Page 389 - Cloud computing: From paradigm to operation
P. 389
Framework and requirements for cloud computing 1
– Q19/13 (End-to-end cloud computing management and security)
The primary focus of this Question is cloud service and infrastructure management and the
management of composite cloud services and components that use a variety of telecommunication
and IT infrastructure resources. These cloud services are typically composed of individual service
elements that may be acquired from or exposed to third parties. This is a very complex management
environment and requires the study of standards that provide the means to enable consistent end-
to-end, multi-cloud management and monitoring of services exposed by and across different service
providers' domains and technologies. This Question also includes the study of security mechanisms
and methods to streamline and manage service delivery mechanisms across service life cycles so
that services can be created and delivered efficiently. The second focus of this Question is big data
governance including data management, data preservation, as well as life-cycle management of big
data to provide the necessary overall frameworks, definitions and ecosystems including
requirements, capabilities related to the integration or support of the big data model and
technologies in telecommunication ecosystems.
7.1.2 ITU-T SG17
ITU-T Study Group 17 (SG17) coordinates security-related work across all ITU-T Study Groups. Often working
in cooperation with other standards development organizations (SDOs) and various ICT industry consortia,
SG17 deals with a broad range of standardization issues.
To give a few examples, SG17 is currently working on cybersecurity; security management; security
architectures and frameworks; countering spam; identity management; the protection of personally
identifiable information; and the security of applications and services for the Internet of Things (IoT), smart
grids, smartphones, software-defined networking (SDN), web services, big data analytics, social networks,
cloud computing, mobile financial systems, IPTV and telebiometrics.
One key reference for security standards in use today is Recommendation ITU-T X.509 for electronic
authentication over public networks. Recommendation ITU-T X.509, a cornerstone in designing applications
relating to public key infrastructure (PKI), is used in a wide range of applications; from securing the
connection between a browser and a server on the web, to providing digital signatures that enable
e-commerce transactions to be conducted with the same confidence as in a traditional system. Without wide
acceptance of the standard, the rise of e-business would have been impossible.
Cybersecurity remains high on SG17's agenda. Additionally, SG17 is coordinating security standardization
work covering combating counterfeit and mobile device theft, IMT-2020, cloud-based event data technology,
e-health, open identity trust framework, radio frequency identification (RFID), and child online protection.
7.1.3 ITU-T SG5
ITU-T Study Group 5 (SG5) is responsible for studies on methodologies for evaluating ICT effects on climate
change and publishing guidelines for using ICTs in an eco-friendly way. Under its environmental mandate,
SG5 is also responsible for studying design methodologies to reduce ICTs and e-waste's adverse
environmental effects, for example, through the recycling of ICT facilities and equipment.
In addition to its climate-focused activities, the ITU-T Recommendations, Handbooks and other publications
produced by SG5 have four main objectives. The first is to protect telecommunication equipment and
installations against damage and malfunction due to electromagnetic disturbances, such as those from
lightning. In this field, SG5 is one of the world's most experienced and respected standardization bodies.
The second is to ensure the safety of personnel and users of networks against current and voltages used in
telecommunication networks. The third is to avoid health risks from electromagnetic fields (EMFs) produced
by telecommunication devices and installations. The fourth is to guarantee a good quality of service (QoS)
for high-speed data services by providing requirements on characteristics of copper cables and on the
coexistence of services delivered by different providers.
381