Internet Engineering Task Force B. Khasnabish
Internet-Draft ZTE USA, Inc.
Intended status: Informational C. JunSheng
Expires: June 30, 2013 ZTE
December 27, 2012
Cloud SDO Activities Survey and Analysis
draft-khasnabish-cloud-sdo-survey-04.txt
Abstract
The objective of this draft is to present a snapshot of industry
standards activities related to cloud computing, networking and
services including relevant features and functions. This document is
a survey of current activities of cloud standards development
organizations (SDOs). At the end of this survey a section on gap
analysis is also presented.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on June 30, 2013.
Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
Khasnabish & JunSheng Expires June 30, 2013 [Page 1]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
This document may contain material from IETF Documents or IETF
Contributions published or made publicly available before November
10, 2008. The person(s) controlling the copyright in some of this
material may not have granted the IETF Trust the right to allow
modifications of such material outside the IETF Standards Process.
Without obtaining an adequate license from the person(s) controlling
the copyright in such materials, this document may not be modified
outside the IETF Standards Process, and derivative works of it may
not be created outside the IETF Standards Process, except to format
it for publication as an RFC or to translate it into languages other
than English.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5
3. Survey of other SDOs . . . . . . . . . . . . . . . . . . . . . 6
3.1. ARTS (The Association for Retail Technology Standards) . . 6
3.2. ATIS (Alliance for Telecommunications Industry
Solutions). . . . . . . . . . . . . . . . . . . . . . . . 6
3.2.1. ATIS SON (Service Oriented Networks) Forum. . . . . . 7
3.2.2. ATIS CSF (Cloud Services Forum). . . . . . . . . . . . 8
3.3. CCF (Cloud Computing Forum, Korea). . . . . . . . . . . . 12
3.4. CCIF (Cloud Computing Interoperability Forum). . . . . . . 13
3.5. CloudAudit . . . . . . . . . . . . . . . . . . . . . . . . 14
3.6. CCSA - Clouds . . . . . . . . . . . . . . . . . . . . . . 14
3.7. Cloud Computing Use Cases Group . . . . . . . . . . . . . 15
3.8. China Institute of Electronics. . . . . . . . . . . . . . 15
3.9. Cloud Operations and Security, Japan. . . . . . . . . . . 16
3.10. CSA (Cloud Security Alliance) . . . . . . . . . . . . . . 16
3.11. CSA/TCI (Cloud Security Alliance / Trusted Cloud
Initiative) . . . . . . . . . . . . . . . . . . . . . . . 17
3.12. DELTA Cloud . . . . . . . . . . . . . . . . . . . . . . . 18
3.13. DMTF (Distributed Management Task Force) . . . . . . . . . 19
3.13.1. CMWG (Cloud Management Working Group) . . . . . . . . 20
3.13.2. SVPC(System Virtualization, Partitioning, and
Clustering) . . . . . . . . . . . . . . . . . . . . . 21
3.13.3. CADF(Cloud Auditing Data Federation Working Group) . . 22
3.13.4. Cloud Incubator . . . . . . . . . . . . . . . . . . . 23
3.14. ENISA(European Network and Information Security Agency) . 24
3.15. ETSI STF 331 (Specialist Task Force on ICT GRID
Technologies Interoperability and Standardization) . . . . 25
3.16. ETSI TC GRID (Technical Committee Grid) . . . . . . . . . 26
3.17. GICTF (Global Inter-Cloud Technology Forum, Japan) . . . . 27
Khasnabish & JunSheng Expires June 30, 2013 [Page 2]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
3.18. IEEE SA (Standards Association) . . . . . . . . . . . . . 28
3.19. IETF/APP/SCIM . . . . . . . . . . . . . . . . . . . . . . 28
3.20. IETF/TSV Decade . . . . . . . . . . . . . . . . . . . . . 30
3.21. IETF/TSV/nfsv4 . . . . . . . . . . . . . . . . . . . . . . 32
3.22. IETF/OPS/netconf . . . . . . . . . . . . . . . . . . . . . 34
3.23. IETF/OPS/ARMD . . . . . . . . . . . . . . . . . . . . . . 35
3.24. IETF/RTG/NVO3 . . . . . . . . . . . . . . . . . . . . . . 36
3.25. IRTF/P2PRG . . . . . . . . . . . . . . . . . . . . . . . . 38
3.26. IRTF/VNRG . . . . . . . . . . . . . . . . . . . . . . . . 39
3.27. ISO/IEC JTC1 SC38 SGCC . . . . . . . . . . . . . . . . . . 39
3.27.1. Study Group on Cloud Computing(SGCC) . . . . . . . . . 40
3.27.2. Working Group 3 on Cloud Computing . . . . . . . . . . 40
3.28. ITU-T JCA-Cloud (Joint Coordination Activity on Cloud
Computing ) . . . . . . . . . . . . . . . . . . . . . . . 41
3.29. KCSA (Korea Cloud Service Association) . . . . . . . . . . 42
3.30. Liberty Alliance / Kantara Initiative . . . . . . . . . . 42
3.31. NCOIC (Network Centric Operations Industry Consortium) . . 43
3.32. NIST . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
3.33. OASIS . . . . . . . . . . . . . . . . . . . . . . . . . . 45
3.34. OCC . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
3.35. ODCA (Open Data Center Alliance) . . . . . . . . . . . . . 47
3.36. OGF / OCCI . . . . . . . . . . . . . . . . . . . . . . . . 48
3.37. OMA(Open Mobile Alliance) . . . . . . . . . . . . . . . . 51
3.38. OMG(Object Management Group) . . . . . . . . . . . . . . . 53
3.39. OCM (Open Cloud Manifesto) . . . . . . . . . . . . . . . . 54
3.40. OGC WG (Open Group Cloud Work Group) . . . . . . . . . . . 54
3.41. SNIA . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
3.42. Study group on Smart Cloud, Japan . . . . . . . . . . . . 57
3.43. TM Forum . . . . . . . . . . . . . . . . . . . . . . . . . 57
4. Summary and Analysis . . . . . . . . . . . . . . . . . . . . . 59
5. Security Considerations . . . . . . . . . . . . . . . . . . . 60
6. Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . 61
7. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 62
8. Appendix A: Cloud Standards WiKi. . . . . . . . . . . . . . . 63
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 64
10. Normative references . . . . . . . . . . . . . . . . . . . . . 65
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 66
Khasnabish & JunSheng Expires June 30, 2013 [Page 3]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
1. Introduction
This draft presents a survey of the SDOs related to cloud activities.
By conducting a comprehensive survey, gaps and overlaps in cloud
standards can be determined. This will allow us to determine the
IETF work that would be required to address the gaps. Once these
IETF work have been completed, seamless interoperability of cloud
services can be realized.
Khasnabish & JunSheng Expires June 30, 2013 [Page 4]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
2. Terminology
Cloud-based systems are conveniently-connected modular blocks of
resources
o Both physical and virtual modularizations of resources are
possible
o For this discussion, the resources include computing (CPU),
communications (network), memory, storage, management, database,
software, applications, services, interconnectivity, etc.
o The objective is to make the resources available ubiquitously for
mission-specific applications and services. These resources are
used to support the ultimate level of privacy/security,
scalability and reliability cost-effectively and without the
headache of owning and maintaining the infrastructure.
Clouds Discussion Archive:
http://www.ietf.org/mail-archive/web/clouds/current/maillist.html
NIST definition: http://csrc.nist.gov/groups/SNS/cloud-computing/
Service over Cloud
o Utilize (stitch, weave, embroider, ...) the virtualized resources
from cloud to provision, create, deliver, and maintain an End-to-
End Service
o Use the service only when you Need it
o Pay only for the time duration and type of use of service (include
the costs for resources used)
Khasnabish & JunSheng Expires June 30, 2013 [Page 5]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
3. Survey of other SDOs
3.1. ARTS (The Association for Retail Technology Standards)
The ARTS is dedicated to creating an open environment where both
retailers and technology vendors work together to create
international retail technology standards and to reduce the costs of
the technology. Recently, this group also started looking at
researching cloud computing and developing white papers to address
cloud issues. Cloud Computing team starts work on a "mini
RFP(Request for Proposal)" to help retailers evaluate cloud
strategies and solutions. ARTS is a separate council within the
NRF(National Retail Federation) governed by a council of retailers
and technology solution providers.
ARTS has four standards/Committees:
o UnifiedPOS - Committee Chair Paul Gay, Epson
o Data Model - Committee Chair Lynn Myers, Lowe's Companies
o ARTS XML - Committee Chair Tim Hood, SAP
o Standard RFPs - Committee Chair Ann McCool
ARTS Cloud Computing for Retail White Paper, Best Practices
Documents. This Cloud Computing for Retail whitepaper offers
unbiased guidance for achieving maximum results from this relatively
new technology. Version 1.0 represents a significant update to the
draft version released in October 2009, specifically providing more
examples of cloud computing in retail, as well as additional
information on the relationship to Service Oriented Architecture
(SOA) and constructing a Private Cloud.
Website:http://www.nrf-arts.org/
Status: Active.
Partnership/Coordination: NRF.
Language: English.
3.2. ATIS (Alliance for Telecommunications Industry Solutions).
ATIS prioritizes the industry's most pressing, technical and
operational issues, and creates interoperable, implementable, end to
end solutions -- standards when the industry needs them and where
they need them.
Khasnabish & JunSheng Expires June 30, 2013 [Page 6]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
Over 600 industry professionals from more than 250 communications
companies actively participate in ATIS committees and incubator
solutions programs.
ATIS develops standards and solutions addressing a wide range of
industry issues in a manner that allocates and coordinates industry
resources and produces the greatest return for communications
companies.
ATIS is accredited by the American National Standards Institute
(ANSI).
3.2.1. ATIS SON (Service Oriented Networks) Forum.
The SON Forum is addressing work to enable the interoperability and
implementation of Service Oriented Network (SON) applications and
services by developing standards, providing coordination for the
development of standards and practices, and facilitating related
technical activities. This forum is placing an emphasis on
telecommunications industry needs in collaboration with regional and
international standards development programs in the
telecommunications, IT and Web industries.
ATIS has three Working Areas:
o WORK AREA1:Policy and Data Models Work Area (PDM)
o WORK AREA2:OSS/BSS and Virtualization Work Area (OBV)
o WORK AREA3:Service Delivery Creation and Enablers Work Area (SDCE)
SON Forum Chair: Andrew White, Qwest
Son Forum Vice Chair:Gary Munson, AT&T
Website:http://www.atis.org/SON/index.asp
Status: Inactive (The activities have been transferred to ATIS CSF;
please see section 3.2.2 for details).
Partnership/Coordination:
o ANSI
o 3GPP(TBC)
Language: English.
Khasnabish & JunSheng Expires June 30, 2013 [Page 7]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
3.2.2. ATIS CSF (Cloud Services Forum).
The ATIS Board recently approved the launch of the Cloud Services
Forum (CSF). The Forum will focus, among other things, on the
operators' provision of cloud services, and develop a framework to
ensure integration of the network and IT. It will account for basic
APIs in the control plane layer of the network rather than as a
service on the network, define a minimum set of APIs to expose
between service providers, and define interoperability, security, and
standardization, among other things, between service provider clouds.
Drawing upon business use cases that leverage Cloud Services'
potential, the Forum will address industry priorities and develop
implementable solutions for the evolving Cloud marketplace.
Ultimately, the CSF will work to see that Cloud capabilities are
quickly operationalized and operators are able to offer managed
services.
Initial CSF objectives that are being discussed include:
o Cloud Service Framework for CDN;
o Developing a framework to ensure the integration of the network
and IT;
o Ascertaining basic APIs in the control plane layer of the network;
o Using industry input to define a minimum set of APIs to expose
between service providers; and
o Utilizing control plane layer interfaces to allow for a greater
network role.
Cloud Services Forum Active and Closed Issues:
o Common Service Enabler Description
Doc: http://www.atis.org/cloud/_Com/Docs/issue002.doc.
Status: Final Closure.
o Consistency of 3rd Party Interfaces
Doc: http://www.atis.org/cloud/_Com/Docs/issue003.doc.
Status: Final Closure.
Khasnabish & JunSheng Expires June 30, 2013 [Page 8]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o Common Name Space Requirements
Doc: http://www.atis.org/cloud/_Com/Docs/issue007.doc.
Status: Active.
o Cloud Service Framework for CDN
Doc: http://www.atis.org/cloud/_Com/Docs/issue0011.doc.
Status: Final Closure.
o Cloud-Based Inter-Provider Telepresence: Access Agnostic End to
end service flow (Service Architecture Document): In considering
Telepresence and VPNs Service Definitions
Doc: http://www.atis.org/cloud/_Com/Docs/issue0012.doc.
Status: Initial Closure.
o Charging for Cloud Services
Doc: http://www.atis.org/cloud/_Com/Docs/issue0014.doc.
Status: Active.
o Cloud Service Logging and Auditing
Doc: http://www.atis.org/cloud/_Com/Docs/issue0015.doc.
Status: Active.
o Cloud Services Control Plane
Doc: http://www.atis.org/cloud/_Com/Docs/issue0016.doc.
Status: Active.
o Cloud Services Checklist
Doc: http://www.atis.org/cloud/_Com/Docs/issue0017.doc.
Status: Active.
o Cloud Services Virtual Desktop Requirements
Doc: http://www.atis.org/cloud/_Com/Docs/issue0018.doc.
Khasnabish & JunSheng Expires June 30, 2013 [Page 9]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
Status: Active.
o Cloud Services Glossary and Acronyms
Doc: http://www.atis.org/cloud/_Com/Docs/issue0020.doc.
Status: Active.
o CDN Interconnection Use Cases & Requirements for Multicast-Based
Content Distribution
Doc: http://www.atis.org/cloud/_Com/Docs/issue0021.doc.
Status: Initial Closure.
o CDN Interconnection Use Cases & Requirements "C Release 2
Doc: http://www.atis.org/cloud/_Com/Docs/issue0022.doc.
Status: Active.
o Federation of Cloud Services and Networks for Service Delivery
Doc: http://www.atis.org/cloud/_Com/Docs/issue0024.doc.
Status: Active.
o Service provider requirements for VPN-Oriented Data Center
Services (VDCS)
Doc: http://www.atis.org/cloud/_Com/Docs/issue0025.doc.
Status: Active.
o Cloud Services Inter-Service Provider Billing Requirements
Doc: http://www.atis.org/cloud/_Com/Docs/issue0026.doc.
Status: Active.
o Cloud-Based Telepresence: Interconnect, Interoperability and
Architecture
Doc: http://www.atis.org/cloud/_Com/Docs/issue0027.doc.
Status: Active.
Cloud Services Forum Withdrawn Issues:
Khasnabish & JunSheng Expires June 30, 2013 [Page 10]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o Common Product Data Catalog Repository
Doc: http://www.atis.org/cloud/_Com/Docs/issue001.doc.
Status: Withdrawn.
o Standardization of WS-* Specifications
Doc: http://www.atis.org/cloud/_Com/Docs/issue004.doc.
Status: Withdrawn.
o Common Policy Reference Model, Syntax, and Semantics
Doc: http://www.atis.org/cloud/_Com/Docs/issue005.doc.
Status: Withdrawn.
o Common Data Model Requirements
Doc: http://www.atis.org/cloud/_Com/Docs/issue006.doc.
Status: Withdrawn.
o Packaging of OSS/BSS Components as Service Enablers
Doc: http://www.atis.org/cloud/_Com/Docs/issue008.doc.
Status: Withdrawn.
o IT Infrastructure Virtualization
Doc: http://www.atis.org/cloud/_Com/Docs/issue009.doc.
Status: Withdrawn.
o Guidelines for COTS/Third-Party Software Installation in a Cloud
Environment
Doc: http://www.atis.org/cloud/_Com/Docs/issue0010.doc.
Status: Withdrawn.
o Cloud Services Network-Network Interconnect
Doc: http://www.atis.org/cloud/_Com/Docs/issue0013.doc.
Khasnabish & JunSheng Expires June 30, 2013 [Page 11]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
Status: Withdrawn.
o Cloud Services Reference Framework
Doc: http://www.atis.org/cloud/_Com/Docs/issue0019.doc.
Status: Withdrawn.
o Landscape of Computing, Storage, and Network Virtualized Resources
for Cloud-based Services Offering
Doc: http://www.atis.org/cloud/_Com/Docs/issue0023.doc.
Status: Withdrawn.
CSF Chair: Andrew White, NSN
CSF Vice Chair: Dan Druta, AT&T
Website:http://www.atis.org/cloud/index.asp
Status: Active.
Partnership/Coordination:
o ANSI
o 3GPP(TBC)
Language: English.
3.3. CCF (Cloud Computing Forum, Korea).
Main mission of CCF:
o Constitute National level CC Forum
o Provide CC technology development and standardization activity
o Sharing CC technology information
o Study on CC adaptation method into Public sectors
o Support international standardization activity of CC
o Develop CC related Law and policy
CCF has six Working Groups:
Khasnabish & JunSheng Expires June 30, 2013 [Page 12]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o Group 1: Policy and Certification
o Group 2: CC Technology Framework
o Group 3: Media Cloud
o Group 4: Storage Cloud
o Group 5: CC Technology for Green IDC
o Group 6: Mobile Cloud
Chair: Mr. Son seung-won
Website:http://www.ccsf-kr.org/
Status: Active.
Partnership/Coordination: Not known.
Language: Korean, with some titles in English.
3.4. CCIF (Cloud Computing Interoperability Forum).
Goals
The CCIF was formed in order to enable a global cloud computing
ecosystem whereby organizations are able to seamlessly work together
for the purposes for wider industry adoption of cloud computing
technology and related services. A key focus will be placed on the
creation of a common agreed upon framework / ontology that enables
the ability of two or more cloud platforms to exchange information in
an unified manor.
Mission
CCIF is an open, vendor neutral, open community of technology
advocates, and consumers dedicated to driving the rapid adoption of
global cloud computing services. CCIF shall accomplish this by
working through the use open forums (physical and virtual) focused on
building community consensus, exploring emerging trends, and
advocating best practices / reference architectures for the purposes
of standardized cloud computing.
Note: CCIF is INACTIVE now.
CCIF comes up with a unified cloud interface (a.k.a. cloud broker)
whose features are as follows: unify various cloud APIs and abstract
Khasnabish & JunSheng Expires June 30, 2013 [Page 13]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
it behind an open and standardized cloud interface, that is, create
an API about other APIs. Proposed a UCI architecture.
CCIF has two Working Groups:
o Standard and Interoperability Working Group
o Unified Cloud Interface Working Group
Chair: Mr. Reuven Cohen (Enomaly Inc.)
Website:http://www.cloudforum.org/
Status: Inactive.
Partnership/Coordination: Not known.
Language: English.
3.5. CloudAudit
The goal of CloudAudit is to provide a common interface and namespace
that allows cloud computing providers to automate the Audit,
Assertion, Assessment, and Assurance (A6) of their infrastructure
(IaaS), platform (PaaS), and application (SaaS) environments and
allow authorized consumers of their services to do likewise via an
open, extensible and secure interface and methodology.
Automated Audit, Assertion, Assessment, and Assurance API (A6 Working
Group), officially launched in January 2010.
Chair: Mr. Christofer Hoff
Website:http://www.cloudaudit.org/
Status: Active.
Partnership/Coordination: Not known.
Language: English.
3.6. CCSA - Clouds
CCSA only follows up and evaluates the influence of cloud computing
on telecommunication network. The main focus of CCSA is on Cloud
Computing in Mobile Internet, Cloud Computing with P2P technology,
Resource Virtualization Application Mode and Operation Requirement,
etc.
Khasnabish & JunSheng Expires June 30, 2013 [Page 14]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
CCSA has two Clouds related Working Groups:
o TC2 WG1
o TC1 WG4
Website:http://www.ccsa.org.cn/
Status: Active.
Partnership/Coordination: Not known.
Language: English.
3.7. Cloud Computing Use Cases Group
The goal of this group is to bring together cloud consumers and cloud
vendors to define common use cases for cloud computing. The use
cases will demonstrate the performance and economic benefits of cloud
computing, and will be based on the needs of the widest possible
range of consumers.
The ToC of the latest version (V3) of the white paper includes
o Definitions and Taxonomy
o Use Case Scenarios
o Customer Scenarios
o Developer Requirements
o Security Scenarios
o Security Use Case Scenarios
Website:http://groups.google.com/group/cloud-computing-use-cases
Status: Active.
Partnership/Coordination: OCM.
Language: English.
3.8. China Institute of Electronics.
The goal of the CIA is to solve the emerged problems with the rapid
development of Cloud Computing, follows up the latest development of
Khasnabish & JunSheng Expires June 30, 2013 [Page 15]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
technologies related to Cloud Computing, strengthen communication and
cooperation in the domain of Cloud Computing, prompt the research and
application on the technology of Cloud Computing, and draw up
industry specification on Cloud Computing.
Clouds related Group: Cloud Computing Experts Association.
