ISO/IEC 17789 specifies the cloud computing reference architecture (CCRA). The reference architecture includes the cloud computing roles, cloud computing activities, and the cloud computing functional components and their relationships.
ISO/IEC 18384-1 establishes vocabulary, guidelines, and general technical principles underlying service oriented architecture (SOA), including principles relating to functional design, performance, development, deployment, and management.
This part of ISO/IEC 18033 is general in nature, and provides definitions that apply in subsequent parts of this International Standard. The nature of encryption is introduced, and certain general aspects of its use and properties are described. The criteria used to select the algorithms specified in subsequent parts of this International Standard are defined in Annexes A and B.
ISO/IEC 18033-2:2006 specifies encryption systems (ciphers) for the purpose of data confidentiality.
This part of ISO/IEC 18033 specifies block ciphers. A block cipher maps blocks of n bits to blocks of n bits, under the control of a key of k bits. A total of seven different block ciphers are defined.
This part of ISO/IEC 18033 specifies identity-based encryption mechanisms. For each mechanism the functional interface, the precise operation of the mechanism, and the ciphertext format are specified. However, conforming systems may use alternative formats for storing and transmitting ciphertexts.
This International Standard is a companion document to the evaluation criteria for IT security defined in ISO/IEC 15408. It defines the minimum actions to be performed by an evaluator in order to conduct an ISO/IEC 15408 evaluation, using the criteria and evaluation evidence defined in ISO/IEC 15408.
This document specifies security and protection of personally identifiable information components, SLOs and SQOs for cloud service level agreements (cloud SLA) including requirements and guidance.
My fellowship addresses three critical gaps in the European AI standardization landscape: The first gap concerns the harmonisation of Documentation Development, as there is an urgent need for technical documentation (Annex ZA, HAS checklists) to connect developing standards with AI Act requirements following the M/593 request. Without this work, standards risk delayed OJEU citation, creating regulatory uncertainty. I've worked on developing preliminary harmonization documents for JT021008 (Trustworthiness), JT021039 (QMS), and JT021024 (Risk Management). The second gap is related to cross-Standard Technical Coherence. As multiple AI standards are developed simultaneously, it creates potential inconsistencies in terminology, requirements, and implementation approaches. I've created mapping documents highlighting interconnections between standards, particularly focusing on how QMS requirements interface with other M/593 standards, to ensure a coherent framework. The third gap focuses on the alignment with EU AI Act Articles, as technical specifications in draft standards must precisely align with AI Act articles to support regulatory compliance. I have contributed targeted technical refinements to clauses 6.4 (transparency) and 6.5 (human oversight) in the Trustworthiness Framework to strengthen alignment with Articles 13 and 14 of the AI Act.
I addressed priorities and gaps on three specific AI areas, including:
