Cloud computing

Network as a Service (NaaS) is one of the representative cloud service categories, in which the capability provided to the cloud service customer (CSC) is transport connectivity and related network capabilities. NaaS services can provide any of three cloud capabilities as: NaaS application service, NaaS platform service and NaaS connectivity service. All the three kinds of NaaS service face particular security challenges such as application security vulnerabilities, security risks of network virtualization, eavesdropping, etc. Recommendation ITU-T X.SRNaaS analyses the security challenges and security requirements of NaaS application, NaaS platform and NaaS connectivity. This Recommendation could help NaaS service providers to address on the security issues. The capabilities provided by this Recommendation will take into account the national legal and regulatory obligations in individual Member States in which the NaaS services operate.The methodology of this proposal would follow the recommendations of clause 10 in Recommendation ITU-T X.1601.

Infrastructure as a Service (IaaS) is one of the representative categories of cloud services, in which the cloud capabilities service provided to the CSC is an infrastructure capabilities type. IaaS environments and virtualized services are facing more challenges and threats than traditional information technology infrastructure and application. Platforms that share computing, storage, and network services need protections specific to the threats in the IaaS environment. If these threats are not carefully addressed, it will have very negative impact on the development of IaaS services.Recommendation ITU- X.SRIaaS aims to document the security requirements of public IaaS. This will be helpful for IaaS CSPs to improve the overall security level throughout the planning, constructing and operating stages of IaaS platform and services. This work also complements the security standardization activity related to Software Defined Networks

Recommendation ITUT X.SRCaaS recommends the security requirements of communication as a service (CaaS) application environments with the identification of the risks. The Recommendation describes the scenarios and the features of CaaS, into which multicommunication capabilities are plugged. Moreover, some special /unique risks are identified, which are caused by the unique features of CaaS. The corresponding security requirements are recommended for the following aspects: Identity fraud, orchestration security, multi devices security, countering spam, privacy protection, infrastructure attack, attack from infrastructure, Intranet attack and so on. The Recommendation refers to the common security requirements of Recommendation ITUT X.1602 to avoid duplicated work. These measures in the requirements take into account the national legal and regulatory obligations in individual member states in which the platforms operate. The work applies the methodology standardized in clause 10 of Recommendation ITU-T X.1601.

Recommendation X.1643 analyses security threats and challenges on virtualization container in cloud computing environment and specifies a reference framework with security guidelines for virtualization container in cloud.

This document provides terms and definitions for vocabulary used in the field of cloud computing.

Cloud Customer Architecture for Hybrid Integration introduces a core reference architecture and key concepts for hybrid integration in the enterprise.
 
IT environments are now fundamentally hybrid in nature – devices, systems, and people are spread across the globe, and at the same time virtualized. Achieving integration across this ever-changing environment is a significant challenge. This paper explores common architecture patterns seen in enterprises tackling this issue.
 
Hybrid integration can be looked at from many perspectives including application, data, and infrastructure. This whitepaper positions hybrid integration from an application perspective, and presents the reference architecture as a seamless integration from cloud to on-premises for events, APIs, and data.

Cloud Customer Architecture for IoT is a reference architecture for supporting the Internet of Things (IoT) using cloud computing.
 
IoT is one of the most exciting and most dynamic areas of IT at the present time. IoT involves the linking of physical entities (“things”) with IT systems that derive information about or from those things which can be used to drive a wide variety of applications and services.
 
The cloud components of the IoT reference architecture are positioned within a three-tier architecture pattern comprising edge, platform, and enterprise tiers. The cloud components, subcomponents, and relationships are discussed in detail. Considerations are discussed for meeting scale, safety, reliability, and privacy requirements.

Cloud Customer Architecture for Mobile describes vendor-neutral best practices for hosting the services and components required to support mobile apps using cloud computing.
 
The architectural elements described in this paper are needed to instantiate mobile hosting environments using a private, a public, or a hybrid cloud deployment model.
 
Cloud capabilities support the lifecycle of mobile applications that are deployed to employee or customer devices and provide managed access to back-end business applications and enterprise data sources. These solutions allow companies to leverage emerging mobile technologies to reinvent relationships by engaging users anywhere and anytime the context is relevant.
 
This guide describes common architectures proven successful in numerous enterprise deployments of mobile apps.

Cloud Customer Architecture for Securing Workloads on Cloud Services was written as practical reference to help IT architects and IT security professionals architect, install, and operate the information security components of solutions built using cloud services.
 
Many cloud services are now available covering infrastructure, platform and application capabilities. Building business solutions using these cloud services requires a clear understanding of the available security services, components and options, allied to a clear architecture which provides for the complete lifecycle of the solutions, covering development, deployment and operations.
 
This whitepaper introduces best practices for architecting the security of cloud service solutions.

Cloud Customer Architecture for Web Application Hosting describes vendor-neutral best practices for hosting web applications using cloud computing. The architectural elements described in this paper are needed to instantiate a web application hosting environment using private, public, or hybrid cloud deployment models.
&nbso;
Cloud computing and cloud services are often considered for both existing and new web application hosting environments. This is in part driven by the frequency that web applications are required. It also occurs because cloud elasticity and scalability naturally lends itself to the needs of a web application hosting environment.
&nbso;
This reference architecture provides a detailed view of the components, subcomponents and relationships in a cloud-based web application hosting architecture.

The Practical Guide to Hybrid Cloud Computing was written to help enterprise information technology (IT) managers, business decision makers, application architects and application developers understand the hybrid cloud computing deployment model and how it can be used to solve business challenges rapidly and cost effectively.
 
Hybrid cloud enables cloud service customers to leverage the wide ranging capabilities of public cloud service providers while using private cloud deployment for more sensitive applications and data.
 
This guide details strategic and tactical activities for decision makers - covering all the essential technical considerations for hybrid cloud deployment including integration, connectivity, governance, management, security and privacy.

The objective of this Guide is to help cloud adopters put in place the framework, policies, roles and responsibilities required to ensure success.
 
A governance program is necessary in most business and IT initiatives to ensure smooth operations, and is proven to improve results; with cloud computing, the presence of critical external providers makes it even more vital to establish good governance.
 
The Guide is organized in seven steps:

• Understand cloud governance
• Benchmark
• Establish a framework
• Align corporate governance and cloud governance
• Establish a cloud governance program
• Establish governance measures and metrics
• Sustainsuccess