Chair: Mr. Li Deyi
Website:http://www.ciecloud.org/
Status: Active.
Partnership/Coordination: OCM.
Language: Chinese, with some titles in English.
3.9. Cloud Operations and Security, Japan.
Information Security Awareness Campaign to be jointly launched by the
public and private sectors. The Ministry of Economy, Trade and
Industry (METI), Symantec Corporation, Trend Micro Incorporated,
McAfee, Inc., and the Information-Technology Promotion Agency, Japan,
will jointly launch the campaign to strengthen information security
measures. As information technology (IT) penetrates further into
people's lives and socio-economic activities, Internet users face
higher risks of becoming victims of computer viruses, unauthorized
access or other security breaches. This campaign is aimed at
preventing such risks and increase people's awareness and knowledge
of precautions for the safe use of IT.
Website:http://www.meti.go.jp/english
Status: Active.
Partnership/Coordination: Not known.
Language: English.
3.10. CSA (Cloud Security Alliance)
The Cloud Security Alliance is a non-profit organization formed to
promote the use of best practices for providing security assurance
within Cloud Computing, and provide education on the uses of Cloud
Computing to help secure all other forms of computing.
The CSA is mainly focus on:
Khasnabish & JunSheng Expires June 30, 2013 [Page 16]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o Promoting a common level of understanding between the consumers
and providers of cloud computing regarding the necessary security
requirements and attestation of assurance.
o Promoting independent research into best practices for cloud
computing security.
o Launching awareness campaigns and educational programs on the
appropriate uses of cloud computing and cloud security solutions.
o Creating consensus lists of issues and guidance for cloud security
assurance.
8 Working Groups:
o Group 1: Architecture and Framework
o Group 2: Governance, Risk Management, Compliance, Audit, Physical,
BCM, DR
o Group 3: Legal and eDiscovery
o Group 4: Portability & Interoperability and Application Security
o Group 5: Identity and Access Mgt, Encryption & Key Mgt
o Group 6: Data Center Operations and Incident Response
o Group 7: Information Lifecycle Management & Storage
o Group 8: Virtualization and Technology Compartmentalization
Chair: Mr. Jim Reavis (Executive Director), Mr. Christofer Hoff
(Technical Director)
Website:http://www.cloudsecurityalliance.org/
Status: Active.
Partnership/Coordination: Not known.
Language: English.
3.11. CSA/TCI (Cloud Security Alliance / Trusted Cloud Initiative)
The Trusted Cloud Initiative will help cloud providers develop
industry-recommended, secure and interoperable identity, access and
compliance management configurations, and practices. We well develop
Khasnabish & JunSheng Expires June 30, 2013 [Page 17]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
reference models, education, certification criteria and a cloud
provider self-certification toolset in 2010.
The TCI hopes to publish the industry's first cloud security
certification by the end of 2010.
Chair: Mr. Liam Lynch (eBay), Mr. Nick Nikols (Novell)
Website:http://www.trusted-cloud.com/
Status: Active.
Partnership/Coordination: CSA(TBC).
Language: English.
3.12. DELTA Cloud
Deltacloud is a top-level project at the Apache Software Foundation
(ASF), having graduated from the ASF Incubator in October 2011.
Through a collaborative and meritocratic development process, Apache
projects deliver enterprise-grade, freely available software products
that attract large communities of users.
Apache Deltacloud is a REST-based (HATEOAS) cloud abstraction API,
that enables management of resources in different IaaS clouds using a
single API. A series of back-end drivers 'speak' each cloud
provider's native API and the Deltacloud Core Framework provides the
basis for implementing drivers as needed for other/new IaaS cloud
providers. Apache Deltacloud currently supports many back-end cloud
providers, as listed in Drivers.
The Apache Deltacloud project empowers its users in avoiding lockin
to any single cloud provider. Deltacloud provides an API abstraction
that can be implemented as a wrapper around a large number of clouds,
freeing users of cloud from dealing with the particulars of each
cloud's API.
Delta Cloud provides:
o A RESTful API for simple, any-platform access
o Support for all major cloud service providers
o Backward compatibility across versions, providing long-term
stability for scripts, tools and applications
Khasnabish & JunSheng Expires June 30, 2013 [Page 18]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o A separate CIMI frontend, as well as CIMI API compliance tests and
a simple CIMI client application.
The Deltacloud documentation is divided into the following parts:
o Installation, dependencies and quick-start
o REST API definition
o Information about currently supported drivers
o The Deltacloud Ruby client
o The libdeltacloud C library
Website:http://deltacloud.apache.org
Status: Active.
Language: English.
3.13. DMTF (Distributed Management Task Force)
DMTF enables more effective management of millions of IT systems
worldwide by bringing the IT industry together to collaborate on the
development, validation and promotion of systems management
standards.
Virtualization Management(VMAN) Initiative: VMAN unleashes the power
of virtualization by delivering broadly supported interoperability
and portability standards to virtual computing environments. As
another initiative based on the CIM and WBEM standards, the suite of
management standards helps IT managers deploy virtual computer
systems, discover/inventory virtual computer systems, manage the
lifecycle of virtual computer systems, create/modify/delete virtual
resources and monitor virtual systems for health and performance.
The VMAN initiative strives to promote standards for virtualization
management within the industry and enable vendors to implement
compliant, interoperable virtualization management solutions.
DMTF's Open Cloud Standards Incubator will focus on standardizing
interactions between cloud environments by developing cloud resource
management protocols, packaging formats and security mechanisms to
facilitate interoperability.
The Open Cloud Standards Incubator addresses the following aspects of
the lifecycle of a cloud service:
Khasnabish & JunSheng Expires June 30, 2013 [Page 19]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o description of the cloud service in a template
o deployment of the cloud service into a cloud
o offering of the service to consumers
o consumer entrance into contracts for the offering
o provider operation and management of instances of the service
o removal of the service offering
A DMTF partner initiative, SMI is a Storage Networking Industry
Association (SNIA) initiative to standardize interoperable storage
management technologies, based on the rich foundation provided by the
DMTF's CIM and WBEM specifications.
3.13.1. CMWG (Cloud Management Working Group)
Using the recommendations developed by DMTF's Open Cloud Standards
Incubator, the Cloud Management Working Group (CMWG) is focused on
standardizing interactions between cloud environments by developing
specifications that deliver architectural semantics and
implementation details to achieve interoperable cloud management
between service prociders and their consumers and developers.
DSP0263 Cloud Infrastructure Management Interface (CIMI) Model and
REST Interface over HTTP is an Interface for Managing Cloud
Infrastructure. This profile defines a logical model for the
management of resources within the Infrastructure as a Service
domain. A model was developed to address the use cases outlined in
the !oScoping Framework for Cloud Management Models and Protocol
Requirements!+/- document.
The most recent version of DSP4003 v1.3.0 (the Alliance Partner Work
Register Process document) approved by the DMTF board of directors on
June 8th, 2006 defines how an alliance partner work register is
created and the sequence of steps that are required before a work
register is approved and the alliance partnership is established.
WorkGroup Chair: Winston Bumpus, VMware Inc. wbumpus@vmware.com.
WorkGroup Chair: Mark Johnson, IBM. mwj@us.ibm.com.
Website:http://members.dmtf.org/apps/org/workgroup/cmwg/
Status: Active.
Khasnabish & JunSheng Expires June 30, 2013 [Page 20]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
Partnership/Coordination:
o CSA
o CompTIA(Computing Technology Industry Association )
o ECMA(Ecma International)
o OGF(Open Grid Forum)
o TGG(The Green Grid)
o TOG(The Open Group)
o OMG(Object Management Group)
o PWG(Printer Working Group)
o SNIA
o TMF(TeleManagement Forum)
o TCG(Trusted Computing Group)
o UEFI(Unified Extensible Firmware Interface)
Language: English.
3.13.2. SVPC(System Virtualization, Partitioning, and Clustering)
DMTF's SVPC includes a set of specifications that address the
management lifecycle of a virtual environment. SVPC's OVF (Open
Virtualization Format) specification provides a standard format for
packaging and describing virtual machines and applications for
deployment across heterogeneous virtualization platforms. SVPC's
profiles standardize many aspects of the operational management of a
heterogeneous virtualized environment.
OVF is a common packaging format for independent software vendors
(ISVs) to package and securely distribute virtual appliances,
enabling cross-platform portability. By packaging virtual appliances
in OVF, ISVs can create a single, pre-packaged appliance that can run
on customers' virtualization platforms of choice.
The key properties of the format are as follows:
o Optimized for distribution
Khasnabish & JunSheng Expires June 30, 2013 [Page 21]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o Optimized for a simple, automated user experience
o Supports both single VM and multiple
o Portable VM packaging
o Vendor and platform independent
o Extensible - OVF is immediately useful - and extensible
o Localizable - OVF supports user-visible descriptions in multiple
locales
Workgroup Chair: Mr. Lawrence Lamers, VMware Inc.
ljlamers@vmware.com.
Vice-Chair: Michael Johanssen, IBM. johanssn@de.ibm.com.
Website:http://www.dmtf.org/initiatives/vman_nitiative/
Status: Active.
Partnership/Coordination: DMTF.
Language: English.
3.13.3. CADF(Cloud Auditing Data Federation Working Group)
CADF is developing specifications for federating audit event data
from cloud providers which includes defining a normative,
prescriptive audit data format, event classification taxonomies,
interface definitions and a compatible interaction model.
The data format specification will include the constructs for
federating audit event data in the form of customized audit reports
and logs which preserves reference to source information on the
participating cloud resources.
Member use cases are now being accepted as input to the development
process in order to assure the data format and interface models
specified by the working group consumable by different customer
scenarios and implementations.
The WG deliverables:
o Cloud Audit Event Data Model Specification
Khasnabish & JunSheng Expires June 30, 2013 [Page 22]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o Cloud Audit Event API Specification
o Profiles of the Cloud Audit Event Data Model and Event API
Specifications which the CADF deems necessary.
o Protocol requirements delivered to the CMWG (or other groups if
they exist)
o Other documents and whitepapers which the Cloud Audit Working
Group deems necessary.
Workgroup Chair: Mr. Matthew Rutkowski, IBM.
Workgroup: Mr. David Corlette, Novell. johanssn@de.ibm.com.
Website:http://members.dmtf.org/apps/org/workgroup/cadf/
description.php
Status: Active.
Partnership/Coordination: DMTF, CSA, TOG(The Open Group).
Language: English.
3.13.4. Cloud Incubator
This Incubator was started in 2009. The goal of the Incubator is to
define a set of architectural semantics that unify the interoperable
management of enterprise and cloud computing. In July 2010 the
incubator delivered two important documents: Use Cases and
Interactions for Managing Clouds (DSP-IS0103) and Architecture for
Managing Clouds (DSP-IS0102).
