Cloud computing: From paradigm to operation
Foreword
Introduction
Table of Contents
1. Framework and requirements for cloud computing
Information technology – Cloud computing – Overview and vocabulary
1 Scope
2 Normative references
2.1 Identical Recommendations | International Standards
2.2 Paired Recommendations | International Standards
2.3 Additional references
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation | International Standard
4 Abbreviations
5 Conventions
6 Cloud computing overview
6.1 General
6.2 Key characteristics
6.3 Cloud computing roles and activities
6.4 Cloud capabilities types and cloud service categories
6.5 Cloud deployment models
6.6 Cloud computing cross cutting aspects
Annex A Cloud service categories
Bibliography
Cloud computing – Framework and high-level requirements
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 General requirements for cloud computing
7 General requirements for IaaS
8 General requirements for NaaS
9 General requirements for DaaS
10 General requirements for PaaS
11 General requirements for CaaS
12 General requirements for BDaaS
13 General requirements for inter-cloud computing
14 General requirements for end-to-end cloud resource management
15 General requirements for cloud infrastructure
16 General requirements for trusted cloud services
17 Security considerations
Appendix I Use cases of cloud computing
I.1 Generic use case
I.2 IaaS general use case
I.3 NaaS general use case
I.4 DaaS general use case
I.5 PaaS general use case
I.6 CaaS general use case
I.7 BDaaS general use case
I.8 Inter-cloud computing use case
I.9 End-to-end cloud resource management use case
I.10 Cloud infrastructure use case
I.11 Trusted cloud service use case
Appendix II Methodology and edition plan of this Recommendation
Information technology – Cloud computing – Reference architecture
1 Scope
2 Normative references
2.1 Identical Recommendations | International Standards
2.2 Additional references
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation | International Standard
4 Abbreviations
5 Conventions
6 Cloud computing reference architecture goals and objectives
7 Reference architecture concepts
7.1 CCRA architectural views
7.2 User view of cloud computing
7.2.1 Cloud computing activities
7.2.2 Roles and sub-roles
7.2.3 Parties
7.2.4 Cloud services
7.2.5 Cloud deployment models
7.2.6 Cross-cutting aspects
7.3 Functional view of cloud computing
7.3.1 Functional components
7.3.2 Functional layers
7.3.3 Multi-layer functions
7.4 Relationship between the user view and the functional view
7.5 Relationship of the user view and functional view to cross-cutting aspects
7.6 Implementation view of cloud computing
7.7 Deployment view of cloud computing
8 User view
8.1 Introduction to roles, sub-roles and cloud computing activities
8.2 Cloud service customer
8.2.1 Role
8.2.1.1 CSC:cloud service user
8.2.1.2 CSC:cloud service administrator
8.2.1.3 CSC:cloud service business manager
8.2.1.4 CSC:cloud service integrator
8.2.2 Cloud computing activities
8.2.2.1 Use cloud service
8.2.2.2 Perform service trial
8.2.2.3 Monitor service
8.2.2.4 Administer service security
8.2.2.5 Provide billing and usage reports
8.2.2.6 Handle problem reports
8.2.2.7 Administer tenancies
8.2.2.8 Perform business administration
8.2.2.9 Select and purchase service
8.2.2.10 Request audit report
8.2.2.11 Connect ICT systems to cloud services
8.3 Cloud service provider
8.3.1 Role
8.3.1.1 CSP:cloud service operations manager
8.3.1.2 CSP:cloud service deployment manager
8.3.1.3 CSP:cloud service manager
8.3.1.4 CSP:cloud service business manager
8.3.1.5 CSP:customer support and care representative
8.3.1.6 CSP:inter-cloud provider
8.3.1.7 CSP:cloud service security and risk manager
8.3.1.8 CSP:network provider
8.3.2 Cloud computing activities
8.3.2.1 Prepare systems
8.3.2.2 Monitor and administer services
8.3.2.3 Manage assets and inventory
8.3.2.4 Provide audit data
8.3.2.5 Define environment and processes
8.3.2.6 Define and gather metrics
8.3.2.7 Define deployment steps
8.3.2.8 Provide services
8.3.2.9 Deploy and provision services
8.3.2.10 Perform service level management
8.3.2.11 Manage business plan
8.3.2.12 Manage customer relationships
8.3.2.13 Manage financial processing
8.3.2.14 Handle customer requests
8.3.2.15 Manage peer cloud services
8.3.2.16 Perform peering, federation, intermediation, aggregation and arbitrage
8.3.2.17 Manage security and risks
8.3.2.18 Design and implement service continuity
8.3.2.19 Ensure compliance
8.3.2.20 Provide network connectivity
8.3.2.21 Deliver network services
8.3.2.22 Provide network management services
8.4 Cloud service partner
8.4.1 Role
8.4.1.1 Cloud service developer
8.4.1.2 Cloud auditor
8.4.1.3 Cloud service broker
8.4.2 Cloud computing activities
8.4.2.1 Design, create and maintain service components
8.4.2.2 Compose services
8.4.2.3 Test services
8.4.2.4 Perform audit
8.4.2.5 Report audit results
8.4.2.6 Acquire and assess customers
8.4.2.7 Assess marketplace
8.4.2.8 Set up legal agreement
8.5 Cross-cutting aspects
8.5.1 General
8.5.2 Auditability
8.5.3 Availability
8.5.4 Governance
8.5.5 Interoperability
8.5.6 Maintenance and versioning
8.5.7 Performance
8.5.8 Portability
8.5.9 Protection of personally identifiable information (PII)
8.5.10 Resiliency
8.5.11 Reversibility
8.5.12 Security
8.5.12.1 General
8.5.12.2 Distribution of security responsibilities
8.5.12.3 Cloud service category perspectives
8.5.12.4 Implications of cloud deployment models
8.5.12.5 Data protection strategy and responsibility
8.5.13 Service levels and service level agreements
9 Functional view
9.1 Functional architecture
9.1.1 Layering framework
9.1.1.1 User layer
9.1.1.2 Access layer
9.1.1.3 Service layer
9.1.1.4 Resource layer
9.1.1.5 Multi-layer functions
9.2 Functional components
9.2.1 User layer functional components
9.2.1.1 User function
9.2.1.2 Business function
9.2.1.3 Administrator function
9.2.2 Access layer functional components
9.2.2.1 Access control
9.2.2.2 Service access
9.2.2.3 Business access
9.2.2.4 Administration access
9.2.2.5 Development access
9.2.2.6 Connection management
9.2.3 Services layer functional components
9.2.3.1 Service capabilities
9.2.3.2 Business capabilities
9.2.3.3 Administration capabilities
9.2.3.4 Service orchestration
9.2.4 Resource layer functional components
9.2.4.1 Resource abstraction and control
9.2.4.2 Physical resources
9.2.5 Multi-layer functions
9.2.5.1 Integration functional components
9.2.5.1.1 Security integration
9.2.5.1.2 Monitoring integration
9.2.5.1.3 Service integration
9.2.5.1.4 Peer service integration
9.2.5.2 Security systems functional components
9.2.5.2.1 Authentication and identity management
9.2.5.2.2 Authorization and security policy management
9.2.5.2.3 Encryption management
9.2.5.3 Operational support systems functional components
9.2.5.3.1 Service catalogue
9.2.5.3.2 Provisioning
9.2.5.3.3 Monitoring and reporting
9.2.5.3.4 Service policy management
9.2.5.3.5 Service automation
9.2.5.3.6 Service level management
9.2.5.3.7 Incident and problem management
9.2.5.3.8 Platform and virtualization management
9.2.5.3.9 Peer service management
9.2.5.4 Business support systems components
9.2.5.4.1 Product catalogue
9.2.5.4.2 Account management
9.2.5.4.3 Subscription management
9.2.5.4.4 Billing
9.2.5.4.5 Accounts
9.2.5.5 Development support functional components
9.2.5.5.1 Developer environment
9.2.5.5.2 Build management
9.2.5.5.3 Test management
10 Relationship between the user view and the functional view
10.1 General
10.2 Overview
10.2.1 Service capabilities functional component
10.2.2 Common roles, activities and functional components
10.2.3 Multi-tenancy and isolation
Annex A Further details regarding the user view and functional view
A.1 The cloud service customer–cloud service provider relationship
A.1.1 Functional relationship
A.1.2 Business relationship
A.1.3 Administration relationship
A.2 The provider–peer provider (or "inter-cloud") relationship
A.3 The cloud service developer–cloud service provider relationship
A.4 The cloud service provider–Auditor relationship
A.4.1 Security audit
A.4.2 Privacy impact audit
A.4.3 Performance audit
Bibliography
Cloud computing – Overview and functional requirements for data storage federation
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview of data storage federation
6.1 Introduction to data storage federation
6.2 Benefits of data storage federation
6.3 Configuration of logical components for data storage federation
6.4 Ecosystem of data storage federation
6.4.1 DSF service customer
6.4.2 DSF service provider
6.4.2.1 Storage federation provider
6.4.2.2 Data manipulation provider
6.4.3 DSF local storage provider
7 Cloud computing based data storage federation system context
7.1 CSP:storage federation provider (CSP:SFP)
7.1.1 Provide virtual storage pool
7.1.2 Provide single virtual volume
7.1.3 Manage storage management metadata
7.1.4 Manage data storage policy
7.2 CSP:data manipulation provider (CSP:DMP)
7.2.1 Manipulate DSF data
7.2.2 Manage data operation metadata
7.2.3 Manage data manipulation policy
8 Functional requirements for data storage federation
8.1 Storage connection requirements
8.2 Data manipulation requirements
8.3 Storage federation requirements
8.4 Metadata and policy management requirements
9 Security considerations
Appendix I Use case of data storage federation
I.1 Storing a user file dispersedly
I.2 Data sharing between customers
I.3 Multiple storage types and access mechanisms for data access
I.4 Policy-driven provision and management of DSF local storage
