Cloud computing

Recommendation ITU-T Y.3514 specifies a framework of trusted inter-cloud computing and relevant use cases. It provides general requirements for trusted inter-cloud and specific ones related to governance, management, resiliency, security and confidentiality of trusted inter-cloud.
 
Corrigendum 1 replaces the definition of dependability.

Recommendation ITU-T Y.3522 provides an overview of end-to-end (E2E) cloud service lifecycle management by specifying cloud service lifecycle metadata, the cloud service lifecycle management framework, cloud service lifecycle management stages and the relationship with cloud computing reference architecture. This Recommendation also provides E2E cloud service lifecycle management functional requirements derived from the corresponding typical use cases.

Recommendation ITU-T X.1601 describes the security framework for cloud computing. The Recommendation analyses security threats and challenges in the cloud computing environment, and describes security capabilities that could mitigate these threats and address security challenges. A framework methodology is provided for determining which of these security capabilities will require specification for mitigating security threats and addressing security challenges for cloud computing. Appendix I provides a mapping table on how a particular security threat or challenge is addressed by one or more corresponding security capabilities.

Recommendation ITU-T X.1641 provides generic security guidelines for the cloud service customer (CSC) data in cloud computing. It analyses the CSC data security lifecycle and proposes security requirements at each stage of the data lifecycle. Furthermore, Recommendation ITU-T X.1641 provides guidelines on when each control should be used for best security practice.

Recommendation ITU-T X.1642 provides generic operational security guidelines for cloud computing from the perspective of cloud service providers (CSPs). It analyses the security requirements and metrics for the operation of cloud computing. A set of security measures and detailed security activities for the daily operation and maintenance are provided to help CSPs mitigate security risks and address security challenges for the operation of cloud computing.

This document defines a simplified profile of the TOSCA version 1.0 specification in a YAML rendering which is intended to simplify the authoring of TOSCA service templates. This profile defines a less verbose and more human-readable YAML rendering, reduced level of indirection between different modeling artifacts as well as the assumption of a base type system.
 
The TOSCA Simple Profile in YAML specifies a rendering of TOSCA which aims to provide a more accessible syntax as well as a more concise and incremental expressiveness of the TOSCA DSL in order to minimize the learning curve and speed the adoption of the use of TOSCA to portably describe cloud applications.
 
This proposal describes a YAML rendering for TOSCA. YAML is a human friendly data serialization standard (http://yaml.org/) with a syntax much easier to read and edit than XML. As there are a number of DSLs encoded in YAML, a YAML encoding of the TOSCA DSL makes TOSCA more accessible by these communities.
 
This proposal prescribes an isomorphic rendering in YAML of a subset of the TOSCA v1.0 XML specification ensuring that TOSCA semantics are preserved and can be transformed from XML to YAML or from YAML to XML. Additionally, in order to streamline the expression of TOSCA semantics, the YAML rendering is sought to be more concise and compact through the use of the YAML syntax.

This document defines the artifacts and APIs that need to be offered by a Platform as a Service (PaaS) cloud to manage the building, running, administration, monitoring and patching of applications in the cloud. Its purpose is to enable interoperability among self-service interfaces to PaaS clouds by defining artifacts and formats that can be used with any conforming cloud and enable independent vendors to create tools and services that interact with any conforming cloud using the defined interfaces. Cloud vendors can use these interfaces to develop new PaaS offerings that will interact with independently developed tools and components.
 
This document defines the artifacts and APIs that need to be offered by a Platform as a Service (PaaS) cloud to manage the building, running, administration, monitoring and patching of applications in the cloud. Its purpose is to enable interoperability among self-service interfaces to PaaS clouds by defining artifacts and formats that can be used with any conforming cloud and enable independent vendors to create tools and services that interact with any conforming cloud using the defined interfaces. Cloud vendors can use these interfaces to develop new PaaS offerings that will interact with independently developed tools and components.
 
The following is a non-exhaustive list of the use cases which are supported by this specification.

• Building and packaging an application in a local Application Development Environment (ADE)
• Building an application in an ADE running in the cloud
• Importing a Platform Deployment Package into the cloud
• Uploading application artifacts into the cloud
• Run, stop, suspend, snapshot, and patch an application

Work to build confidence and security in the use of information and communication technologies (ICTs) continues to intensify in a bid to facilitate more secure network infrastructure, services and applications. Over 170 standards (ITU-T Recommendations and Supplements) focusing on security have been published.
 
ITU-T Study Group 17 (SG17) coordinates security-related work across all ITU-T Study Groups. Often working in cooperation with other standards development organizations (SDOs) and various ICT industry consortia, SG17 deals with a broad range of standardization issues.
 
To give a few examples, SG17 is currently working on cybersecurity; security management; security architectures and frameworks; countering spam; identity management; the protection of personally identifiable information; and the security of applications and services for the Internet of Things (IoT), smart grid, smartphones, software defined networking (SDN), web services, big data analytics, social networks, cloud computing, mobile financial systems, IPTV and telebiometrics.
 
One key reference for security standards in use today is Recommendation ITU-T X.509 for electronic authentication over public networks. ITU-T X.509, a cornerstone in designing applications relating to public key infrastructure (PKI), is used in a wide range of applications; from securing the connection between a browser and a server on the web, to providing digital signatures that enable e-commerce transactions to be conducted with the same confidence as in a traditional system. Without wide acceptance of the standard, the rise of e-business would have been impossible.
 
Cybersecurity remains high on SG17's agenda. Additionally, SG17 is coordinating security standardization work covering combating counterfeit and mobile device theft, IMT-2020, cloud based event data technology, e-health, open identity trust framework, Radio Frequency Identification (RFID), and Child Online Protection.

Standardization in the areas of Cloud Computing and Distributed Platforms including:

• Foundational concepts and technologies,
• Operational issues, and
• Interactions among Cloud Computing systems and with other distributed systems

SC 38 serves as the focus, proponent, and systems integration entity on Cloud Computing, Distributed Platforms, and the application of these technologies. SC 38 provides guidance to JTC 1, IEC, ISO and other entities developing standards in these areas.

Engineering Committee TR-42 develops and maintains voluntary telecommunications standards for telecommunications cabling infrastructure in user-owned buildings, such as commercial buildings, residential buildings, homes, data centers, industrial buildings, etc. The generic cabling topologies, design, distances and outlet configurations as well as specifics for these locations are addressed. The committee’s standards work covers requirements for copper and optical fiber cabling components (such as cables, connectors and cable assemblies), installation, and field testing in addition to the administration, pathways and spaces to support the cabling.