ISO/IEC 18384-1:2016 establishes vocabulary, guidelines, and general technical principles underlying service oriented architecture (SOA), including principles relating to functional design, performance, development, deployment, and management.
ISO/IEC 17789:2014 specifies the cloud computing reference architecture (CCRA). The reference architecture includes the cloud computing roles, cloud computing activities, and the cloud computing functional components and their relationships.
ISO/IEC 17788:2014 provides an overview of cloud computing along with a set of terms and definitions. It is a terminology foundation for cloud computing standards.
ISO/IEC 17788:2014 is applicable to all types of organizations (e.g., commercial enterprises, government agencies, not-for-profit organizations).
As Industrial Control Systems (ICS) advance to the Internet of Things, ICS is connecting to the cloud, and the risk of cyber-attacks is increasing more than ever before. Noteworthy advanced cyber-attacks have occurred in recent years. On the other hand, asset owners understand cyber risks to connect ICS to external networks including cloud, but there are challenges to mitigate cyber risks due to system specifications differences between information systems and ICS. The ICS Security Working Group (WG) aims to develop security guidance to encourage asset owners and device manufacturers worldwide towards adopting best practices to secure ICS.
The Health Information Management Working Group aims to provide direct influence on how health information service providers deliver secure cloud solutions (services, transport, applications and storage) to their clients, and foster cloud awareness within all aspects of healthcare and related industries.
The Financial Services Stakeholders Platform main objective is to identify and share the challenges, risks and best practices for the development, deployment and management of secure cloud services in the financial services industry.
The Cloud Key Management Working Group aims to facilitate the standards for seamless integration between CSPs and key broker services. Standardization will take place across key management lifecycle operations and a common set of APIs, enabling consistent implementation of enterprise key policies. Customer-centric in principle, the goal will be for data stored or traversing the cloud and requiring encryption the corresponding encryption keys will be protected and their lifecycle managed by the customer. The purpose of the Cloud Key Management Working Group is to align cloud key management interoperability standards across service providers, maintain and develop API and key interoperability specifications, develop business model templates and specifications for standardized key interoperability, promote the adoption of key management standards and key brokering interoperability, and provide well documented guidelines and a standard approach to vendors to ensure seamless interoperability and compliance to those guidelines/standards.
ISO/IEC 18384-3:2016 defines a formal ontology for service-oriented architecture (SOA), an architectural style that supports service orientation. The terms defined in this ontology are key terms from the vocabulary in ISO/IEC 18384-1.
ISO/IEC 19086-1:2016 seeks to establish a set of common cloud SLA building blocks (concepts, terms, definitions, contexts) that can be used to create cloud Service Level Agreements (SLAs).
This document specifies
a) an overview of cloud SLAs,
b) identification of the relationship between the cloud service agreement and the cloud SLA,
c) concepts that can be used to build cloud SLAs, and
d) terms commonly used in cloud SLAs.
The present document presents an architectural description of the compute (& storage) domain of the infrastructure which supports virtualised network functions (VNFs). The compute domain includes the network & I/O interfaces required to interface to the infrastructure network and the storage network, if any.
It sets out the scope of the infrastructure domain acknowledging the potential for overlap between infrastructure domains, and between the infrastructure and the virtualised network functions. It also sets out the nature of interfaces needed between infrastructure domains and within the compute domain.
The present document does not provide any detailed specification but makes reference to specifications developed by other bodies and to potential specifications, which, in the opinion of the NFV ISG could be usefully developed by an appropriate Standards Developing Organisation (SDO).
The present document presents an overview of the architecture of the NFV Infrastructure (NFVI) which supports deployment and execution of Virtualised Network Functions (VNFs).
As well as presenting a general overview description of the NFV Infrastructure, the present document sets the NFV infrastructure and all the documents which describe it in the context of all the documents of the NFV. It also describes how the documents which describe the NFV infrastructure relate to each other.
The present document does not provide any detailed specification but makes reference to specifications developed by other bodies and to potential specifications, which, in the opinion of the NFV ISG could be usefully developed by an appropriate Standards Developing Organisation (SDO).
The overall objectives of the ISG NFV were set out in the white paper "Network Function Virtualization", issue 1, 2012 (http://portal.etsi.org/NFV/NFV_White_Paper.pdf) that led to the founding of the ISG and updated in the white paper update "Network Function Virtualization - Update White Paper", issue 2, 2013 (http://portal.etsi.org/NFV/NFV_White_Paper2.pdf).
This document describes a framework of trust for the processing of multi-sourced data that includes data use obligations and controls, data provenance, chain of custody, security and immutable proof of compliance as elements of the framework.