I.5 Policy-driven provisioning and management of data
I.6 Data virtualization CSP:SFP
I.7 Efficient data storage management
I.8 The data read/write cache and parallel distributed file for performance enhancement
I.9 Data storage federation and management
I.10 A use case of storage optimization
I.11 The use case for data storage federation management
I.12 Registration of data storage for federation service
Appendix II Comparison analysis between cloud computing and data storage federation
Bibliography
Cloud computing – Functional requirements for cloud service brokerage
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview of cloud service brokerage
6.1 Introduction to cloud service broker
6.2 Introduction to cloud service brokerage
6.3 Service model of cloud service brokerage
6.4 Configuration of cloud service brokerage
6.4.1 Workspace
6.4.2 Product catalogue management
6.4.3 Contract management
6.4.4 Service access management
6.4.5 Service management
7 Functional requirements of cloud service brokerage
7.1 Functional requirements for workspace
7.2 Functional requirements for product catalogue management
7.3 Functional requirements for contract management
7.4 Functional requirements for cloud service access management
7.5 Functional requirements for cloud service management
8 Security considerations
Appendix I Use cases of cloud service brokerage
Appendix II Relationship between the logical components and the activities of cloud service broker for CSB
Bibliography
Cloud computing – Functional requirements of physical machine
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview of the physical machine
6.1 Introduction to the computing machine
6.2 Introduction to the physical machine
6.3 Types of physical machine
6.3.1 Single processing unit type
6.3.2 Multi-processing unit type
6.4 Virtualization in physical machines
6.4.1 CPU virtualization
6.4.2 Memory virtualization
6.4.3 I/O virtualization
6.5 Scalability of components in the physical machine
6.5.1 Scalability of the processing unit
6.5.2 Scalability of power supply
6.5.3 Scalability of cooling
7 Functional requirements for a physical machine
7.1 Component requirements
7.1.1 Processing unit requirements
7.1.1.1 CPU requirements
7.1.1.2 Memory requirements
7.1.1.3 Storage requirements
7.1.1.4 I/O device requirements
7.1.2 Power supply requirements
7.1.3 Cooling requirements
7.1.4 Enclosure requirements
7.1.5 Interconnect network requirements
7.1.6 Management component requirements
7.2 I/O interface requirements
7.3 Operation requirements
7.4 Scalability requirements
7.5 Security requirements
7.6 Reliability requirement
8 Security considerations
Appendix I Comparison between functional requirements and other specifications
I.1 Specifications and other SDOs
I.1.1 Open Compute Project
I.1.2 DMTF
I.1.3 SNIA
I.1.4 ETSI
I.2 Relationship with related specifications from other SDOs
Appendix II Use cases of the physical machine for cloud computing
Bibliography
Cloud computing – Overview and high-level requirements of distributed cloud
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview of distributed cloud
6.1 Concept of distributed cloud
6.2 Characteristics of distributed cloud
6.3 Configuration models of distributed cloud
6.4 Deployment considerations of distributed cloud
6.4.1 Infrastructure considerations of distributed cloud
6.4.2 Network considerations of distributed cloud
6.4.3 Service considerations of distributed cloud
6.4.4 Management considerations of distributed cloud
6.4.5 Security considerations of distributed cloud
7 High-level requirements for distributed cloud
7.1 Infrastructure requirements for distributed cloud
7.2 Network requirements for distributed cloud
7.3 Service requirements for distributed cloud
7.4 Management requirements for distributed cloud
7.5 Security requirements for distributed cloud
8 Security considerations related to ITU-T Recommendations
Appendix I General use cases for distributed cloud
I.1 Use case template
I.2 General use case
Appendix II Use cases for configuration of distributed cloud
II.1 Autonomous cloud service provisioning on distributed cloud
II.2 Customer-oriented cloud service provisioning on distributed cloud
II.3 Distributed cloud infrastructure and service management
II.4 Distributed cloud infrastructure and service provisioning
II.5 Hierarchical caching of cloud service images
II.6 High mobility support on distributed cloud
Appendix III A comparison of distributed cloud with related technology
Bibliography
Cloud computing infrastructure requirements
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview of cloud infrastructure
7 Requirements for processing resources
7.1 Physical machine requirements
7.2 Virtual machine requirements
7.2.1 CPU virtualization
7.2.2 Memory virtualization
7.2.3 Input/Output device virtualization
7.2.4 Network interface virtualization
7.2.5 Duplication of virtual machine
7.2.6 Dynamic migration of virtual machine
7.2.7 Static migration of virtual machine
7.2.8 Management automation
7.3 Software resources provisioning requirements
7.3.1 Automated provisioning and deployment
7.3.2 Unified software resource management
7.4 Time-sensitive services requirements
8 Requirements for networking resources
8.1 General requirements for networking resources
8.2 Access and core transport network
8.3 Intra-datacentre network
8.4 Inter-datacentre network
9 Requirements for storage resources
9.1 Storage space
9.2 Storage interface
9.3 Storage management
9.4 Storage availability
9.5 Data de-duplication
10 Requirements for resources abstraction and control
11 Support of emergency telecommunications
12 Security considerations
Appendix I Overview and reference model for storage in a cloud environment
I.1 Reference model for cloud storage
I.1.1 Infrastructure sub-layer
I.1.2 Presenting sub-layer
I.1.3 Access sub-layer
Appendix II Considerations on resource monitoring
II.1 Health monitoring
II.2 Performance monitoring
II.3 Capacity monitoring
II.4 Security and compliance monitoring
II.5 Monitoring and metering for charging and billing
II.6 Monitoring in support of cloud services
Appendix III Power management in cloud infrastructure
Appendix IV Considerations on supporting of ETS
Bibliography
Framework of inter-cloud computing
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Introduction
7 Patterns of inter-cloud
7.1 Inter-cloud peering
7.2 Inter-cloud federation
7.3 Inter-cloud intermediary
8 Overview of inter-cloud computing
8.1 Relationship between intra-cloud and inter-cloud handling of resources
8.2 Overview of inter-cloud federation
8.2.1 Introduction
8.2.2 Primary CSP and secondary CSP
8.2.3 Network connectivity
8.2.4 Interactions in the case of inter-cloud federation
8.3 Overview of inter-cloud intermediary
8.3.1 Introduction
8.3.2 Primary CSP and secondary CSP
8.3.3 Network connectivity
8.3.4 Interactions in the case of inter-cloud intermediary
9 Functional requirements for inter-cloud
9.1 SLA and policy negotiation
9.2 Resource monitoring
9.3 Resource performance estimation and selection
9.4 Resource discovery and reservation
9.5 Resource set-up and activation
9.6 Cloud services switchover and switchback
9.7 Resource release
9.8 CSC information exchange
9.9 Primary CSP role delegation
9.10 Inter-cloud service handling
10 Security considerations
Appendix I Use cases from the inter-cloud perspective
I.1 SLA mapping in intermediary pattern
I.2 Performance guarantee against an abrupt increase in load (offloading)
I.3 Performance guarantee regarding delay (optimization for user location)
I.4 Guaranteed availability in the event of a disaster or large-scale failure
I.5 Service continuity (in the case of service termination of the original CSP)
I.6 Market transactions in inter-cloud intermediary pattern
Appendix II Use cases from cloud service providers' views
II.1 Use case 1 – Cloud service rebranding
II.2 Use case 2 – Discovery
II.3 Use case 3 – Intermediary
II.4 Use case 4 – Platforming
II.5 Use case 5 – Offloading
II.6 Use case 6 – Virtual data centre expansion
II.7 Use case 7 – Distributed media
II.8 Use case 8 – Cloud storage expansion
II.9 Use case 9 – Service delivery platform components
Appendix III Abstract service offering models for inter-cloud computing
III.1 Service item expansion
III.2 Service operation enhancement
III.2.1 CSC-initiated operation and CSP-initiated operation
III.3 Consideration on network connectivity
Appendix IV Inter-cloud security aspects
Bibliography
Big data – Cloud computing based requirements and capabilities
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview of big data
6.1 Introduction to big data
6.2 Big data ecosystem
6.2.1 Data provider (DP)
6.2.1.1 Data supplier
6.2.1.2 Data broker
6.2.2 Big data service provider (BDSP)
6.2.3 Big data service customer (BDC)
6.3 Relationship between cloud computing and big data
7 Cloud computing based big data
7.1 Cloud computing based big data system context
7.1.1 CSN:data provider (CSN:DP)
7.1.1.1 Generate data activity
7.1.1.2 Publish data activity
7.1.1.3 Brokerage data activity
7.1.2 CSP: big data application provider (CSP:BDAP)
7.1.2.1 Visualize data activity
7.1.2.2 Analyse data activity
7.1.3 CSP:big data infrastructure provider (CSP:BDIP)
7.1.3.1 Perform data collection activity
7.1.3.2 Perform data storage activity
7.1.3.3 Provide data pre-processing activity
7.1.3.4 Provide data integration activity
7.1.3.5 Manage data protection activity
7.1.3.6 Manage data provenance activity
7.1.4 CSC:big data service user (CSC:BDSU)
7.1.4.1 Use big data service
7.2 Benefits of cloud computing based big data
8 Requirements of cloud computing based big data