These two documents together describe how standardized interfaces and
data formats can be used to manage clouds. The first document
focuses on the overall architecture, including requirements for the
architected interfaces in general (e.g., requirements on resource
model). The second document focuses on interactions and data
formats. The use cases involved resources include service resources
provision, changing and monitoring etc.
Incubator deliverables:
o Cloud taxonomy
o Cloud Interoperability whitepaper
Khasnabish & JunSheng Expires June 30, 2013 [Page 23]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o Informational specifications
o Proposed OVF changes for cloud usage
o Proposed Profiles for management of resources exposed by a cloud
o Proposed changes to other DMTF standards
o Requirements for trust for cloud resource management
o Work register(s) with appropriate alliance partners (See below)
Workgroup Chair: Mr. Billy Cox, Intel Corporation.
Website:http://members.dmtf.org/apps/org/workgroup/cloud/
description.php
Status: Active.
Partnership/Coordination: DMTF, SNIA.
Language: English.
3.14. ENISA(European Network and Information Security Agency)
ENISA is carrying out a risk assessment of cloud computing with input
from 30 experts from major companies and academic institutions. The
paper should provide an assessment of key risks and their mitigation
strategies in cloud computing.
ENISA Cloud Computing Risk Assessment
ENISA is carrying out a risk assessment of cloud computing with input
from 30 experts from major companies and academic institutions. The
paper should provide an assessment of key risks and their mitigation
strategies in cloud computing which will allow:
o European Policymakers to decide on research policy (to develop
technologies to mitigate risks)
o European Policymakers to decide on appropriate policy and economic
incentives, legislative measures, awareness-raising initiatives
etc... vis-a-vis cloud-computing technologies.
o Business leaders to evaluate the risks of adopting such
technologies and possible mitigation strategies. Individuals/
citizens to evaluate the cost/benefit of ----using the consumer
version of such applications.
Khasnabish & JunSheng Expires June 30, 2013 [Page 24]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
Executive Director, Dr Udo Helmbrecht
Website:http://www.enisa.europa.eu/
Status: Active.
Partnership/Coordination: EP3R(European Public-Private Partnership
for Resilience, http://ec.europa.eu/information_society/policy/nis/
strategy/activities/ciip/impl_activities/index_en.htm )
Language: English.
3.15. ETSI STF 331 (Specialist Task Force on ICT GRID Technologies
Interoperability and Standardization)
The Specialist Task Force (STF) addressed, in general, IT-Telecom
(Information Technology and Telecommunications) convergence and, in
particular, the lack of interoperable GRID solutions built by IT in
conjunction with the Telecom industry. At the request of TC GRID,
this scope was extended to include "cloud computing".
White paper:
o Grid and Cloud Computing Technology: Interoperability and
Standardization for the Telecommunications Industry, 2009.
Technical Report:
o ETSI TR 102 659-1 Study of ICT GRID interoperability gaps; Part 1:
Inventory of ICT Stakeholders V1.2.1, 2009-10
o ETSI TR 102 659-2 Study of ICT GRID interoperability gaps; Part 2:
List of identified Gaps V1.2.1, 2009-10
o ETSI TR 102 766 ICT GRID Interoperability Testing Framework and
survey of existing ICT Grid interoperability solutions V1.1.1,
2009-10
Technical Specification:
o TSI TS 102 786 ICT GRID Interoperability Testing Framework V1.1.1,
2009-10
Chair: Mr. Geoffrey Caryer (STF 331 team leader)
Website:http://portal.etsi.org/STFs/STF_HomePages/STF331/STF331.asp
Status: Active.
Khasnabish & JunSheng Expires June 30, 2013 [Page 25]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
Partnership/Coordination: ETSI
Language: English.
3.16. ETSI TC GRID (Technical Committee Grid)
Responsible for producing test specifications and standards to
integrate the use of telecommunications infrastructures in networked
computing, including both Grid computing and Cloud computing.
ETSI's Grid Technical Committee (TC GRID) is addressing issues
associated with the convergence of Information Technology (IT) and
telecommunications, paying particular attention to scenarios where
connectivity goes beyond the local network. This includes not only
Grid computing but also the emerging commercial trend towards Cloud
computing which places particular emphasis on ubiquitous network
access to scalable computing and storage resources. The vision is to
evolve towards a coherent and consistent general purpose
infrastructure, made up of interoperable elements ranging from small
devices up to supercomputers, connected by global networks and
capable of supporting communities ranging from individuals to whole
industries, and with applications in business, public sector,
academic and consumer environments.
Note: TC GRID will be renamed to TC Cloud shortly and start work on
standardization requirements for cloud services (ETSI TR 102 997)
Chair: Mr. Michael Fisher (BT Group Plc)
Website:http://portal.etsi.org/portal/server.pt/community/GRID/310
Status: Initiating TC Cloud.
Partnership/Coordination:
o ETSI TC TISPAN
o ETSI TC MTS
o ETSI CTI (Centre for Testing & Interoperability)
o ETSI Plugtests Events
o ITU-T
o Open Grid Forum, with which a Memorandum of Understanding has been
signed
Khasnabish & JunSheng Expires June 30, 2013 [Page 26]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o European Commission DG INFSO, DG ENTR
o NESSI European Technology Platform
Language: English.
3.17. GICTF (Global Inter-Cloud Technology Forum, Japan)
GICTF aims to promote standardization of network protocols and the
interfaces through which cloud systems interwork with each other, and
to enable the provision of more reliable cloud services than those
available today.
Main activities and goals
o Promote the development and standardization of technologies to use
cloud systems;
o Propose standard interfaces that allow cloud systems to interwork
with each other;
o Collect and disseminate proposals and requests regarding
organization of technical exchange meetings and training courses;
o Establish liaison with counterparts in the U.S. and Europe, and
promote exchange with relevant R&D teams.
Working Group
o General Assembly
o Board of Directors
o Technology Task Force
o Application Task Force
Chair: Prof. Tomonori Aoyama (Keio Univ.)
Website:http://www.gictf.jp/index_e.html
Status: Active.
Partnership/Coordination: Not known
Language: English.
Khasnabish & JunSheng Expires June 30, 2013 [Page 27]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
3.18. IEEE SA (Standards Association)
CLOUD 2009 is created to provide a prime international forum for both
researchers and industry practitioners to exchange the latest
fundamental advances in the state of the art and practice of Cloud
Computing, identify emerging research topics, and define the future
of Cloud Computing. http://www.thecloudcomputing.org/2009/2/
CLOUD 2010 tries to attract researchers, practitioners, and industry
business leaders in all the following areas to help define and shape
cloud computing, and its related modernization strategy and
directions of the services industry.
http://www.thecloudcomputing.org/2010/
IEEE SA collaborated with CSA in a cloud security standards survey,
and in some events related to cloud standards. A number of existing
IEEE standards is indirectly linked to cloud computing. Cloud
Security Alliance and IEEE Join Forces to Identify Cloud Security
Standards Requirements For IT Practitioners
General Chairs: Stephen S. Yau, Arizona State University, USA.
Liang-Jie Zhang, IBM T.J. Watson Research, USA
Program Chairs: Wu Chou, Avaya Labs Research, Avaya, USA. Adrezej M
Goscinski, Deakin University, Australia.
Application and Industry Track Chairs: Claudio Bartolini, HP Labs,
USA. Min Luo, IBM Software Group, USA
Website:http://standards.ieee.org/
Status: Active.
Partnership/Coordination: CSA
Language: English.
3.19. IETF/APP/SCIM
System for Cross-domain Identity Management (SCIM) WG Charter: The
System for Cross-domain Identity Management (SCIM) working group will
standardize methods for creating, reading, searching, modifying, and
deleting user identities and identity-related objects across
administrative domains, with the goal of simplifying common tasks
related to user identity management in services and applications.
"Standardize" does not necessarily mean that the working group will
develop new technologies. The existing specifications for "SCIM 1.0"
Khasnabish & JunSheng Expires June 30, 2013 [Page 28]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
provide RESTful interfaces on top of HTTP rather than defining a new
application protocol. That will be the basis for the new work.
Today, distributed identity management across administrative domains
is complicated by a lack of protocol and schema standardization
between consumers and producers of identities. This has led to a
number of approaches, including error-prone manual administration and
bulk file uploads, as well as proprietary protocols and mediation
devices that must be adapted to each service for each organization.
While there is existing work in the field, it has not been widely
adopted for a variety of reasons, including a lack of common
artifacts such as schema, toolsets, and libraries.
The SCIM working group will develop the core schema and interfaces
based on HTTP and REST to address these problems. Initially, the
group will focus on
o a schema definition
o a set of operations for creation, modification, and deletion of
users
o schema discovery
o read and search
o bulk operations
o mapping between the inetOrgPerson LDAP object class (RFC 2798) and
the SCIM schema
It will follow that by considering extensions for client targeting of
specific SCIM endpoints and SAML binding. The approach will be
extensible. The group will use, as starting points, the following
drafts in the following ways:
o draft-scim-use-cases-00 as the initial use cases for SCIM
o draft-scim-core-schema-00 as the schema specification
o draft-scim-api-00 as the protocol specification
These drafts are based on existing specifications, which together are
commonly known as SCIM 1.0. Because there is existing work with
existing implementations, some consideration should be given to
backward compatibility, though getting it right takes priority. This
group will consider the operational experience gathered from the
existing work, as well as experiences with work done by other bodies,
Khasnabish & JunSheng Expires June 30, 2013 [Page 29]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
including the OASIS Provisioning TC.
The use cases document will be a "living document", guiding the
working group during its development of the standards. The group may
take snapshots of that document for Informational publication, to
serve as documentation of the motivation for the work in progress and
to similarly guide planning and implementation.
The group will produce Proposed Standards for a schema, a REST-based
protocol, and a SAML binding, as well as an Informational document
defining an LDAP mapping. In doing so, the group will make the
terminology consistent, identify any functional gaps that would be
useful for future work, address internationalization, and provide
guidelines and mechanisms for extensibility.
In addition, the working group will ensure that the SCIM protocol
embodies good security practices. Given both the sensitivity of the
information being conveyed in SCIM messages and the regulatory
requirements regarding the privacy of personally identifiable
information, the working group will pay particular attention to
issues around authorization, authenticity, and privacy.
The group considers the following out of scope for this group:
o Defining new authentication schemes
o Defining new policy/authorization schemes
Area Director: Barry Leiba (barryleiba@computer.org)
Website:http://datatracker.ietf.org/wg/scim/
Status: Active.
