Cloud computing

Cloud Security Standards: What to Expect and What to Negotiate is a guide to security standards, frameworks, and certifications that exist for cloud computing. This guide will help you assess the security standards support of cloud service providers.
 
As customers transition their applications and data to use cloud computing, it is important that the level of security provided in the cloud environment is equal to or better than the security provided by their traditional IT environment. Cloud security standards and their support by prospective cloud service providers and within the enterprise is a critical area of focus for cloud service customers.
 
The landscape has matured with new cloud-specific security standards, like ISO/IEC 27017 and ISO/IEC 27018 for cloud computing security and privacy, being adopted.

Cloud Customer Architecture for Securing Workloads on Cloud Services was written as practical reference to help IT architects and IT security professionals architect, install, and operate the information security components of solutions built using cloud services.
 
Many cloud services are now available covering infrastructure, platform and application capabilities. Building business solutions using these cloud services requires a clear understanding of the available security services, components and options, allied to a clear architecture which provides for the complete lifecycle of the solutions, covering development, deployment and operations.
 
This paper introduces best practices for architecting the security of cloud service solutions.

As data is increasingly accessed and shared across geographic boundaries, a growing web of conflicting laws and regulations dictate where data can be transferred, stored, and shared, and how it is protected. The Object Management Group® (OMG®) and the Cloud Standards Customer Council™ (CSCC™) completed a significant effort to analyze and document the challenges posed by data residency.
 
This discussion paper defines data residency as:
 
“...the set of issues and practices related to the location of data and metadata, the movement of (meta)data across geographies and jurisdictions, and the protection of that (meta)data against unintended access and other location-related risks.”
 
This paper covers issues and risks, laws and regulations, applicable and related standards.

The aim of this guide is to provide a practical reference to assist enterprise Information Technology (IT) managers and business decision makers with best practices for developing and growing a “cloud-enabled” next generation IT workforce.
 
Cloud computing and related technologies like blockchain, data science, and AI are transforming the nature of IT, resulting in skill shortages in some domains and staffing surpluses in others. Demand is increasing for cloud-knowledgeable solution IT architects, operations staff, and DevSecOps teams to apply cloud services and related technologies to these challenges for increased agility and efficiency.
 
Now that cloud computing is a mainstream initiative within most enterprises and large organizations, it is an opportune time to embrace training and knowledge-sharing.
 
This paper outlines:

• the business reasons for developing a skilled cloud-enabled workforce
• a strategic framework for meeting today's and tomorrow's skill needs
• best practices for cloud skills training, employee development and career growth
• a survey of available cloud training and certification programs

Cloud Customer Architecture for Big Data and Analytics describes the architectural elements and cloud components needed to build out big data and analytics solutions.
 
Big data analytics and cloud computing are a top priority for CIOs. Harnessing the value and power of big data and cloud computing can give your company a competitive advantage, spark new innovations, and increase revenue. Many companies are experimenting and iterating with different cloud configurations as a way to understand and refine requirements for their big data analytics solutions without upfront capital investment.
 
This paper includes proven architecture patterns that have been deployed in successful enterprise projects and a description of capabilities offered by cloud providers.

Hybrid Cloud Considerations for Big Data and Analytics is a companion guide to the CSCC's Cloud Customer Architecture for Big Data and Analytics.
 
Today, the majority of big data and analytics use cases are running on hybrid cloud computing infrastructure. A hybrid cloud is a combination of on-premises and local cloud resources integrated with one or more dedicated cloud(s) and one or more public cloud(s), allowing for increased scalability and computational power for big data and analytics capabilities.
 
This whitepaper summarizes what hybrid cloud is, explains why it is important in the context of big data and analytics, and discusses implementation considerations

Blockchain technology has the potential to have a major impact on how institutions process transactions and conduct business.
 
Blockchain technology provides a secure transaction ledger database through a decentralized network. It has the potential to reduce operational costs and friction, create transaction records that are secure and immutable, enable transparent ledgers with nearly instant updates, and open up new opportunities for growth.
 