8.1 Data collection requirements
8.2 Data pre-processing requirements
8.3 Data storage requirements
8.4 Data analysis requirements
8.5 Data visualization requirements
8.6 Data management requirements
8.7 Data security and protection requirements
9 Cloud computing based big data capabilities
9.1 Data collection capabilities
9.2 Data pre-processing capabilities
9.3 Data storage capabilities
9.4 Data analytics capabilities
9.5 Data visualization capabilities
9.6 Data management capabilities
9.7 Data security and protection capabilities
10 Security considerations
Appendix I Use cases of cloud computing in support of big data
Appendix II Use cases of cloud computing based big data as analysis services
Appendix III Mapping of big data ecosystem roles into user view of ITU-T Y.3502
Bibliography
Big data standardization roadmap
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Supplement
4 Abbreviations and acronyms
5 Conventions
6 Landscape of big data from an ITU-T perspective
6.1 Characteristics and general concepts of big data
6.2 Benefits of big data
7 Related technical areas of big data
7.1 Cloud computing
7.2 Internet of things
7.3 Security and privacy
7.4 Software-defined networking
7.5 Deep packet inspection
7.6 Big data-driven networking
7.7 Open data
7.8 Standardization areas of big data
8 Conceptual model of big data ecosystem
9 Big data SDO activities
9.1 ITU-T
9.2 ISO/IEC JTC 1
9.3 W3C
9.4 OASIS
9.5 Data Mining Group
9.6 TM Forum
10 Gap analysis in big data standardization
Appendix I Summaries of referenced standardization work items
I.1 ITU-T references and associated summaries
I.2 ISO/IEC JTC 1 References and associated summaries
I.3 W3C references and associated summaries
I.4 OASIS references and associated summaries
I.5 Data Mining Group references and associated summaries
I.6 TM Forum references and associated summaries
Bibliography
Cloud computing standardization roadmap
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Supplement
4 Abbreviations and acronyms
5 Conventions
6 Landscape of cloud computing from ITU-T perspective
7 Overview of cloud computing standard roadmap
7.1 Introduction to standards development organizations (SDOs) for cloud computing
7.1.1 ITU-T SG13
7.1.2 ITU-T SG17
7.1.3 ITU-T SG5
7.1.4 ITU-T SG11
7.1.5 ITU-T SG16
7.1.6 ITU-T SG20
7.1.7 ITU-T SG2
7.1.8 JTC 1 SC 38 (Cloud Computing and Distributed Platforms)
7.1.9 DMTF (Distributed Management Task Force)
7.1.10 TM Forum
7.1.11 ATIS
7.1.12 Broadband Forum
7.2 Analysis of deliverable to provide its category
8 ITU-T SG13
8.1 Q17
8.2 Q18
8.3 Q19
8.4 Analysis of ITU-T SG13 deliverables
9 ITU-T JRG-CCM (Joint Rapporteur Group on Cloud Computing Management) of ITU-T SG13 and ITU-T SG2
10 ITU-T SG17
11 ITU-T SG5
12 ITU-T SG11
13 ITU-T SG16
14 ITU-T SG2
15 ISO/IEC JTC 1 SC 38
16 DMTF
17 TM Forum
18 ATIS
19 Broadband Forum
20 Metro Ethernet Forum
Bibliography
ITU Technology Watch Report
2. Cloud Computing management
Overview of end-to-end cloud computing management
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Introduction
7 Objectives
8 Conceptual view and management layering
8.1 Cloud computing management layering
8.1.1 Customer management layer
8.1.2 Product management layer
8.1.3 Service management layer
8.1.4 Resource management layer
8.2 Service management interface
8.3 Relationship with the cloud computing reference architecture
9 Common model for E2E cloud computing management
10 Cloud computing management functionalities
10.1 Functionalities for cloud customer management
10.1.1 Customer fulfilment functionalities
10.1.1.1 Customer order management
10.1.2 Customer assurance functionalities
10.1.2.1 Customer problem management
10.1.2.2 Customer SLA management
10.1.2.3 Customer quality management
10.1.3 Customer repositories functionalities
10.1.3.1 Customer information management
10.2 Functionalities for cloud product management
10.2.1 Product fulfilment functionalities
10.2.1.1 Product order management
10.2.2 Product assurance functionalities
10.2.2.1 Product problem management
10.2.2.2 Product performance management
10.2.2.3 Product quality management
10.2.2.4 Product test management
10.2.3 Product repositories functionalities
10.2.3.1 Product catalogue management
10.2.3.2 Product inventory management
10.3 Functionalities for cloud service management
10.3.1 Service fulfilment functionalities
10.3.1.1 Service order management
10.3.2 Service assurance functionalities
10.3.2.1 Service problem management
10.3.2.2 Service performance management
10.3.2.3 Service quality management
10.3.2.4 Service test management
10.3.3 Service repositories functionalities
10.3.3.1 Service catalogue management
10.3.3.2 Service inventory management
10.4 Functionalities for cloud computing resource management
10.4.1 Resource fulfilment functionalities
10.4.1.1 Resource order management
10.4.2 Resource assurance functionalities
10.4.2.1 Resource performance management
10.4.2.2 Resource fault management
10.4.2.3 Resource test management
10.4.3 Resource charging and accounting functionalities
10.4.3.1 Resource usage collection and distribution
10.4.4 Resource repositories functionalities
10.4.4.1 Resource catalogue management
10.4.4.2 Resource inventory management
11 Security considerations
Annex A Use of SMI-based model across various cloud architecture layers
Appendix I Illustration on E2E cloud computing management in practice
I.1 Introduction
I.2 Vertical vs horizontal management
I.3 Orchestrated management actions
I.4 Monitoring and diagnostics
I.5 Example of E2E cloud computing management
Bibliography
Cloud-based network management functional architecture
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
3.2.1 cloud-based network management
3.2.2 management service analysis function
3.2.3 management service composing function
3.2.4 management service deployment function
4 Abbreviations and acronyms
5 Conventions
6 Introduction
7 Cloud-based network management functional architecture
7.1 Basic concept
7.2 Detailed structure of cloud-based network management functional architecture
7.2.1 High level layering of cloud-based network management functional architecture
7.2.2 Detailed composition of cloud-based network management functional architecture
7.3 The functions of each part in the architecture
7.4 The relationship between the components in the architecture
Requirements for service management in cloud-aware telecommunication management system
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview
7 General requirements for service management in cloud-aware telecommunication management system
8 Functional framework for service management in cloud-aware telecommunication management system
9 Functional requirements for service management in cloud-aware telecommunication management system
9.1 Service catalogue management
9.2 Service inventory management
9.3 Service order management
9.4 Service problem management
9.5 Service performance management
9.6 Service test management
9.7 Service quality management
9.8 Service rating/discounting management
10 Security considerations
Bibliography
Cloud computing framework for end to end resource management
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 End to end cloud resource management overview
6.1 Introduction
6.2 Service delivery management structure
6.3 Difference between cloud computing and the traditional form of computing
6.4 Resource management for a single cloud service provider
6.4.1 Software enabled services
6.5 Resource management for multiple cloud service providers
7 Requirements for the resource management involving multi-cloud service providers
7.1 High-level architecture for end to end multi-cloud resource management
7.2 Functional requirements for end to end cloud resource management
8 Cloud resource management for emergency telecommunications
9 Security considerations
Appendix I Comprehensive view of management layers
Appendix II Multi-cloud end to end service management
Appendix III Summary of SES and SMI concepts
III.1 Software enabled service (SES)
III.2 Service management interface (SMI)
III.3 SMI interface
Bibliography
End-to-end cloud service lifecycle management requirements
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview of E2E cloud service lifecycle management
6.1 Cloud service lifecycle metadata
6.2 Cloud service lifecycle management framework
6.3 Cloud service lifecycle management stages
6.4 Relationship with cloud computing reference architecture
7 E2E cloud service lifecycle management functional requirements
7.1 Service management interface
7.2 Self-service
7.3 Service maintenance
7.4 Reporting
7.5 Composite applications or mash-ups
7.6 Traditional business processes
7.7 Decommissioning
7.8 Policy
7.9 Lifecycle stage management
7.10 Service automation and continuous delivery
7.11 Metadata management
8 Security considerations
Appendix I E2E cloud service lifecycle management use cases
I.1 Service management interface
I.2 Self-service use case
I.3 Service maintenance use case
I.4 Composite applications or mash-ups use case
I.5 Traditional business processes use case
I.6 Decommissioning use case
I.7 Policy use case
I.8 Lifecycle stage management use case
I.9 Service automation and continuous delivery use case
I.10 Metadata management use case
Bibliography
Metadata framework for NaaS service lifecycle management
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 General description
7 Metadata in NaaS service
7.1 NaaS service data model
7.2 NaaS service operational policy data model
7.3 NaaS resource data model
7.4 Relationship among metadata in NaaS service