Partnership/Coordination: IETF
Language: English.
3.20. IETF/TSV Decade
The Working Group (WG) will have three primary tasks.
First, the WG will identify target applications to appropriately
scope the problem and requirements. P2P applications are the primary
target, but suitability to other applications with similar
requirements may be considered depending on additional complexity
required to support such applications.
Khasnabish & JunSheng Expires June 30, 2013 [Page 30]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
Second, the WG will identify the requirements to enable target
applications to utilize in-network storage. Requirements will
include the ability for an application to (1) store, retrieve, and
manage data, (2) indicate access control policies for storing and
retrieving data suitable to an environment with users across multiple
administrative and security domains (e.g., in a P2P environment), and
(3) indicate resource control policies for storing and retrieving
data.
Third, the WG will develop an architecture within which the DECADE
protocol can be specified. This architecture will identify DECADE's
relationship to existing IETF protocols and where (if any) new
protocol is needed or extensions to existing protocols need to be
made.
The architecture will not specify a protocol or extension; if
development of a new protocol is needed, the WG will seek to
recharter for this purpose or might ask an existing WG to work on
such extensions.
The architecture will not specify a protocol or extension; if
development of a new protocol is needed, the WG will seek to
recharter for this purpose or might ask an existing WG to work on
such extensions.
The WG will focus on the following work items:
o A "problem statement" document. This document provides a
description of the problem and common terminology.
o A requirements document. This document lists the requirements for
the in-network storage service (e.g., supported operations) and
the protocol to support it. The service will include storing,
retrieving, and managing data as well as specifying both access
control and resource control policies in the in-network storage
pertaining to that data.
o A survey document. This document will survey existing related
mechanisms and protocols (e.g., HTTP, NFS, and WebDAV), and
evaluate their applicability to DECADE.
o An architecture document. This document will identify DECADE's
relationship with existing IETF protocols. Existing protocols
will be used wherever possible and appropriate to support DECADE's
requirements. In particular, data storage, retrieval, and
management may be provided by an existing IETF protocols. The WG
will not limit itself to a single data transport protocol since
different protocols may have varying implementation costs and
Khasnabish & JunSheng Expires June 30, 2013 [Page 31]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
performance tradeoffs.
However, to keep interoperability manageable, a small number of
specific, targeted, data transport protocols will be identified and
used. If new protocol development is deemed necessary, the WG will
be rechartered. It is not expected that all work items will be ready
for IESG review by that point, but WG consensus must show that
documents directing eventual protocol development (Requirements and
Architecture document) have stabilized. This permits adjustments to
such documents as necessary to maintain consistency as protocol
development is done.
The following issues are considered out-of-scope for the WG:
o Specification of policies regarding copyright-protected or illegal
content.
o Locating the "best" in-network storage location from which to
retrieve content if there are more than one location can provide
the same content.
o Developing a new protocol for data transport between P2P
applications and in-network storage.
Chairs: Richard Woundy(Richard_Woundy@cable.comcast.com), Haibin
Song(melodysong@huawei.com).
Area Director: Alexey Melnikov(alexey.melnikov@isode.com).
Website:https://datatracker.ietf.org/wg/decade/
Status: Active.
Partnership/Coordination:
o IRTF
o IASA/IAOC/Trust IANA
Language: English.
3.21. IETF/TSV/nfsv4
NFS Version 4 is the IETF standard for file sharing. To maintain NFS
Version 4's utility and currency, the working group is chartered to:
o maintain the existing NFSv4, NFSv4.1 and related specifications,
such as RPC and XDR,
Khasnabish & JunSheng Expires June 30, 2013 [Page 32]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o progress these specifications along the standards track,
o develop a protocol to create a federated namespace using NFSv4's
existing referral mechanisms.
Goals and Milestones:
o Done - Issue strawman Internet-Draft for v4
o Done - Submit Initial Internet-Draft of requirements document
o Done - Submit Final Internet-Draft of requirements document
o Done - AD reassesses WG charter
o Done - Submit v4 Internet-Draft sufficient to begin prototype
implementations
o Done - Begin Interoperability testing of prototype implementations
o Done - Submit NFS version 4 to IESG for consideration as a
Proposed Standard.
o Done - Conduct final Interoperability tests
o Done - Conduct full Interoperability tests for all NFSv4 features
o Done - Update API advancement draft
o Done - Form core design team to work on NFS V4 migration/
replication requirements and protocol
o Done - Submit revised NFS Version 4 specification (revision to RFC
3010) to IESG for consideration as a Proposed Standard
o Done - Strawman NFS V4 replication/migration protocol proposal
submitted as an ID
o Done - WG Last Call for RPC and NFS RDMA drafts
o Done - WG Last Call for rfc1831bis (RPC version 2)
o Done - WG Last Call for NFSv4.1 Object-based layout
o Done - WG Last Call for NFSv4 minor version 1
o Done - WG Last Call for NFSv4.1 block/volume layout
Khasnabish & JunSheng Expires June 30, 2013 [Page 33]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o Done - Submit NFS Minor Version 1 to IESG for publication as a
Proposed Standard
o Done - Submit Object-based pNFS Operations to IESG for publication
as a Proposed Standard
o Done - Submit pNFS Block/Volume Layout to IESG for publication as
a Proposed Standard
o May 2009 - WG Last Call for Requirements for Federated File
Systems draft-ietf-nfsv4-federated-fs-reqts-01
o Sep 2009 - WG Last Call for rfc3530bis (NFS version 4)
o Oct 2009 - WG Last Call for Administration Protocol for Federated
Filesystems draft-ietf-nfsv4-federated-fs-admin-00.txt
o Oct 2009 - WG Last Call for NSDB Protocol for Federated
Filesystems draft-ietf-nfsv4-federated-fs-protocol-00.txtwith
IPv6.
Additionally, it will create an IANA registry for RPC program numbers
and seed it with a registry Sun has been maintaining.
Chairs: Brian Pawlowski(beepy@netapp.com). Spencer
Shepler(spencer.shepler@gmail.com)
Website:http://tools.ietf.org/wg/nfsv4/charters
Status: Active.
Partnership/Coordination: IRTF
Language: English.
3.22. IETF/OPS/netconf
The NETCONF Working Group is chartered to produce a protocol suitable
for network configuration, with the following characteristics:
o Provides retrieval mechanisms which can differentiate between
configuration data and non-configuration data
o Is extensible enough so that vendors will provide access to all
configuration data on the device using a single protocol
o Has a programmatic interface (avoids screen scraping and
formatting-related changes between releases)
Khasnabish & JunSheng Expires June 30, 2013 [Page 34]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o Uses a textual data representation, that can be easily manipulated
using non-specialized text manipulation tools
o Supports integration with existing user authentication methods
o Supports integration with existing configuration database systems
o Supports network wide configuration transactions (with features
such as locking and rollback capability)
o Is as transport-independent as possible
o Provides support for asynchronous notifications
The NETCONF protocol is using XML for data encoding purposes, because
XML is a widely deployed standard which is supported by a large
number of applications.
The NETCONF protocol should be independent of the data definition
language and data models used to describe configuration and state
data.
Chair: Bert Wijnen(bertietf@bwijnen.net), Mehmet
Ersue(mehmet.ersue@nsn.com)
Website:http://datatracker.ietf.org/wg/netconf/
Status: Active.
Partnership/Coordination:
o IASA/IAOC/Trust IANA
o IRTF
Language: English.
3.23. IETF/OPS/ARMD
Address Resolution for Massive numbers of hosts in the Data center
(armd) WG Charter: Changing workloads in datacenters are having an
impact on the performance of current datacenter network designs. For
example, the use of virtual machines (VMs) as a means for deployment
and management of new services often results in a significant
increase in the number of hosts attached to the network. Various
requirements for the deployment of VMs in data center networks, such
as support for VM mobility, has led to architectures in which
broadcast domains are scaling up to span more switching devices and
Khasnabish & JunSheng Expires June 30, 2013 [Page 35]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
VM servers, and to interconnect more hosts (as represented by VMs).
In these deployment architectures, heavily used protocols that are
based on broadcast or multicast, such as ARP and ND, may contribute
to poor network performance. The armd Working Group will investigate
the impact of changing workloads and existing protocols on datacenter
network performance.
In its work, the armd Working Group will take into consideration work
done in data center networking standardization by other SDOs, such as
the IEEE 802.1 Data Center Bridging Task Group, and will communicate
and exchange information with these organizations.
Area Director: Ronald Bonica (rbonica@juniper.net)
Website:http://datatracker.ietf.org/wg/armd/
Status: Active.
Partnership/Coordination: IETF
Language: English.
3.24. IETF/RTG/NVO3
Network Virtualization Overlays (NVO3) WG Charter: Support for multi-
tenancy has become a core requirement of data centers (DCs),
especially in the context of data centers supporting virtualized
hosts known as virtual machines (VMs). Three key requirements needed
to support multi-tenancy are:
o Traffic isolation, so that a tenant's traffic is not visible to any
other tenant, and
o Address independence, so that one tenant's addressing scheme does
not collide with other tenant's addressing schemes or with addresses
used within the data center itself.
o Support the placement and migration of VMs anywhere within the data
center, without being limited by DC network constraints such as the
IP subnet boundaries of the underlying DC network.
An NVO3 solution (known here as a Data Center Virtual Private Network
(DCVPN)) is a VPN that is viable across a scaling range of a few
thousand VMs to several million VMs running on greater than one
hundred thousand physical servers. It thus has good scaling
properties from relatively small networks to networks with several
million DCVPN endpoints and hundreds of thousands of DCVPNs within a
Khasnabish & JunSheng Expires June 30, 2013 [Page 36]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
single administrative domain.
A DCVPN also supports VM migration between physical servers in a sub-
second timeframe.
Note that although this charter uses the term VM throughout, NVO3
must also support connectivity to traditional hosts e.g. hosts that
do not have hypervisors.
NVO3 will consider approaches to multi-tenancy that reside at the
network layer rather than using traditional isolation mechanisms that
rely on the underlying layer 2 technology (e.g., VLANs). The NVO3 WG
will determine which types of connectivity services are needed by
typical DC deployments (for example, IP and/or Ethernet).
NVO3 will document the problem statement, the applicability, and an
architectural framework for DCVPNs within a data center environment.
Within this framework, functional blocks will be defined to allow the
dynamic attachment / detachment of VMs to their DCVPN, and the
interconnection of elements of the DCVPNs over the underlying
physical network. This will support the delivery of packets to the
destination VM within the scaling and migration limits described
above.