This whitepaper introduces basic blockchain concepts that define a standard reference architecture that can be used in creating blockchain applications.
 
Sections of the paper include:

• Blockchain fundamentals
• Key characteristics of a blockchain network
• Blockchain reference architecture capabilities
• An example supply chain scenario using the Hyperledger Fabric blockchain implementation
• Cloud deployment considerations
• Specific examples of blockchain applications

The TOSCA Simple Profile in YAML specifies a rendering of TOSCA which aims to provide a more accessible syntax as well as a more concise and incremental expressiveness of the TOSCA DSL in order to minimize the learning curve and speed the adoption of the use of TOSCA to portably describe cloud applications.
 
This proposal describes a YAML rendering for TOSCA. YAML is a human friendly data serialization standard (http://yaml.org/) with a syntax much easier to read and edit than XML. As there are a number of DSLs encoded in YAML, a YAML encoding of the TOSCA DSL makes TOSCA more accessible by these communities.
 
This proposal prescribes an isomorphic rendering in YAML of a subset of the TOSCA v1.0 XML specification ensuring that TOSCA semantics are preserved and can be transformed from XML to YAML or from YAML to XML. Additionally, in order to streamline the expression of TOSCA semantics, the YAML rendering is sought to be more concise and compact through the use of the YAML syntax.

The CSA Open Certification WG is an industry initiative to allow global, accredited, trusted certification of cloud providers. It is a program for flexible, incremental and multi-layered cloud provider certification according to the CSA’s industry leading security guidance and control objectives. The program will integrate with popular third-party assessment and attestation statements developed within the public accounting community to avoid duplication of effort and cost.

Blockchain technology has the potential to have a major impact on how institutions process transactions and conduct business.
 
Blockchain technology provides a secure transaction ledger database through a decentralized network. It has the potential to reduce operational costs and friction, create transaction records that are secure and immutable, enable transparent ledgers with nearly instant updates, and open up new opportunities for growth.
 
This whitepaper introduces basic blockchain concepts that define a standard reference architecture that can be used in creating blockchain applications.
 
Sections of the paper include:

• Blockchain fundamentals
• Key characteristics of a blockchain network
• Blockchain reference architecture capabilities
• An example supply chain scenario using the Hyperledger Fabric blockchain implementation
• Cloud deployment considerations
• Specific examples of blockchain applications

ISO/IEC 18384-3 defines a formal ontology for service-oriented architecture (SOA), an architectural style that supports service orientation. The terms defined in this ontology are key terms from the vocabulary in ISO/IEC 18384-1.

ISO/IEC 19086-1 seeks to establish a set of common cloud SLA building blocks (concepts, terms, definitions, contexts) that can be used to create cloud Service Level Agreements (SLAs).
This document specifies
a) an overview of cloud SLAs,
b) identification of the relationship between the cloud service agreement and the cloud SLA,
c) concepts that can be used to build cloud SLAs, and
d) terms commonly used in cloud SLAs.
ISO/IEC 19086-1 is for the benefit and use of both cloud service providers and cloud service customers. The aim is to avoid confusion and facilitate a common understanding between cloud service providers and cloud service customers. Cloud service agreements and their associated cloud SLAs vary between cloud service providers, and in some cases different cloud service customers can negotiate different contract terms with the same cloud service provider for the same cloud service. This document aims to assist cloud service customers when they compare cloud services from different cloud service providers.
ISO/IEC 19086-1 does not provide a standard structure that can be used for a cloud SLA or a standard set of cloud service level objectives (SLOs) and cloud service qualitative objectives (SQOs) that will apply to all cloud services or all cloud service providers. This approach provides flexibility for cloud service providers in tailoring their cloud SLAs to the particular characteristics of the offered cloud services.
ISO/IEC 19086-1 does not supersede any legal requirement