8 Metadata framework for NaaS service lifecycle management
8.1 Metadata of NaaS service in design time
8.2 Metadata of NaaS service in runtime execution time
9 NaaS service operational policy framework
9.1 Elements of NaaS service operational policy
9.1.1 NaaS service operational policy administration point
9.1.2 NaaS service operational policy decision point
9.1.3 NaaS service operational policy information point
9.1.4 NaaS service operational policy enforcement point
9.2 Functions of NaaS service operational policy
9.3 Procedure of NaaS service operational policy from creation to enforcement
10 Security considerations
Appendix I Metadata applicability in NaaS service lifecycle management
I.1 Virtual private cloud
I.2 Instant VPN
Bibliography
Cloud computing – Functional requirements of inter-cloud data management
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview of inter-cloud data management
6.1 Inter-cloud data categorization
6.2 Data policy language
6.3 Inter-cloud data policy-based management
6.4 Relationship with cloud computing reference architecture
7 Functional requirements for inter-cloud data policy
7.1 Data policy language
7.2 Inter-cloud data policy administration point
7.3 Inter-cloud data policy information point
7.4 Inter-cloud data policy decision point
7.5 Inter-cloud data policy enforcement point
7.6 Inter-cloud data policy monitoring
7.7 Inter-cloud dynamic data policy management
7.8 Inter-cloud autonomic data policy management
7.9 Inter-cloud cognitive data policy management
8 Functional requirements for inter-cloud data isolation and protection
8.1 Datasets placement policies among different CSPs
8.2 Data movement regulation across geographical borders
9 Functional requirements for inter-cloud data management
9.1 Inter-cloud data use policies
9.2 Secure data management of the SaaS replication model in inter-cloud
9.3 Secure data management of the SaaS partition model in inter-cloud
9.4 Secure data management of the SaaS data partition model in inter-cloud
10 Security considerations
Appendix I Use case of inter-cloud data management
I.1 Use case template
I.2 Use case of data use policies in inter-cloud
I.3 Use case of secure data management of the SaaS replication model in inter-cloud
I.4 Use case of secure data management of the SaaS partition model in inter-cloud
I.5 Use case of secure data management of the SaaS data partition model in inter-cloud
I.6 Use case of data policy language
I.7 Use case of CSC data policy implementation in inter-cloud
I.8 Use case of data placement policies for data-intensive applications in the inter-cloud environment
I.9 Use case of data regulation across different countries in the inter-cloud environment
Bibliography
3. XaaS
Requirements for desktop as a service
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Convention
6 Introduction to desktop as a service (DaaS)
6.1 Main advantages of DaaS
6.2 General configuration for DaaS
6.3 Interaction between DaaS components
7 DaaS general requirements
8 DaaS functional requirements
8.1 Operation and management requirements
8.2 DaaS platform-side functional requirements
8.3 DaaS client-side functional requirements
8.4 DaaS platform-DaaS client interaction functional requirements
8.5 DaaS security requirements
9 Security considerations
Appendix I Relationship between DaaS logical components and the cloud computing reference architecture
Appendix II DaaS client classification
Appendix III DaaS use cases
Appendix IV Value for response time limit
Appendix V Service provisioning based on CSC types in DaaS
V.1 Types of cloud service customer
V.2 User account provisioning based on CSC types in DaaS
V.3 Service provisioning in DaaS
Bibliography
Functional architecture for Desktop as a Service
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Relationship between DaaS logical components and DaaS functions
7 DaaS functions
7.1 Virtualization infrastructure support
7.1.1 Platform virtualization
7.1.2 Resource assignment
7.1.3 Performance enhancement for virtualization platform
7.1.4 Infrastructure access management
7.2 Virtual desktop connection and delivery
7.2.1 Delivery protocol processing
7.2.2 Client connection management
7.2.3 User access management
7.2.4 Provisioning and allocation of virtual desktop
7.3 Virtual desktop resource management
7.3.1 Monitoring and controlling virtual desktop resource
7.3.2 User account and profile management
7.3.3 Virtual desktop resource allocation and distribution
7.3.4 Operational policy management for DaaS
7.3.5 High availability for DaaS
7.3.6 Power management of virtual desktop resource
7.4 Client support
7.4.1 Service connection
7.4.2 Connection negotiation
7.4.3 Client peripheral connection
7.4.4 Service continuity for user environment
7.5 Relationships among DaaS functions
8 Relationships between DaaS functions and functional components of cloud computing reference architecture
9 DaaS functional architecture
9.1 Client support functions
9.1.1 Service connection function
9.1.2 Connection negotiation function
9.1.3 Client peripheral connection function
9.1.4 Service continuity for user environment function
9.2 Virtual desktop connection and delivery functions
9.2.1 Delivery protocol processing function
9.2.2 User access management function
9.2.3 Client connection management function
9.2.4 Provisioning and allocation of virtual desktop function
9.3 Virtual desktop resource management functions
9.3.1 Monitoring and controlling virtual desktop resource
9.3.2 User account and profile management
9.3.3 Virtual desktop resource allocation and distribution
9.3.4 Operational policy management for DaaS
9.3.5 High availability for DaaS
9.3.6 Power management of virtual desktop resource
9.4 Virtualization infrastructure functions
9.4.1 Infrastructure access management function
9.4.2 Performance enhancement for virtualization platform function
9.4.3 Resource assignment function
9.4.4 Platform virtualization function
9.5 Reference points
9.5.1 Reference points between CS-FS and VDCD-FS
9.5.2 Reference points between VDCD-FS and VDRM-FS
9.5.3 Reference points between VDCD-FS and VI-FS
9.5.4 Reference points between VDRM-FS and VI-FS
9.5.5 Reference points within VDCD-FS
9.5.6 Reference points within VDRM-FS
9.5.7 Reference points within VI-FS
10 Security considerations
Appendix I Relationship between DaaS logical components and cloud computing reference architecture
Appendix II Relationship between DaaS functions and functional components in cloud computing reference architecture
Bibliography
Cloud computing – Functional requirements of Network as a Service
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 General description
6.1 Networking challenges in cloud computing
6.2 High-level concept of NaaS
7 Functional requirements of NaaS application
7.1 Performance
7.2 Operation and management
7.3 Service chain
7.4 Multiple IP addresses
8 Functional requirements of NaaS platform
8.1 Programmable NaaS platform
8.2 Dynamic and flexible network services composition and steering
8.3 Isolation of service chains for tenants
8.4 Flexible scaling of NaaS platform
8.5 Integration of software applications
9 Functional requirements of NaaS connectivity
9.1 Common control mechanism for NaaS connectivity
9.2 Unified SLA for multiple optimized networks
9.3 Leveraging transport networks dynamically
9.4 Unified network control mechanism
9.5 Elastic network reconfiguration
9.6 Seamless and end-to-end solution of bandwidth allocation
9.7 Symmetric or asymmetric capacity
9.8 Optimized and fine-grained traffic engineering
9.9 Coexistence with legacy network services and functions
9.10 Centralized control view and abstraction view of resources
9.11 CSC limited control of services
9.12 Logically isolated network partition
9.13 Overlay network mechanism
9.14 Overlapped private IP addresses
9.15 Interworking among different VPN solutions
9.16 VPN connection in mobile environment
9.17 Connection to NaaS CSP's network through public Internet
10 Security considerations
Appendix I Development methodology of NaaS functional requirements and architecture
Appendix II Use cases of NaaS
II.1 Use case template
II.2 NaaS applications related use cases
II.2.1 General use cases
II.2.1.1 General NaaS application use case
II.2.1.2 NaaS application use case for application provision
II.2.2 Detailed use cases
II.2.2.1 NaaS platform use case for cloud CDN
II.3 NaaS platform related use cases
II.3.1 General use cases
II.3.2 Detailed use cases
II.3.2.1 NaaS platform use case for service chain
II.3.2.2 NaaS platform use case for platform provision
II.4 NaaS connectivity related use cases
II.4.1 General use cases
II.4.1.1 General NaaS connectivity use case
II.4.2 Detailed use cases
II.4.2.1 NaaS connectivity use case for dynamic transport network
II.4.2.2 NaaS connectivity use case for flexible and extended VPN
II.4.2.3 NaaS connectivity use case for BoD service
II.4.2.4 NaaS connectivity use case for optimized traffic engineering
II.4.2.5 NaaS connectivity use case for performance on demand
II.4.2.6 NaaS connectivity use case for virtual router
II.4.2.7 NaaS connectivity use case for private IP addresses and VPNs
Appendix III Considerations on CSP's network related activities
Bibliography
Cloud computing – Functional requirements of Infrastructure as a Service
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 General description
7 Functional requirements
7.1 Computing service functional requirements
7.1.1 Physical machine
7.1.2 Virtual machine
7.1.3 VM migration
7.1.4 VM scaling
7.1.5 VM snapshot
7.1.6 VM clone
7.1.7 VM backup