Based on this framework, the NVO3 WG will develop requirements for
both control plane protocol(s) and data plane encapsulation
format(s), and perform a gap analysis of existing candidate
mechanisms. In addition to functional and architectural
requirements, the NVO3 WG will develop management, operational,
maintenance, troubleshooting, security and OAM protocol requirements.
The NVO3 WG will investigate the interconnection of the DCVPNs and
their tenants with non-NVO3 IP network(s) to determine if any
specific work is needed.
The NVO3 WG will write the following informational RFCs, which must
have completed Working Group Last Call before rechartering can be
considered:
o Problem Statement
o Framework document
o Control plane requirements document
o Data plane requirements document
Khasnabish & JunSheng Expires June 30, 2013 [Page 37]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o Operational Requirements
o Gap Analysis
Driven by the requirements and consistent with the gap analysis, the
NVO3 WG may request being rechartered to document solutions
consisting of one or more data plane encapsulations and control plane
protocols as applicable. Any documented solutions will use existing
IETF protocols if suitable. Otherwise, the NVO3 WG may propose the
development of new IETF protocols, or the writing of an applicability
statement for non-IETF protocols.
If the WG anticipates the adoption of the technologies of another
SDO, such as the IEEE, as part of the solution, it will liaise with
that SDO to ensure the compatibility of the approach.
Area Director: Stewart Bryant (stbryant@cisco.com)
Website:http://datatracker.ietf.org/wg/nvo3/
Status: Active.
Partnership/Coordination: IETF
Language: English.
3.25. IRTF/P2PRG
Overall, the field of P2P technologies presents a number of
interesting challenges which includes new methods for optimizing P2P
application overlays, performing routing and peer selection
decisions, managing traffic and discovering resources. Areas of
interest are also new techniques for P2P streaming and
interconnecting distinct P2P application overlays. Other challenges
for P2P are related to storage, reliability, and information
retrieval in P2P systems. Yet another challenging area is security,
privacy, anonymity and trust. Finally, it is challenging to examine
P2P systems that are deployed, for example, to measure, monitor and
characterize P2P applications. In addition to these areas of
research, it is of interest to investigate the requirements of new
applications (e.g., real-time P2P applications or P2P applications
for wireless networks) on the P2P technologies used. The P2P RG will
collaborate with academia and industry on making progress addressing
these challenges.
Chair: Volker Hilt(volkerh@bell-labs.com), Stefano
Previdi(sprevidi@cisco.com)
Khasnabish & JunSheng Expires June 30, 2013 [Page 38]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
Website:http://www.irtf.org/charter?gtype=rg&group=p2prg
Status: Active.
Partnership/Coordination: IETF
Language: English.
3.26. IRTF/VNRG
The Virtual Networks Research Group (VNRG) provides a forum for
interchange of ideas among a group of network researchers with an
interest in network virtualization in the context of the Internet and
also beyond the current Internet.
The VNRG will consider the whole system of a VN and not only single
components or a limited set of components; we will identify
architectural challenges resulting from VNs, addressing network
management of VNs, and exploring emerging technological and
implementation issues.
Initial set of work items:
o concepts/background/terminology
o common parts of VN architectures
o common problems/challenges in VN
o descriptions of appropriate uses
o some solutions (per-problem perhaps)
Chair: Joe Touch (touch@isi.edu), Martin Stiemerling
(stiemerling@nw.neclab.eu)
Website: http://irtf.org/concluded/vnrg
Status: Concluded.
Partnership/Coordination: IETF
Language: English.
3.27. ISO/IEC JTC1 SC38 SGCC
Khasnabish & JunSheng Expires June 30, 2013 [Page 39]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
3.27.1. Study Group on Cloud Computing(SGCC)
Terms of Reference:
o Provide a taxonomy, terminology and value proposition for Cloud
Computing.
o Assess the current state of standardization in Cloud Computing
within JTC1 and in other SDOs and consortia.
o Document standardization market/business/user requirements and the
challenges to be addressed.
o Liaise and collaborate with relevant SDOs and consortia related to
Cloud Computing.
o Hold workshops to gather requirements as needed.
o Provide a report of activities and recommendations to SC38.
3.27.2. Working Group 3 on Cloud Computing
Terms of Reference:
o Identify, develop, and maintain JTC 1 deliverables initially in
the field of Cloud Computing Reference Architecture and Terms and
Definitions.
o Investigate the requirements for new work in the areas of Use case
Analysis Methodology and Principle of Cloud Service Delivery, as
provided in Clause 5.2 of the Study Group Report on Cloud
Computing (SC 38 N 430).
o As a basis for the evaluation and development of new work, utilize
a use case-based methodology as described in the SC 38 Study Group
Report on Cloud Computing (SC 38 N 430) as appropriate.
o Support SC 38 goals and respond to requests pertaining to Cloud
Computing initiated by SC 38, JTC 1 and external Liaison
organizations.
o Liaise and collaborate with SDOs and consortia related to Cloud
Computing as appropriate.
o Maintain future JTC 1 PAS and Fast Track submissions assigned to
SC 38 in the area of Cloud Computing and Virtualization.
SC38 Chairman: Dr. Donald Deutsch (USA)
Khasnabish & JunSheng Expires June 30, 2013 [Page 40]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
SC38 Secretary: Ms. Marisa Peacock (USA)
SGCC Convenor: Dr. Seungyun Lee (Korea)
Website:http://www.iso.org/iso/standards_development/
technical_committees/list_of_iso_technical_committees/
iso_technical_committee.htm?commid=601355
Status: Active.
Partnership/Coordination:
o IEEE
o IETF
Language: English.
3.28. ITU-T JCA-Cloud (Joint Coordination Activity on Cloud Computing )
The TSAG (January 2012 meeting) agreed the establishment of the Joint
Coordination Activity on Cloud Computing (JCA-Cloud) with SG 13 as
parent group (Cf. TSB Circular 261,
http://www.itu.int/md/T09-TSB-CIR-0261/en).
The scope of JCA-Cloud is coordination of the ITU-T cloud computing
standardization work within ITU-T and coordination of the
communication with standards development organizations and forums
also working on Cloud Computing protocols and standards.
JCA-Cloud is open to ITU Members and designated representatives of
relevant Standards Development Organizations and Forums
(http://www.itu.int/en/ITU-T/jca/Cloud/Pages/relevant-sdos.aspx).
The terms of reference (ToR) can be found at the website: http://
www.itu.int/en/ITU-T/jca/Cloud/Documents/ToR/ToR%20JCA%20Cloud.pdf.
Chair: Monique Morrow (Cisco)).
Website: http://www.itu.int/en/ITU-T/jca/Cloud/Pages/default.aspx
Status: Active.
Partnership/Coordination: Many
(http://www.itu.int/en/ITU-T/jca/Cloud/Pages/relevant-sdos.aspx)
Language: English.
Khasnabish & JunSheng Expires June 30, 2013 [Page 41]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
3.29. KCSA (Korea Cloud Service Association)
Main mission of KCSA:
o Create demand of Cloud service
o Create Cloud service activation framework and its environments
o Disseminate and promote Cloud service to public sectors
Chair: Mr. Choi Do-Hwan
Website:http://www.kcsa.or.kr/index.jsp
Status: Active.
Partnership/Coordination: Not known.
Language: English.
3.30. Liberty Alliance / Kantara Initiative
As of June 2009, the work of the Liberty Alliance is transitioning to
the Kantara Initiative.
The vision of Liberty Alliance is to enable [a networked world] web
services based on open standards where consumers, citizens,
businesses and governments can more easily conduct online
transactions while protecting the privacy and security of identity
information.
o Build open standard-based specifications for federated identity
and identity-based Web services.
o Drive global identity theft prevention solutions.
o Provide interoperability testing.
o Offer a formal certification program for products utilizing
Liberty specifications.
o Establish best practices, rules, liabilities, and business
guidelines.
o Collaborate with other standards bodies, privacy advocates, and
government policy groups.
Khasnabish & JunSheng Expires June 30, 2013 [Page 42]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o Address end user privacy and confidentiality issues.
Kantara Initiative: Bridging and harmonizing the identity community
with actions that will help ensure secure, identity-based, online
interactions while preventing misuse of personal information so that
networks will become privacy protecting and more natively trustworthy
environments.
Managing Director: Mr. Joni Brennan
Website:http://www.projectliberty.org/, http://kantarainitiative.org/
Status: New Initiative.
Partnership/Coordination: Not known.
Language: English.
3.31. NCOIC (Network Centric Operations Industry Consortium)
The Network Centric Operations Industry Consortium is a global, not-
for-profit organization dedicated to advancing interoperability via
network centric operations. NCOIC has formed a Cloud Computing
Working Group that will investigate ways to leverage clouds to
support global interoperability. NCOIC's 90 member organizations
from 19 nations will advocate for open standards and, on reaching
consensus, will make voice of industry recommendations about their
applicability. Further, NCOIC will develop operational and
capability patterns that can enable our customers-in military,
aviation, emergency response and cyber security-to achieve
portability of information and services from cloud to cloud.
Managing Director: TBD
Website:https://www.ncoic.org/about/
Status: Initiative.
Partnership/Coordination: Not known.
Language: English.
3.32. NIST
NIST's role in cloud computing is to promote the effective and secure
use of the technology within government and industry by providing
technical guidance and promoting standards.
Khasnabish & JunSheng Expires June 30, 2013 [Page 43]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
Cloud computing is a model for enabling convenient, on-demand network
access to a shared pool of configurable computing resources (e.g.,
networks, servers, storage, applications, and services) that can be
rapidly provisioned and released with minimal management effort or
service provider interaction.
Essential Characteristics:
o On-demand self-service. A consumer can unilaterally provision
computing capabilities, such as server time and network storage,
as needed automatically without requiring human interaction with
each service's provider.
o Broad network access. Capabilities are available over the network
and accessed through standard mechanisms that promote use by
heterogeneous thin or thick client platforms (e.g., mobile phones,
laptops, and PDAs).
o Resource pooling. The provider's computing resources are pooled
to serve multiple consumers using a multi-tenant model, with
different physical and virtual resources dynamically assigned and
reassigned according to consumer demand. There is a sense of
location independence in that the customer generally has no
control or knowledge over the exact location of the provided
resources but may be able to specify location at a higher level of
abstraction (e.g., country, state, or datacenter). Examples of
resources include storage, processing, memory, network bandwidth,
and virtual machines.
o Rapid elasticity. Capabilities can be rapidly and elastically
provisioned, in some cases automatically, to quickly scale out and
rapidly released to quickly scale in. To the consumer, the
capabilities available for provisioning often appear to be
unlimited and can be purchased in any quantity at any time.
o Measured Service. Cloud systems automatically control and
optimize resource use by leveraging a metering capability at some
level of abstraction appropriate to the type of service (e.g.,
storage, processing, bandwidth, and active user accounts).
