Roadmap for Cloud Computing” section is the heart of this guide, outlining 10 steps that should be taken to ensure a successful cloud deployment. The Roadmap covers strategic and tactical activities for decision makers implementing cloud solutions and offers specific guidance to decision makers on the selection of cloud service and deployment models.

The objective of this guide is to define and position the cloud technologies that can be used to deploy cloud-based applications and services, and clarify how they differ in their implementation and use. There are many options available (bare metal, VMs, containers, serverless, and more), and there is no right or wrong choice. Many organizations will need to implement more than one option. Accordingly, selecting the best option to support workloads while controlling complexity can be a daunting task.
 
This practical guide will help developers, architects, and IT leaders make informed decisions and select the best technology for their specific needs. These technologies span storage, network, and compute services – this Practical Guide focuses on compute options.
 

The objective of this Guide is to help cloud adopters put in place the framework, policies, roles and responsibilities required to ensure success.
 
A governance program is necessary in most business and IT initiatives to ensure smooth operations, and is proven to improve results; with cloud computing, the presence of critical external providers makes it even more vital to establish good governance.
 
The Guide is organized in seven steps:

• Understand cloud governance
• Benchmark
• Establish a framework
• Align corporate governance and cloud governance
• Establish a cloud governance program
• Establish governance measures and metrics
• Sustainsuccess