7.1.8 VM time synchronization
7.1.9 VM reservation
7.1.10 VM image
7.1.11 VM template
7.2 Storage service functional requirements
7.2.1 Storage migration
7.2.2 Storage snapshot
7.2.3 Storage backup
7.2.4 I/O performance
7.2.5 Storage resource reservation
7.3 Network service functional requirements
7.3.1 Network policy migration
7.3.2 Network QoS
7.3.3 IP address
7.3.4 Network isolation
7.3.5 Virtual networking
7.3.6 Load balance
7.3.7 Firewall
7.3.8 Gateway
7.3.9 Network configuration
8 Security considerations
Appendix I Use case of Infrastructure as a Service
I.1 Use case template
I.2 IaaS use case on infrastructure level
I.3 IaaS computing service use case
I.3.1 VM snapshot use case
I.3.2 VM clone use case
I.3.3 VM backup use case
I.4 IaaS storage service use case
I.5 IaaS network service use case
Appendix II Methodology of mapping use cases and requirements
Bibliography
Cloud computing – Functional architecture of Network as a Service
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview of NaaS functional architecture
6.1 Key NaaS characteristics
6.2 NaaS CSC activities
6.3 Virtualization of network functions
7 Functionalities for NaaS
7.1 NaaS business related functionalities
7.2 Functionalities for NaaS service instantiation
7.2.1 Description of NaaS service instantiation
7.2.2 Modelling for NaaS service instantiation
7.3 Functionalities for NaaS service orchestration
7.4 Functionalities for network analytics
7.5 Autonomic functionalities
7.6 Policy related functionalities
7.7 NaaS resource functionalities
7.7.1 Functionalities for mapping between physical resources and virtualized networks
7.8 Functionalities for an evolved real-time OSS
7.8.1 Service management layer functionalities
7.8.2 Resource management layer functionalities
7.8.2.1 OSS-network services
7.8.2.2 OSS-network functions
7.8.2.3 OSS-cloud compute and storage
7.8.2.4 OSS-network connectivity
7.8.2.5 OSS-physical resources
7.9 Functionalities for the development of NaaS products and NaaS services
8 Functional components
8.1 Business support system functional components for NaaS products
8.2 Service layer functional components for NaaS
8.2.1 Business capabilities (NaaS)
8.2.2 Administration capabilities (NaaS)
8.2.3 Service capabilities (NaaS)
8.3 OSS functional components
8.3.1 OSS-NaaS functional components
8.3.2 OSS-NS functional components
8.3.2.1 NS catalogue
8.3.2.2 NS provisioning
8.3.2.3 NS monitoring and reporting
8.3.2.4 NS policy management
8.3.2.5 NS automation
8.3.2.6 NS level management
8.3.2.7 NS incident and problem management
8.3.2.8 NS inventory
8.3.3 OSS-NF functional components
8.3.3.1 NF catalogue
8.3.3.2 NF provisioning
8.3.3.3 NF monitoring and reporting
8.3.3.4 NF policy management
8.3.3.5 NF automation
8.3.3.6 NF level management
8.3.3.7 NF incident and problem management
8.3.3.8 NF inventory
8.3.4 OSS-CCS functional components
8.3.4.1 CCS automation
8.3.4.2 CCS monitoring and reporting
8.3.4.3 CCS policy management
8.3.4.4 CCS service level management
8.3.4.5 CCS incident and problem management
8.3.4.6 Virtualization management
8.3.4.7 CCS virtual resource inventory
8.3.4.8 Software image management
8.3.5 OSS-NC functional components
8.3.5.1 NC application catalogue
8.3.5.2 NC application provisioning
8.3.5.3 NC automation
8.3.5.4 NC monitoring and reporting
8.3.5.5 NC policy management
8.3.5.6 NC service level management
8.3.5.7 NC incident and problem management
8.3.5.8 NC inventory
8.3.6 OSS functional components for physical resources
8.4 Functional components for NaaS development support
9 Security considerations
Annex A OSS reference points
Annex B Functional components on mapping between physical and virtualized networks
B.1 Physical network
B.2 Virtualized network
B.3 Physical-virtualized-networks mapping
Appendix I Mapping among NaaS functional requirements and functionalities
I.1 Mapping and derivation of functionality for NaaS service instantiation
I.2 Mapping and derivation of functionality for service orchestration
I.3 Mapping and derivation of functionalities for network analytics, policy, and autonomy
I.4 Mapping and derivation of functionality for mapping between physical and virtualized networks
I.5 Mapping and derivation of functionalities for an evolved real-time OSS
I.6 Mapping and derivation of functionalities for NaaS products and NaaS services development
I.7 Mapping and derivation of functionalities related to NaaS business
Appendix II Modelling usage example of NaaS service, NaaS service operational policy and NaaS resource model
II.1 Introduction
II.2 Modelling usage
Appendix III Relationship between NaaS functional architecture and SDN
Appendix IV Example of NFV and SDN usage in support of NaaS architecture
Bibliography
Cloud computing – Functional architecture of big data as a service
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview of BDaaS functional architecture
6.1 Framework of BDaaS functional architecture
6.1.1 User view for BDaaS architecture
6.1.2 Functional view for BDaaS
6.1.3 Cross-cutting aspects for BDaaS
6.2 Relationship between user view and functional view
7 Functional architecture for BDaaS
7.1 Service layer functional components
7.1.1 Data collection functional component
7.1.2 Data visualization functional component
7.1.3 Data pre-processing functional component
7.1.4 Data analysis functional component
7.1.5 Data storage functional component
7.2 Resource layer functional components
7.2.1 Distributed processing functional component
7.3 Multi-layer functional components
7.3.1 Integration functional components
7.3.1.1 Third-party service integration functional component
7.3.2 Security systems functional components
7.3.2.1 Security and privacy management functional component
7.3.3 Operational support systems functional components
7.3.3.1 Data life-cycle monitoring functional component
7.3.3.2 Data policy management functional component
7.3.3.3 Data catalogue functional component
7.3.3.4 Resource orchestration functional component for big data
8 Cross-cutting aspects for BDaaS
8.1 Data redundancy
8.2 Performance
9 Security considerations
Appendix I Mapping between requirements, activities and functional components
Bibliography
Security requirements for software as a service application environments
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview
7 Maturity levels of SaaS application
7.1 Level 1: Custom SaaS application
7.2 Level 2: Configurable SaaS application
7.3 Level 3: Multi-tenant SaaS application
7.4 Level 4: Scalable SaaS application
8 Security requirements for SaaS application environment
8.1 Common security requirements
8.1.1 Identity and access management (IAM)
8.1.1.1 Identity management (IdM)
8.1.1.2 Trust model
8.1.1.3 Access management
8.1.2 Interface security
8.1.3 Data security
8.1.3.1 Data isolation
8.1.3.2 Data confidentiality
8.1.3.3 Data integrity
8.1.3.4 Data reliability
8.1.3.5 Data traceability and control
8.1.4 Security assessment and audit
8.1.5 Security hardening
8.2 Security requirements of CSP
8.2.1 Availability
8.2.2 Service interoperability/portability guarantee
8.2.3 Software assets protection
8.2.4 Legal compliance
8.2.5 Security verification for source codes
8.3 Security requirements of CSN
8.3.1 Audit security
8.3.2 Software security
8.3.3 Software maintainability
Bibliography
4. Video processing and storage
Requirements for cloud storage in visual surveillance
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview
7 Scenarios
7.1 Video stream storage
7.2 Video file uploading
7.3 Video metadata management
7.4 Picture storage
8 Requirements for cloud storage in visual surveillance
8.1 User requirements
8.1.1 Cloud storage service consumer requirements
8.1.2 Cloud storage service provider requirements
8.2 Service requirements
8.2.1 Video storage service requirements
8.2.2 Picture storage service requirements
8.2.3 Video metadata storage service requirements
8.3 Security requirements
8.3.1 Authentication security requirements
8.3.2 Access security requirements
8.3.3 Content security requirements
8.3.4 System security requirements
8.4 Management requirements
8.4.1 Storage management requirements
8.4.2 Equipment management requirements
8.4.3 Service management requirements
8.4.4 Data management requirements
8.4.5 System management requirements
8.4.6 Operation management requirements
8.5 Scalability requirements
8.6 Reliability requirements
8.7 Performance requirements
Bibliography
Requirements for a cloud computing platform supporting a visual surveillance system
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Scenarios
6.1 Video distribution
6.2 Video transcoding
6.3 Online intelligent video processing
6.3.1 Case 1: Traffic flow analysis
6.3.2 Case 2: Perimeter prevention
6.4 Offline intelligent video processing
6.4.1 Case 1: Human recognition
6.4.2 Case 2: Video synopsis
7 Requirements for cloud computing platform supporting visual surveillance
7.1 User requirements
7.1.1 Cloud computing service consumer requirements
7.1.2 Cloud computing service provider requirements
7.2 Service requirements
7.2.1 Online intelligent video processing service requirements
7.2.2 Offline intelligent video processing service requirements
7.2.3 Video transcoding
7.3 Security requirements
7.3.1 Authentication security requirements
7.3.2 Access security requirements
7.3.3 Content security requirements
7.3.4 System security requirements
7.4 Management requirements
7.4.1 Resources management requirements
7.4.2 Equipment management requirements
7.4.3 Service management requirements
7.4.4 System management requirements
7.4.5 Operation management requirements
