Page 1001 - Cloud computing: From paradigm to operation
P. 1001
Security 7
3.1.12 Infrastructure as a Service (IaaS) [b-ITU-T Y.3500]: Cloud service category in which the cloud
capabilities type provided to the cloud service customer (see clause 3.1.5) is an infrastructure capabilities
type.
NOTE – The cloud service customer (see clause 3.1.5) does not manage or control the underlying physical and virtual
resources, but does have control over operating systems, storage, and deployed applications that use the physical and
virtual resources. The cloud service customer (see clause 3.1.5) may also have limited ability to control certain
networking components (e.g., host firewalls).
3.1.13 multi-tenancy [b-ITU-T Y.3500]: Allocation of physical or virtual resources such that multiple tenants
(see clause 3.1.24) and their computations and data are isolated from and inaccessible to one another.
3.1.14 Network as a Service (NaaS) [b-ITU-T Y.3500]: Cloud service category in which the capability
provided to the cloud service customer (see clause 3.1.5) is transport connectivity and related network
capabilities.
NOTE – NaaS can provide any of the three cloud capabilities types.
3.1.15 party [b-ISO/IEC 27729]: Natural person or legal person, whether or not incorporated, or a group of
either.
3.1.16 personally identifiable information [b-ISO/IEC 29100]: Any information that (a) can be used to
identify the PII principal to whom such information relates, or (b) is or might be directly or indirectly linked
to a PII principal.
3.1.17 Platform as a Service (PaaS) [b-ITU-T Y.3500]: Cloud service category in which the cloud capabilities
type provided to the cloud service customer (see clause 3.1.5) is a platform capabilities type.
3.1.18 private cloud [b-ITU-T Y.3500]: Cloud deployment model where cloud services (see clause 3.1.4) are
used exclusively by a single cloud service customer (see clause 3.1.5) and resources are controlled by that
cloud service customer (see clause 3.1.5).
3.1.19 public cloud [b-ITU-T Y.3500]: Cloud deployment model where cloud services (see clause 3.1.4) are
potentially available to any cloud service customer (see clause 3.1.5) and resources are controlled by the
cloud service provider (see clause 3.1.7).
3.1.20 security domain [b-ITU-T X.810]: A set of elements, a security policy, a security authority and a set
of security-relevant activities in which the set of elements are subject to the security policy for the specified
activities, and the security policy is administered by the security authority for the security domain.
3.1.21 security incident [b-ITU-T E.409]: A security incident is any adverse event whereby some aspect of
security could be threatened.
3.1.22 service level agreement (SLA) [b-ISO/IEC 20000-1]: A documented agreement between the service
provider and customer that identifies services and service targets.
NOTE 1 – A service level agreement can also be established between the service provider and a supplier, an internal
group or a customer acting as a supplier.
NOTE 2 – A service level agreement can be included in a contract or another type of documented agreement.
3.1.23 Software as a Service (SaaS) [b-ITU-T Y.3500]: Cloud service category in which the cloud capabilities
type provided to the cloud service customer (see clause 3.1.5) is an application capabilities type.
3.1.24 tenant [b-ITU-T Y.3500]: One or more cloud service users (see clause 3.1.8) sharing access to a set
of physical and virtual resources.
3.1.25 threat [b-ISO/IEC 27000]: A potential cause of an unwanted incident, which may result in harm to a
system or organization.
3.1.26 vulnerability [b-NIST-SP-800-30]: A weakness in an information system, system security procedures,
internal controls, or implementation that could be exploited by a threat source.
993