Resource usage can be monitored, controlled, and reported
providing transparency for both the provider and consumer of the
utilized service.
Working Group:
o Cryptographic Technology
Khasnabish & JunSheng Expires June 30, 2013 [Page 44]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o Systems & Emerging Technologies Security Research
o Security Management & Assurance
o CMVP & CAVP - (now part of Security Management & Assurance)
Chair: Mr. Peter Mell(mell@nist.gov)
Website:http://csrc.nist.gov/groups/SNS/cloud-computing/
Status: Active.
Partnership/Coordination: Not known.
Language: English.
3.33. OASIS
OASIS is a not-for-profit consortium that drives the development,
convergence and adoption of open standards for the global information
society. The consortium produces more Web services standards than
any other organization along with standards for security, e-business,
and standardization efforts in the public sector and for application-
specific markets. OASIS sees Cloud Computing as a natural extension
of SOA and network management models. Related standards are:
o Security, access and identity policy standards -- e.g., OASIS
SAML, XACML, SPML, WS-Security Policy, WS-Trust.
o Content, format control and data import/export standards -- e.g.,
OASIS ODF.
o Registry, repository and directory standards -- e.g., OASIS ebXML
and UDDI.
o SOA methods and models, network management, service quality and
interoperability -- e.g., OASIS SOA-RM, and BPEL.
OASIS specifications are available here.
http://www.oasis-open.org/specs/
OASIS Committees by Category
o Adoption Services
o Computing Management
Khasnabish & JunSheng Expires June 30, 2013 [Page 45]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o Document-Centric Applications
o e-Commerce
o Law & Government
o Localisation
o Security
o SOA
o Standards Adoption
o Supply Chain
o Web Services
o XML Processing
Website:http://www.oasis-open.org
Status: Active.
Partnership/Coordination: Not known.
Language: English.
3.34. OCC
The OCC is a member driven organization that supports the development
of standards for cloud computing and frameworks for interoperating
between clouds, develops benchmarks for cloud computing, and supports
reference implementations for cloud computing.
The OCC also manages testbeds for cloud computing, such as the Open
Cloud Testbed, and operates clouds computing infrastructure to
support scientific research, such as the Open Science Data Cloud.
OCC Working Group.
o Working Group on Standards and Interoperability For Large Data
Clouds
o The Open Cloud Testbed Working Group
o The Open Science Data Cloud (OSDC) Working Group
Khasnabish & JunSheng Expires June 30, 2013 [Page 46]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o Intercloud Testbed Working Group
Website:http://opencloudconsortium.org/
Status: Active.
Partnership/Coordination(Contributing Members and Partners):
o Calit2
o Johns Hopkins University
o National Lambda Rail
o University of Chicago
Language: English.
3.35. ODCA (Open Data Center Alliance)
The Open Data Center Alliance (ODCA) was formed in 2010 as a unique
consortium of leading global IT organizations. ODCA's focus is to
deliver a unified voice for emerging data center and cloud computing
requirements. The mission of ODCA is to speed the migration to cloud
computing by enabling the solution and service ecosystem to address
IT requirements with the highest level of interoperability and
standards. This includes:
o Identifying customer requirements for corporate adoption and
deployment of cloud computing
o Defining usage models for these requirements based on open,
industry-standard, multi-vendor solutions that support a vision of
secure federation, automation, common management, and transparency
o Influencing industry innovation with:
* Collective membership commitment to use Alliance usage models
to guide corporate planning and purchasing of data center
resources
* Solution Provider member commitment to prioritize solution
delivery based on Alliance Usage Model requirements
o Collaborating with industry standards bodies to define standards
development aligned with Alliance priorities.
ODCA established technical workgroups in five categories that cover
Khasnabish & JunSheng Expires June 30, 2013 [Page 47]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
essential areas of cloud computing:
o Infrastructure: Related to core infrastructure of a cloud,
including cloud data centers, access devices, and platforms. Use
cases will span compute, storage, network, and facilities.
o Management: Related to effective management of the cloud and cloud
services to meet cloud subscriber, cloud provider, end user, and
intermediary objectives.
o Regulation and Ecosystem: Use cases and patterns where government
regulations help or hinder cloud adoption. Also included are
ecosystem practices that impede cloud models and/or render the
models inefficient (for example, licensing).
o Security: Use cases that highlight security needs of the cloud,
particularly where significant user concerns limit adoption.
o Services: Related to the kinds of cloud services and ways they
might be used. This category is driven by dominant and emerging
business models in the cloud.
Website:http://www.opendatacenteralliance.org/
Status: Active.
Partnership/Coordination(Contributing Members and Partners):
o CSA
o DMTF
o TM Forum
o OASIS
o Open Computer Project
Language: English.
3.36. OGF / OCCI
OGF is an open community committed to driving the rapid evolution and
adoption of applied distributed computing. Applied Distributed
Computing is critical to developing new, innovative and scalable
applications and infrastructures that are essential to productivity
in the enterprise and within the science community. OGF accomplishes
its work through open forums that build the community, explore
Khasnabish & JunSheng Expires June 30, 2013 [Page 48]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
trends, share best practices and consolidate these best practices
into standards.
The purpose of the OCCI group is the creation of a practical solution
to interface with Cloud infrastructures exposed as a service (IaaS).
It will focus on a solution which covers the provisioning, monitoring
and definition of Cloud Infrastructure services. The group should
create this API in an agile way as we can have advantages over other
groups if we deliver fast. Overlapping work and efforts will be
contributed and synchronized with other groups.
OCCI is a RESTful-based network Protocol and API for managing cloud
computing infrastructure. It has since evolved into an extensible
API with a strong focus on interoperability while still offering a
high degree of extensibility. The current release of the OCCI is
suitable to serve many other models in addition to IaaS, including
e.g. PaaS and SaaS.
OCCI are described from three aspects.
o OCCI Core Mode.
* Core Mode defines a representation of resource types which is
an abstraction of real-world resources, including the means to
identify, classify, associate and extend those resources.
* Any resource exposed through OCCI is a Resource or a sub-type
thereof. The Resource type contains a number of common
attributes that Resource sub-types inherit. The Resource type
is complemented by the Link type which associates one Resource
instance with another. The Link type contains a number of
common attributes that Link sub-types inherit.
* OCCI Core Model types include Category, Kind, Mixin, Action,
Entity, Resource and Link.
o OCCI Rendering.
* OCCI Rendering types include HTTP Header, XHTML5, etc.
* OCCI Rendering is a lightweight yet all-encompassing means to
describe infrastructure.
* It provides the capability to send a native (e.g. OVF, VMX)
representation for clients that can digest such a native
rendering.
Khasnabish & JunSheng Expires June 30, 2013 [Page 49]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o OCCI Infrastructure Model
* OCCI Infrastructure Model describes a particular OCCI
Infrastructure extension for the IaaS domain.
* The main infrastructure types defined within OCCI
Infrastructure are:
+ Compute. Information processing resources.
+ Network. Interconnection resource and represents a L2
networking resource.
+ Storage. Information recording resources.
* Link sub-types for the Resource types are the following:
+ NetworkInterface connects a Compute instance to a Network
instance.
+ StorageLink connects a Compute instance to a Storage
instance.
The OCC also manages testbeds for cloud computing, such as the Open
Cloud Testbed, and operates clouds computing infrastructure to
support scientific research, such as the Open Science Data Cloud.
Areas of work of the OGF Standards Function.
o Applications
o Architecture
o Compute
o Data
o Infrastructure
o Liaison
o Management
o Security
Open Cloud Computing Interface WG (occi-wg), Thijs Metsch Chair, Andy
Edmonds Chair, Alexis Richardson Chair, Sam Johnston Secretary
Khasnabish & JunSheng Expires June 30, 2013 [Page 50]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
Website:http://www.ogf.org/, http://www.occi-wg.org/doku.php
Status: Active.
Partnership/Coordination:
o IETF
o W3C(World Wide Web Consortium)
o OASIS
o DMTF
o SNIA
o WS-I(Web Services Interoperability Organization)
Language: English.
3.37. OMA(Open Mobile Alliance)
OMA is the leading industry forum for developing market driven,
interoperable mobile service enablers.
OMA has developed OMA Cloud Computing White Paper v1.0 which
identifies the following areas of interest as potential future
developments opportunities:
1. The development and support of Cloud Computing related O&M
functionality with OMA enablers.
2. To extend the OMA Mobile Commerce and Charging area.
3. To evaluate the need of developing new activities/work item to
enable the 'Virtualized Experience' in Cloud Computing. OMA has
established a new work item namely 'Unified Virtual Experience'
i.e. use cases and requirements for Unified Virtual Experience
(UVE) Enabler.
4. To extend the OMA Security area.
Recently OMA is continuing extension of OMA Cloud Computing White
Paper v1.0, i.e. the study of how OMA enablers need to be modified to
be useful in the Cloud Computing environment. The scope of this new
version v2.0 focuses on:
Khasnabish & JunSheng Expires June 30, 2013 [Page 51]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o More detailed gap analysis with other SDOs and start a dialogue/
collaboration with them.
o More gap analysis on other OMA areas, e.g.:
* Person-to-Person Communication area.
* Service Customization area.
* End-to-end Efficiency aspect.
o More recommendations of the future work in OMA.
The goals of such analysis and recommendation in this White Paper
are:
o to consider a cloud delivery model as a converged platform to
deliver IT and communication services over any network (fixed,
mobile,..) and used by any end user connected devices (PC, TV,
Smart Phone, M2M!).
o to facilitate the operators to deliver a rich set of communication
services (voice & video call, audio, video & web conf, messaging,
unified communication, content creation, broadcasting...).
Moreover the network services should be seen as smart pipes
!ohigh-grade network!+/- for cloud services transport and cloud
interconnection (inter-cloud) in order to guarantee secure and
high performance end-to-end quality of service QoS for end users
(considered as an important key differentiator for
telecommunication players).
Working Group: BOD CLOUD
Chair: Bin Hu(Huawei Technologies Co., Ltd, bin.hu@huawei.com )
DSO: John Mudge(OMA, jmudge@omaorg.org )
Website: http://www.openmobilealliance.org/
Status: Active.
Partnership/Coordination: None
Language: English.
Khasnabish & JunSheng Expires June 30, 2013 [Page 52]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
3.38. OMG(Object Management Group)
The Cloud Standards Coordination Group is committed to development of
a joint resource on cloud computing strategies, standards and
implementations. Different SDOs are bringing together different but
complementary abilities: storage, execution models, deployment
models, service level agreements, security, authentication, privacy.