7.5 Scalability requirements
7.6 Reliability requirements
7.7 Performance requirements
Bibliography
Architecture for cloud storage in visual surveillance
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview of cloud storage in visual surveillance
7 Functional architecture for cloud storage in visual surveillance
7.1 Architectural framework
7.2 Functional entities
7.2.1 Cloud storage management unit
7.2.2 Cloud storage data unit
7.2.3 Cloud storage access unit
7.3 Reference points
7.3.1 Reference point Pcs: PU-CSAU
7.3.2 Reference point Mdc: MDU-CSAU
7.3.3 Reference point Ss: CSAU-SCU
7.3.4 Reference point Cms: CMU-CSMU
7.3.5 Reference point Csm: CSMU-CSAU
7.3.6 Reference point Csd: CSMU-CSDU
7.3.7 Reference point Csd': CSMU-CSDU
7.3.8 Reference point Csc: CSDU-CSAU
7.3.9 Reference point Cc: CSDU-CSAU
7.3.10 Reference point Csa: CSMU-CSAU
7.4 Service control flow
7.4.1 Real-time media storage
7.4.2 Video file storage
7.4.3 Image storage
7.4.4 Video metadata or image metadata storage
7.4.5 Media acquisition from the cloud storage system
5. Intercloud and interoperability
Cloud computing – Trusted inter-cloud computing framework and requirements
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview of trusted inter-cloud
6.1 Governance of trusted inter-cloud
6.2 Management of trusted inter-cloud
6.3 Resiliency of trusted inter-cloud
6.4 Security and confidentiality of trusted inter-cloud
6.5 Relationship between trusted inter-cloud and the cloud computing reference architecture
7 General requirements for trusted inter-cloud
7.1 Data separation
7.2 Data annotation
7.3 Confidentiality of data
7.4 Operational statistics
7.5 Interoperability and dependability
7.6 Master service agreement
8 Requirements for governance of trusted inter-cloud
8.1 Geographical policies
8.2 Governance policies
8.3 Governance roles
8.4 Regulatory policies
8.5 Laws and regulations
9 Requirements for management of trusted inter-cloud
9.1 Management policies
9.2 Management roles
9.3 Distributed data
9.4 Identity management
9.5 Access management
9.6 Policy language
10 Requirements for resiliency of trusted inter-cloud
10.1 Service monitoring
10.2 Service continuity
10.3 Resiliency policies
10.4 Resiliency validation
11 Requirements for security and confidentiality of trusted inter-cloud
11.1 Security and confidentiality policies
11.2 Level of robustness
11.3 Security policy negotiation
11.4 Security and confidentiality policy
11.5 Data security
11.6 Security policy monitoring
12 Security considerations
Appendix I Use case of trusted inter-cloud computing
I.1 Use case template
I.2 Trusted inter-cloud related use cases
I.2.1 Use case of access security in trusted inter-cloud
I.2.2 Use case of geographical policy in trusted inter-cloud
I.2.3 Use case of video gaming in trusted inter-cloud
I.2.4 Use case of distributed image processing platform in trusted inter-cloud
I.2.5 Use case of distributed information exchange system in trusted inter-cloud
I.2.6 Use case of virtual home gateway in trusted inter-cloud
I.2.7 Use case of distributed document exchange system in trusted inter-cloud
Bibliography
Cloud computing – Functional architecture of inter-cloud computing
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview
6.1 Inter-cloud functional architecture with different patterns
6.2 Relationship with cloud computing reference architecture
7 Functions of inter-cloud computing
7.1 Business support systems
7.1.1 Service subscription management
7.1.2 Billing
7.2 Operational support systems
7.2.1 Service catalogue
7.2.2 Service provisioning
7.2.3 Monitoring and reporting
7.2.4 Service policy management
7.2.5 Service automation
7.2.6 Service level management
7.2.7 Incident and problem management
7.2.8 Peer service management
7.3 Peer service integration
7.3.1 Peer CSP management
7.3.2 Inter-cloud service negotiation
7.3.3 Inter-cloud service discovery
7.3.4 Inter-cloud service selection
7.3.5 Inter-cloud service reservation
7.3.6 Inter-cloud service release
7.3.7 Inter-cloud capabilities adaptation
7.4 Security systems
7.4.1 Authentication and identity management
7.4.2 Authorization and security policy management
7.4.3 Encryption management
8 Functional components of inter-cloud
9 Security considerations
Appendix I Mapping of inter-cloud computing functional requirements and functions
Appendix II Reference points of inter-cloud computing
II.1 Reference point: I-SSM-Blg
II.2 Reference point: I-SSM-IPM
II.3 Reference point: I-SSM-MR
II.4 Reference point: I-SSM-SC
II.5 Reference point: I-SSM-PSM
II.6 Reference point: I-Blg-IPM
II.7 Reference point: I-Blg-MR
II.8 Reference point: I-Blg-SC
II.9 Reference point: I-Blg-SP
II.10 Reference point: I-Blg-SA
II.11 Reference point: I-Blg-SPM
II.12 Reference point: I-Blg-SLM
II.13 Reference point: I-Blg-PSM
II.14 Reference point: I-SP-SC
II.15 Reference point: I-SLM-SC
II.16 Reference point: I-PSM-SC
II.17 Reference point: I-SC-PSI
II.18 Reference point: I-SPM-SP
II.19 Reference point: I-SP-SA
II.20 Reference point: I-PSM-SP
II.21 Reference point: I-MR-SP
II.22 Reference point: I-PSM-SA
II.23 Reference point: I-SA-SPM
II.24 Reference point: I-SA-PSI
II.25 Reference point: I-PSM-SPM
II.26 Reference point: I-SPM-PSI
II.27 Reference point: I-SPM-ASPM
II.28 Reference point: I-SLM-IPM
II.29 Reference point: I-PSM-SLM
II.30 Reference point: I-MR-SLM
II.31 Reference point: I-SLM-PSI
II.32 Reference point: I-MR-IPM
II.33 Reference point: I-PSM-MR
II.34 Reference point: I-MR-PSI
II.35 Reference point: I-PSM-IPM
II.36 Reference point: I-IPM-PSI
II.37 Reference point: I-PSM-AIM
II.38 Reference point: I-PSM-EM
II.39 Reference point: I-PSM-BA
II.40 Reference point: I-PSM-AA
II.41 Reference point: I-PSI-AIM
II.42 Reference point: I-PSI-ASPM
II.43 Reference point: I-PSI-EM
II.44 Reference point: I-PSI-SA
Bibliography
Cloud computing – Overview of inter-cloud trust management
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview of inter-cloud trust management
6.1 Isolation and security management mechanism
6.2 Inter-cloud trust management model
6.3 Reputation-based trust management in inter-cloud environment
6.4 Cloud service evaluation framework
6.5 Relationship with cloud computing reference architecture
7 Requirements for inter-cloud trust management
7.1 Inter-cloud trust policies and credentials
7.2 Inter-cloud reputation scoring
7.3 Inter-cloud reputation-based trust evaluation
7.4 SSO authentication
7.5 Periodical verification
7.6 Control privilege for VM and data
8 Security considerations
Appendix I Use case of inter-cloud trust management
I.1 Use case template
I.2 Use case of trusted network function virtualization
I.3 Use case of selecting CSP by reputation-based trust evaluation
I.4 Use case of SSO authentication within inter-cloud environment
I.5 Use case of control privilege of inter-cloud
Appendix II Functionalities for managing isolation and security mechanism
II.1 Functionalities for managing isolation and security mechanism
Bibliography
The framework and overview of cloud computing interoperability testing
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Overview of cloud computing interoperability testing
5.1 Common aspects to be considered in cloud computing interoperability testing
5.2 Infrastructure capabilities type interoperability testing
5.3 Platform capabilities type interoperability testing
5.4 Application capabilities type interoperability testing
6 Cloud computing interoperability testing between CSC and CSP
7 Cloud computing interoperability testing between CSP and CSP
8 Cloud computing interoperability testing between CSP and its management system
Appendix I Cloud interoperability testing scenarios
Bibliography
Cloud computing infrastructure capabilities interoperability testing – part 1: Interoperability testing between the CSC and CSP
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview of cloud computing infrastructure capabilities type interoperability testing between the CSC and CSP
7 Computing service interoperability testing between the CSC and CSP
7.1 Interoperability testing of VM configuration between the CSC and CSP
7.2 Interoperability testing of VM migration between the CSC and CSP
7.3 Interoperability testing of VM snapshot between the CSC and CSP
7.4 Interoperability testing of VM clone between the CSC and CSP
7.5 Interoperability testing of VM time synchronization between the CSC and CSP
7.6 Interoperability testing of VM reservation between the CSC and CSP
7.7 Interoperability testing of VM image between the CSC and CSP
7.8 Interoperability testing of VM template between the CSC and CSP
7.9 Interoperability testing of VM scaling between the CSC and CSP
7.10 Interoperability testing of VM backup between the CSC and CSP
7.11 Interoperability testing of VM life cycle management between the CSC and CSP
7.12 Interoperability testing of physical machine life cycle management between the CSC and CSP
7.13 Interoperability testing of VM configuration inquiring between the CSC and CSP
7.14 Interoperability testing of physical machine configuration inquiring between the CSC and CSP
8 Storage service interoperability testing between the CSC and CSP
8.1 Interoperability testing of storage migration between the CSC and CSP
8.2 Interoperability testing of storage snapshot between the CSC and CSP
8.3 Interoperability testing of storage backup between the CSC and CSP
8.4 Interoperability testing of storage resource reservation between the CSC and CSP
8.5 Interoperability testing of I/O performance between the CSC and CSP
8.6 Interoperability testing of storage life cycle management between the CSC and CSP
8.7 Interoperability testing of storage utilization status inquiring between the CSC and CSP
9 Network service interoperability testing between the CSC and CSP
9.1 Interoperability testing of network policy migration between the CSC and CSP
9.2 Interoperability testing of network QoS between the CSC and CSP
9.3 Interoperability testing of network address translation between the CSC and CSP
9.4 Interoperability testing of network isolation between the CSC and CSP
9.5 Interoperability testing of IP address allocation between the CSC and CSP
9.6 Interoperability testing of IP address reservation between the CSC and CSP
9.7 Interoperability testing of load balance between the CSC and CSP
9.8 Interoperability testing of firewall between the CSC and CSP
9.9 Interoperability testing of multipath routing between the CSC and CSP
9.10 Interoperability testing of network information inquiring between the CSC and CSP
Appendix I Test case template
Appendix II Test cases for cloud computing infrastructure capabilities interoperability testing between the CSC and CSP
II.1 Test cases for computing service interoperability testing between the CSC and CSP
II.1.1 Test case: VM configuration
II.1.2 Test case: VM migration
II.1.3 Test case: VM snapshot
II.1.4 Test case: VM clone
II.1.5 Test case: VM time synchronization
II.1.6 Test case: VM reservation
II.1.7 Test case: VM image
II.1.8 Test case: VM template
II.1.9 Test case: VM scaling
II.1.10 Test case: VM backup
II.1.11 Test case: VM life cycle management
II.1.12 Test case: physical machine life cycle management
II.1.13 Test case: VM configuration inquiring
II.1.14 Test case: physical machine configuration inquiring
II.2 Test cases for storage service interoperability testing between the CSC and CSP
II.2.1 Test case: storage migration
II.2.2 Test case: storage snapshot
II.2.3 Test case: storage backup
II.2.4 Test case: storage resource reservation
II.2.5 Test case: I/O performance
II.2.6 Test case: storage life cycle management
II.2.7 Test case: storage utilization status inquiring
II.3 Test cases for network service interoperability testing between the CSC and CSP
II.3.1 Test case: network policy migration
II.3.2 Test case: network QoS
II.3.3 Test case: network address translation
II.3.4 Test case: network isolation
II.3.5 Test case: IP address allocation
II.3.6 Test case: IP address reservation
II.3.7 Test case: load balance
II.3.8 Test case: firewall
II.3.9 Test case: multipath routing
II.3.10 Test case: network information inquiring
Appendix III Alignment analysis with [ITU-T Y.3513]
Bibliography
Cloud computing interoperability activities
1 Scope
2 References
3 Abbreviations and acronyms
4 Introduction
5 Existing cloud computing interoperability activities
5.1 Standards development organizations for cloud computing interoperability
5.1.1 DMTF
5.1.2 ETSI
5.1.3 GICTF
5.1.4 IEEE
5.1.5 IETF
5.1.6 ISO/IEC JTC1
5.1.7 ITU-T
5.1.8 NIST
5.1.9 OASIS
5.1.10 ODCA
5.1.11 OGF
5.1.12 SNIA
5.1.13 TM Forum
5.2 Testing groups, open sources and tools for cloud computing testing
5.2.1 Testing groups
5.2.2 Open sources
5.2.3 Tools
5.3 Cloud security standardization activities
6 Potential interoperability testing areas of cloud computing
Appendix I Summaries of referenced documents
I.1 3CPP references and associated summaries
I.2 CSMIC references and associated summaries
I.3 DMTF references and associated summaries
I.4 ETSI references and associated summaries
I.5 GICTF references and associated summaries
I.6 IEEE references and associated summaries
I.7 IETF references and associated summaries
I.8 ISO/IEC JTC 1 references and associated summaries
I.9 NIST references and associated summaries
I.10 OASIS references and associated summaries
I.11 ODCA references and associated summaries
I.12 OGF references and associated summaries
I.13 SNIA references and associated summaries
I.14 TMF references and associated summaries
I.15 ITU-T draft Recommendation
6. Monitoring
Set of parameters of cloud computing for monitoring
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Functional reference architecture of cloud computing
7 Monitoring parameters
7.1 Resource layer parameters
7.1.1 Physical computing resources
7.1.2 Virtual computing resources
7.1.3 Virtual machine operation and control
7.1.4 Network
7.1.5 Software-defined networking
7.1.5.1 Software-defined networking-based network
7.1.5.2 Service chain
7.1.6 Energy consumption
7.1.7 Environment
7.2 Service layer parameters
7.2.1 General
7.2.2 Service availability
7.2.3 Service performance
7.2.3.1 Transaction process
7.2.3.2 Load balance
7.2.3.3 Database
7.2.3.4 Web service performance
7.3 Access layer parameters
7. Security
Security framework for cloud computing
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview
7 Security threats for cloud computing
7.1 Security threats for cloud service customers (CSCs)
7.1.1 Data loss and leakage
7.1.2 Insecure service access
7.1.3 Insider threats
7.2 Security threats for cloud service providers (CSPs)
7.2.1 Unauthorized administration access
7.2.2 Insider threats
8 Security challenges for cloud computing
8.1 Security challenges for cloud service customers (CSCs)
8.1.1 Ambiguity in responsibility
8.1.2 Loss of trust
8.1.3 Loss of governance
8.1.4 Loss of confidentiality
8.1.5 Service unavailability
8.1.6 Cloud service provider lock-in
8.1.7 Misappropriation of intellectual property
8.1.8 Loss of software integrity
8.2 Security challenges for cloud service providers (CSPs)
8.2.1 Ambiguity in responsibility
8.2.2 Shared environment
8.2.3 Inconsistency and conflict of protection mechanisms
8.2.4 Jurisdictional conflict
8.2.5 Evolutionary risks
8.2.6 Bad migration and integration
8.2.7 Business discontinuity
8.2.8 Cloud service partner lock-in
8.2.9 Supply chain vulnerability
8.2.10 Software dependencies
8.3 Security challenges for cloud service partners (CSNs)
8.3.1 Ambiguity in responsibility
8.3.2 Misappropriation of intellectual property
8.3.3 Loss of software integrity
9 Cloud computing security capabilities
9.1 Trust model
9.2 Identity and access management (IAM), authentication, authorization and transaction audit
9.3 Physical security
9.4 Interface security
9.5 Computing virtualization security
9.6 Network security
9.7 Data isolation, protection and confidentiality protection
9.8 Security coordination
9.9 Operational security
9.10 Incident management
9.11 Disaster recovery
9.12 Service security assessment and audit
9.13 Interoperability, portability and reversibility
9.14 Supply chain security
10 Framework methodology
Appendix I Mapping of cloud computing security threats and challenges to security capabilities
Bibliography
Data security requirements for the monitoring service of cloud computing
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview
7 Scope of monitoring data for cloud computing
8 Monitoring data lifecycle in cloud computing
8.1 Monitoring data collection
8.2 Monitoring data storage
8.3 Monitoring data use
8.4 Monitoring data migration
8.5 Monitoring data analysis
8.6 Monitoring data presentation
8.7 Monitoring data destruction
8.8 Monitoring data backup
9 Security threats and challenges for monitoring data of cloud computing
9.1 Security threats and challenges in monitoring data collection stage
9.2 Security threats and challenges in monitoring data storage stage
9.3 Security threats and challenges in monitoring data use stage
9.4 Security threats and challenges in monitoring data migration stage
9.5 Security threats and challenges in monitoring data analysis stage
9.6 Security threats and challenges in monitoring data presentation stage
9.7 Security threats and challenges in monitoring data destruction stage
9.8 Security threats and challenges in monitoring data backup stage
10 Security requirements for monitoring data of cloud computing
10.1 Security requirements for monitoring data collection
10.2 Security requirements for monitoring data storage
10.3 Security requirements for monitoring data use
10.4 Security requirements for monitoring data migration
10.5 Security requirements for monitoring data analysis
10.6 Security requirements for monitoring data presentation
10.7 Security requirements for monitoring data destruction
10.8 Security requirements for monitoring data backup
Bibliography
Guidelines for cloud service customer data security
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview
6.1 Specification of the data in this Recommendation
6.2 Data security threats for cloud service customers
6.3 Existing requirements related to about data security
6.4 Data security lifecycle
7 Guidelines for security controls related to data security
7.1 Security controls in create stage
7.2 Security controls in transmit stage
7.3 Security controls in storage stage
7.4 Security controls in use stage
7.5 Security controls in migrate stage
7.6 Security controls in destroy stage
7.7 Security controls in backup and restore stage
Appendix I Guidelines for using security controls
Bibliography
Guidelines for the operational security of cloud computing
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview
7 Requirements of the security clause of the service level agreement
7.1 Security responsibility between CSPs and CSCs
7.2 Requirements of the security clause of SLA
7.2.1 General requirements
7.2.2 Elements of the security clause of SLA
7.2.2.1 Business continuity
7.2.2.2 Data security protection
7.2.2.3 Emergency response
7.2.2.4 Security measures
7.2.2.5 Security audit
7.2.2.6 Security monitoring for improving SLA
7.2.2.7 Security certification
7.2.2.8 Security activity documentation
8 Guidelines of daily operational security