Specific cloud-related specification efforts have only just begun in
OMG, focusing on modeling deployment of applications & services on
clouds for portability, interoperability & reuse. Relevant
committees include Analysis & Design Task Force (ADTF) and SOA
Special Interest Group (SOA SIG).
Working Group:
o Architecture Board
o Platform Technology Committee
o Domain Technology Committee
Website:http://www.omg.org/
Status: Active.
Partnership/Coordination:
o ASC X12
o ASC T1M1
o CEN/ISSS (Information Society Standardization System)
o DICOM (Digital Imaging and Communications in Medicine)
o DMTF (Distributed Management Task Force)
o ECMA (European Computer Manufacturers Association.)
o FIPA (Foundation for Intelligent Physical Agents)
o HL7 (Health Level Seven)
o ICT-SB (Information and Communications Technology Standards Board)
o IEEE 1226
Khasnabish & JunSheng Expires June 30, 2013 [Page 53]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
o ISO
o ITU-T Standardization Sector
o NCPDP (National Council for Prescription Drug Programs)
o Parlay
o SDRF - Software Defined Radio Forum
o SWIFT (The Society for Worldwide International Financial
Telecommunication)
o TMForum (TeleManagement Forum)
o 3GPP
Language: English.
3.39. OCM (Open Cloud Manifesto)
The Open Cloud Manifesto establishes a core set of principles to
ensure that organizations will have freedom of choice, flexibility,
and openness as they take advantage of cloud computing. While cloud
computing has the potential to have a positive impact on
organizations, there is also potential for lock-in and lost
flexibility if appropriate open standards are not identified and
adopted.
To open the cloud computing, the rules specified by the OCM need be
referenced.
Website:http://www.opencloudmanifesto.org/
Status: Active.
Partnership/Coordination: CCIF(Inactive)
Language: English.
3.40. OGC WG (Open Group Cloud Work Group)
The Open Group Cloud Work Group exists to create a common
understanding among buyers and suppliers of how enterprises of all
sizes and scales of operation can include Cloud Computing technology
in a safe and secure way in their architectures to realize its
significant cost, scalability and agility benefits.
Khasnabish & JunSheng Expires June 30, 2013 [Page 54]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
To open the cloud computing, the rules specified by the OCM need be
referenced.
Chair: Mr. David Lounsbury (VP Government Programs, The Open Group)
Website:http://www.opengroup.org/cloudcomputing/
Status: Active.
Partnership/Coordination: Not known.
Language: English.
3.41. SNIA
SNIA Mission:
Lead the storage industry worldwide in developing and promoting
standards, technologies, and educational services to empower
organizations in the management of information.
SNIA's Forums and Initiatives include:
o the Cloud Storage Initiative,
o the Data Management Forum,
o the Green Storage Initiative,
o the Ethernet Storage Forum,
o Storage Management Initiative,
o Solid State Storage Initiative,
o the Storage Security Industry Forum
o the XAM Initiative
The Cloud Data Management Interface (CDMI) defines the functional
interface that applications will use to create, retrieve, update and
delete data elements from the Cloud. As part of this interface the
client will be able to discover the capabilities of the cloud storage
offering and use this interface to manage containers and the data
that is placed in them. In addition, metadata can be set on
containers and their contained data elements through this interface.
This interface is also used by administrative and management
Khasnabish & JunSheng Expires June 30, 2013 [Page 55]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
applications to manage containers, accounts, security access and
monitoring/billing information, even for storage that is accessible
by other protocols. The capabilities of the underlying storage and
data services are exposed so that clients can understand the
offering.
Metadata is a convenient mechanism in managing large amounts of data
with differing requirements through expressing those requirements in
such a way that underlying data services differentiate their
treatment of the data to meet those requirements.
Resource types which are accessed through RESTful interface include:
o Container.
o Accounting.
o DataObject.
* Files.
* Block Devices.
* Object Stores.
* Database Tables.
o Capability.
Storage Management Initiative Specification (SMI-S) defines a method
for the interoperable management of a heterogeneous Storage Area
Network (SAN), and describes the information available to a WBEM
Client from an SMI-S compliant CIM Server and an object-oriented,
XML-based, messaging-based interface designed to support the specific
requirements of managing devices in and through SANs.
The eXtensible Access Method (XAM) Interface specification defines a
standard access method (API) between "Consumers" (application and
management software) and "Providers" (storage systems) to manage
fixed content reference information storage services. XAM includes
metadata definitions to accompany data to achieve application
interoperability, storage transparency, and automation for ILM-based
practices, long term records retention, and information security.
XAM will be expanded over time to include other data types as well as
support additional implementations based on the XAM API to XAM
conformant storage systems.
Website:http://www.SNIA.org
Khasnabish & JunSheng Expires June 30, 2013 [Page 56]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
Status: Active.
Partnership/Coordination:
o ARMA (Association of Records Managers and Administrators)
International
o DMTF
o Eclipse Aperi Storage Management Project
o FCIA (Fibre Channel Industry Association)
o OGF (Open Grid Forum)
o The Green Grid
Language: English.
3.42. Study group on Smart Cloud, Japan
Ministry of Internal Affairs and Communications of Japan holds study
group meetings on smart cloud collecting key people from the academia
and the industry in Japan. They surveyed the current status of cloud
computing and identified important issues from the viewpoints of
technologies, standardization and international cooperation.
Professor Emeritus Hideo Miyahara, Osaka University
Website: http://www.soumu.go.jp
Status: Active.
Partnership/Coordination: Not known.
Language: Japanese.
3.43. TM Forum
The primary objective of TM Forum's Cloud Services Initiative is to
help the industry overcome the barriers and assist the growth of a
vibrant commercial marketplace for cloud based services. The
centerpiece of this initiative is an ecosystem of major buyers and
sellers who will collaborate to define a range of common approaches,
processes, metrics and other key service enablers.
TM Forum's vision is to ensure acceleration of service
standardization and commoditization in an effective and efficient
Khasnabish & JunSheng Expires June 30, 2013 [Page 57]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
marketplace of cloud computing services in all global geographies,
through alignment with the needs of the world's largest IT buyers.
Enterprise Cloud Buyers Council Goals are:
o to foster an effective and efficient marketplace for cloud compute
infrastructure and services across all industry verticals and
global geographies;
o Accelerate standardization and commoditization of cloud services,
and identifying common commodity processes best consumed as a
service;
o Solicit definition for standardized core and industry-specific
SKUs for cloud services;
o Achieve transparency of cost, service levels and reporting across
the ecosystem;
o Enable benchmarking of services across service providers and
geographies;
o Enable vendor measurement against normalized and agreed service
level metrics;
o Radically reduce cost of acquisition and operations for commodity
compute & services.
James Warner, head of Cloud computing TM Forum.
Website: http://www.tmforum.org/
Status: Active.
Partnership/Coordination: Not known.
Language: English.
Khasnabish & JunSheng Expires June 30, 2013 [Page 58]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
4. Summary and Analysis
This survey shows that there are a variety of ways to virtualize
computing and communication resources in order to support both
client-side and server-side applications and services. Many of these
services tend to utilize resources across multiple administrative,
technology, and geographical domains. Since there is no unified and
universally acceptable protocol and mechanism to define the mobility
of resources across domains, the early implementers tend to utilize
the features and functions of the existing IETF protocols along with
their proprietary modifications or extensions in order to achieve
their goals.
In addition to using a virtualization layer (VM layer), a thin Cloud
operating system (OS) layer may be useful to hide the complexity,
specificity, and regionality (locality) of the resources.
We also observe that different SDOs are trying to develop many
different methods for logging and reporting of resource usage for
Cloud services. This will create auditing transparency problems
which may negatively impact the development of security and service
level agreement features.
At the end, these may in fact result in an increase in the effective
cost for services that utilize the cloud based systems and networks,
violating the very foundation on which the concept of utilizing cloud
is based on.
Khasnabish & JunSheng Expires June 30, 2013 [Page 59]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
5. Security Considerations
To be added later, on as-needed basis.
Khasnabish & JunSheng Expires June 30, 2013 [Page 60]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
6. Conclusion
We have presented a survey of the activities of Cloud SDOs along with
a simple early analysis. This survey has revealed that different
SDOs are utilizing or expect to utilize a set of common IETF
protocols for cloud services, and some time they modify or extend
these protocols in order to satisfy their niche objectives.
These will not only cause interoperability problems, but may also
negatively impact further development of protocols and services in
this very important area of cloud computing and networking. IETF is
the best organization to address these issues.
Khasnabish & JunSheng Expires June 30, 2013 [Page 61]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
7. Acknowledgement
To be added later.
Khasnabish & JunSheng Expires June 30, 2013 [Page 62]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
8. Appendix A: Cloud Standards WiKi.
http://cloud-standards.org/wiki/index.php?title=Main_Page
This WiKi Website documents the coordination activities of the
various SDOs working on Cloud standards. You can find related Cloud
SDOs the WiKi Website addressed here.
o CloudAudit
o Cloud Security Alliance
o Distributed Management Task Force (DMTF)
o ETSI(The European Telecommunications Standards Institute)
o NIST(National Institute of Standards and Technology)
o Open Grid Forum (OGF)
o Object Management Group (OMG)
o Open Cloud Consortium (OCC)
o OASIS(Organization for the Advancement of Structured Information
Standards)
o SNIA(Storage Networking Industry Association)
o OG WG(The Open Group)
o ARTS(Association for Retail Technology Standards)
Khasnabish & JunSheng Expires June 30, 2013 [Page 63]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
9. IANA Considerations
This document has no actions for IANA.
Khasnabish & JunSheng Expires June 30, 2013 [Page 64]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
10. Normative references
[Cloud Definition]
NIST, Special Publication 800-145, "The NIST definition of
Cloud Computing", September 2011.
[RFC2119] IETF, "Key words for use in RFCs to Indicate Requirement
Levels", March 1997.
Khasnabish & JunSheng Expires June 30, 2013 [Page 65]
Internet-Draft Cloud SDO Activities Survey and Analysis December 2012
Authors' Addresses
Bhumip Khasnabish
ZTE USA, Inc.
55 Madison Avenue, Suite 160
Morristown, NJ 07960
USA
Phone: +001-781-752-8003
Email: vumip1@gmail.com, bhumip.khasnabish@zteusa.com
Chu JunSheng
ZTE
No.50 Ruanjian Dadao Road, Yuhuatai District
Nanjing
China
Phone: +86-25-8801-4630
Email: chu.junsheng@zte.com.cn
Khasnabish & JunSheng Expires June 30, 2013 [Page 66]