8.1 Identity management and access control
8.1.1 Identity management
8.1.2 Access control management
8.2 Data encryption and key management
8.3 System security monitoring
8.4 Disaster recovery
8.5 Security configuration management
8.6 Security event processing
8.6.1 Detecting
8.6.2 Analysing
8.6.3 Disposing
8.6.4 Checking
8.6.5 Report and recording
8.7 Patch upgrade
8.7.1 Responsibilities
8.7.2 Process of upgrading security patch
8.8 Securing configuration management
8.9 Emergency response plans
8.9.1 Development phase
8.9.2 Testing and implementation phase
8.9.3 Maintenance phase
8.10 Backup
8.11 Internal security audit
8.11.1 Requisites of security audit
8.11.2 Specific audit requirements
Bibliography
Information technology – Security techniques – Code of practice for information security controls based on ISO/IEC 27002 for cloud services
1 Scope
2 Normative references
2.1 Identical Recommendations | International Standards
2.2 Additional References
3 Definitions and abbreviations
3.1 Terms defined elsewhere
3.2 Abbreviations
4 Cloud sector-specific concepts
4.1 Overview
4.2 Supplier relationships in cloud services
4.3 Relationships between cloud service customers and cloud service providers
4.4 Managing information security risks in cloud services
4.5 Structure of this standard
5 Information security policies
5.1 Management direction for information security
5.1.1 Policies for information security
5.1.2 Review of the policies for information security
6 Organization of information security
6.1 Internal organization
6.1.1 Information security roles and responsibilities
6.1.2 Segregation of duties
6.1.3 Contact with authorities
6.1.4 Contact with special interest groups
6.1.5 Information security in project management
6.2 Mobile devices and teleworking
6.2.1 Mobile device policy
6.2.2 Teleworking
7 Human resource security
7.1 Prior to employment
7.1.1 Screening
7.1.2 Terms and conditions of employment
7.2 During employment
7.2.1 Management responsibilities
7.2.2 Information security awareness, education and training
7.2.3 Disciplinary process
7.3 Termination and change of employment
7.3.1 Termination or change of employment responsibilities
8 Asset management
8.1 Responsibility for assets
8.1.1 Inventory of assets
8.1.2 Ownership of assets
8.1.3 The acceptable use of assets
8.1.4 Return of assets
8.2 Information classification
8.2.1 Classification of information
8.2.2 Labelling of information
8.2.3 Handling of assets
8.3 Media handling
8.3.1 Management of removable media
8.3.2 Disposal of media
8.3.3 Physical media transfer
9 Access control
9.1 Business requirements of access control
9.1.1 Access control policy
9.1.2 Access to networks and network services
9.2 User access management
9.2.1 User registration and deregistration
9.2.2 User access provisioning
9.2.3 Management of privileged access rights
9.2.4 Management of secret authentication information of users
9.2.5 Review of user access rights
9.2.6 Removal or adjustment of access rights
9.3 User responsibilities
9.3.1 Use of secret authentication information
9.4 System and application access control
9.4.1 Information access restriction
9.4.2 Secure log-on procedures
9.4.3 Password management system
9.4.4 Use of privileged utility programs
9.4.5 Access control to program source code
10 Cryptography
10.1 Cryptographic controls
10.1.1 Policy on the use of cryptographic controls
10.1.2 Key management
11 Physical and environmental security
11.1 Secure areas
11.1.1 Physical security perimeter
11.1.2 Physical entry controls
11.1.3 Securing offices, rooms and facilities
11.1.4 Protecting against external and environmental threats
11.1.5 Working in secure areas
11.1.6 Delivery and loading areas
11.2 Equipment
11.2.1 Equipment siting and protection
11.2.2 Supporting utilities
11.2.3 Cabling security
11.2.4 Equipment maintenance
11.2.5 Removal of assets
11.2.6 Security of equipment and assets off-premises
11.2.7 Secure disposal or reuse of equipment
11.2.8 Unattended user equipment
11.2.9 Clear desk and clear screen policy
12 Operations security
12.1 Operational procedures and responsibilities
12.1.1 Documented operating procedures
12.1.2 Change management
12.1.3 Capacity management
12.1.4 Separation of development, testing and operational environments
12.2 Protection from malware
12.2.1 Controls against malware
12.3 Backup
12.3.1 Information backup
12.4 Logging and monitoring
12.4.1 Event logging
12.4.2 Protection of log information
12.4.3 Administrator and operator logs
12.4.4 Clock synchronization
12.5 Control of operational software
12.5.1 Installation of software on operational systems
12.6 Technical vulnerability management
12.6.1 Management of technical vulnerabilities
12.6.2 Restrictions on software installation
12.7 Information systems audit considerations
12.7.1 Information systems audit controls
13 Communications security
13.1 Network security management
13.1.1 Network controls
13.1.2 Security of network services
13.1.3 Segregation in networks
13.2 Information transfer
13.2.1 Information transfer policies and procedures
13.2.2 Agreements on information transfer
13.2.3 Electronic messaging
13.2.4 Confidentiality or non-disclosure agreements
14 System acquisition, development and maintenance
14.1 Security requirements of information systems
14.1.1 Information security requirements analysis and specification
14.1.2 Securing applications services on public networks
14.1.3 Protecting application services transactions
14.2 Security in development and support processes
14.2.1 Secure development policy
14.2.2 System change control procedures
14.2.3 Technical review of applications after operating platform changes
14.2.4 Restrictions on changes to software packages
14.2.5 Secure system engineering principles
14.2.6 Secure development environment
14.2.7 Outsourced development
14.2.8 System security testing
14.2.9 System acceptance testing
14.3 Test data
14.3.1 Protection of test data
15 Supplier relationships
15.1 Information security in supplier relationships
15.1.1 Information security policy for supplier relationships
15.1.2 Addressing security within supplier agreements
15.1.3 Information and communication technology supply chain
15.2 Supplier service delivery management
15.2.1 Monitoring and review of supplier services
15.2.2 Managing changes to supplier services
16 Information security incident management
16.1 Management of information security incidents and improvements
16.1.1 Responsibilities and procedures
16.1.2 Reporting information security events
16.1.3 Reporting information security weaknesses
16.1.4 Assessment of and decision on information security events
16.1.5 Response to information security incidents
16.1.6 Learning from information security incidents
16.1.7 Collection of evidence
17 Information security aspects of business continuity management
17.1 Information security continuity
17.1.1 Planning information security continuity
17.1.2 Implementing information security continuity
17.1.3 Verify, review and evaluate information security continuity
17.2 Redundancies
17.2.1 Availability of information processing facilities
18 Compliance
18.1 Compliance with legal and contractual requirements
18.1.1 Identification of applicable legislation and contractual requirements
18.1.2 Intellectual property rights
18.1.3 Protection of records
18.1.4 Privacy and protection of personally identifiable information
18.1.5 Regulation of cryptographic controls
18.2 Information security reviews
18.2.1 Independent review of information security
18.2.2 Compliance with security policies and standards
18.2.3 Technical compliance review
Annex A Cloud service extended control set
Annex B References on information security risk related to cloud computing
Bibliography
ITU Technology Watch Report
8. Assisting developing countries
Requirements and challenges regarding provision and consumption of cloud computing services in developing countries
1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Supplement
4 Abbreviations and acronyms
5 Conventions
6 Overview
6.1 Key characteristics
6.2 Deployment models
6.3 Service categories
6.4 Benefits of cloud computing
7 Questionnaire findings
7.1 Questionnaire respondents
7.2 Deployment of cloud computing in developing countries
7.3 Applications and services
7.4 Infrastructure requirements
7.5 Costs associated with cloud computing adoption
8 Cloud computing requirements in developing countries
8.1 Standardization requirements
8.1.1 Cybersecurity
8.1.2 Interoperability and portability
8.1.3 Service level agreements (SLA)
8.1.4 Green standards
8.1.5 Other standards
8.2 Human resources
8.3 Data centres
8.3.1 Data centres – Case studies
8.4 Electricity supply
8.5 Network infrastructure
8.6 Trust
9 Challenges of cloud computing adoption
9.1 Lack of regulatory framework for cloud computing services
9.2 Security and privacy concerns
9.3 Infrastructure needs
9.4 Capacity building
9.5 Quality of service
9.6 Compliance limitations
9.7 High cost of broadband Internet
10 General recommendations on adoption of cloud computing by developing countries
10.1 Regulatory framework
10.2 Standards adoption
10.3 Basic broadband infrastructure
10.4 Internet exchange points
10.5 Reliable electricity
10.6 Data centres
Appendix I Presentation of the results of the questionnaires for cloud service customers
I.1 List of responders
I.2 Responses to the questionnaire
Appendix II Results of the questionnaire for cloud service providers (CSPs) on cloud computing status in developing countries
II.1 List of responders
II.2 Responses to the questionnaire
Bibliography
ITU Report