Internet Engineering Task Force                            B. Khasnabish
Internet-Draft                                             ZTE USA, Inc.
Intended status: Informational                               C. JunSheng
Expires: June 30, 2013                                               ZTE
                                                       December 27, 2012


                Cloud SDO Activities Survey and Analysis
                draft-khasnabish-cloud-sdo-survey-04.txt

Abstract

   The objective of this draft is to present a snapshot of industry
   standards activities related to cloud computing, networking and
   services including relevant features and functions.  This document is
   a survey of current activities of cloud standards development
   organizations (SDOs).  At the end of this survey a section on gap
   analysis is also presented.

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on June 30, 2013.

Copyright Notice

   Copyright (c) 2012 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of



Khasnabish & JunSheng     Expires June 30, 2013                 [Page 1]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

   This document may contain material from IETF Documents or IETF
   Contributions published or made publicly available before November
   10, 2008.  The person(s) controlling the copyright in some of this
   material may not have granted the IETF Trust the right to allow
   modifications of such material outside the IETF Standards Process.
   Without obtaining an adequate license from the person(s) controlling
   the copyright in such materials, this document may not be modified
   outside the IETF Standards Process, and derivative works of it may
   not be created outside the IETF Standards Process, except to format
   it for publication as an RFC or to translate it into languages other
   than English.


Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  4
   2.  Terminology  . . . . . . . . . . . . . . . . . . . . . . . . .  5
   3.  Survey of other SDOs . . . . . . . . . . . . . . . . . . . . .  6
     3.1.  ARTS (The Association for Retail Technology Standards) . .  6
     3.2.  ATIS (Alliance for Telecommunications Industry
           Solutions).  . . . . . . . . . . . . . . . . . . . . . . .  6
       3.2.1.  ATIS SON (Service Oriented Networks) Forum.  . . . . .  7
       3.2.2.  ATIS CSF (Cloud Services Forum). . . . . . . . . . . .  8
     3.3.  CCF (Cloud Computing Forum, Korea).  . . . . . . . . . . . 12
     3.4.  CCIF (Cloud Computing Interoperability Forum). . . . . . . 13
     3.5.  CloudAudit . . . . . . . . . . . . . . . . . . . . . . . . 14
     3.6.  CCSA - Clouds  . . . . . . . . . . . . . . . . . . . . . . 14
     3.7.  Cloud Computing Use Cases Group  . . . . . . . . . . . . . 15
     3.8.  China Institute of Electronics.  . . . . . . . . . . . . . 15
     3.9.  Cloud Operations and Security, Japan.  . . . . . . . . . . 16
     3.10. CSA (Cloud Security Alliance)  . . . . . . . . . . . . . . 16
     3.11. CSA/TCI (Cloud Security Alliance / Trusted Cloud
           Initiative)  . . . . . . . . . . . . . . . . . . . . . . . 17
     3.12. DELTA Cloud  . . . . . . . . . . . . . . . . . . . . . . . 18
     3.13. DMTF (Distributed Management Task Force) . . . . . . . . . 19
       3.13.1. CMWG (Cloud Management Working Group)  . . . . . . . . 20
       3.13.2. SVPC(System Virtualization, Partitioning, and
               Clustering)  . . . . . . . . . . . . . . . . . . . . . 21
       3.13.3. CADF(Cloud Auditing Data Federation Working Group) . . 22
       3.13.4. Cloud Incubator  . . . . . . . . . . . . . . . . . . . 23
     3.14. ENISA(European Network and Information Security Agency)  . 24
     3.15. ETSI STF 331 (Specialist Task Force on ICT GRID
           Technologies Interoperability and Standardization) . . . . 25
     3.16. ETSI TC GRID (Technical Committee Grid)  . . . . . . . . . 26
     3.17. GICTF (Global Inter-Cloud Technology Forum, Japan) . . . . 27



Khasnabish & JunSheng     Expires June 30, 2013                 [Page 2]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


     3.18. IEEE SA (Standards Association)  . . . . . . . . . . . . . 28
     3.19. IETF/APP/SCIM  . . . . . . . . . . . . . . . . . . . . . . 28
     3.20. IETF/TSV Decade  . . . . . . . . . . . . . . . . . . . . . 30
     3.21. IETF/TSV/nfsv4 . . . . . . . . . . . . . . . . . . . . . . 32
     3.22. IETF/OPS/netconf . . . . . . . . . . . . . . . . . . . . . 34
     3.23. IETF/OPS/ARMD  . . . . . . . . . . . . . . . . . . . . . . 35
     3.24. IETF/RTG/NVO3  . . . . . . . . . . . . . . . . . . . . . . 36
     3.25. IRTF/P2PRG . . . . . . . . . . . . . . . . . . . . . . . . 38
     3.26. IRTF/VNRG  . . . . . . . . . . . . . . . . . . . . . . . . 39
     3.27. ISO/IEC JTC1 SC38 SGCC . . . . . . . . . . . . . . . . . . 39
       3.27.1. Study Group on Cloud Computing(SGCC) . . . . . . . . . 40
       3.27.2. Working Group 3 on Cloud Computing . . . . . . . . . . 40
     3.28. ITU-T JCA-Cloud (Joint Coordination Activity on Cloud
           Computing )  . . . . . . . . . . . . . . . . . . . . . . . 41
     3.29. KCSA (Korea Cloud Service Association) . . . . . . . . . . 42
     3.30. Liberty Alliance / Kantara Initiative  . . . . . . . . . . 42
     3.31. NCOIC (Network Centric Operations Industry Consortium) . . 43
     3.32. NIST . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
     3.33. OASIS  . . . . . . . . . . . . . . . . . . . . . . . . . . 45
     3.34. OCC  . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
     3.35. ODCA (Open Data Center Alliance) . . . . . . . . . . . . . 47
     3.36. OGF / OCCI . . . . . . . . . . . . . . . . . . . . . . . . 48
     3.37. OMA(Open Mobile Alliance)  . . . . . . . . . . . . . . . . 51
     3.38. OMG(Object Management Group) . . . . . . . . . . . . . . . 53
     3.39. OCM (Open Cloud Manifesto) . . . . . . . . . . . . . . . . 54
     3.40. OGC WG (Open Group Cloud Work Group) . . . . . . . . . . . 54
     3.41. SNIA . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
     3.42. Study group on Smart Cloud, Japan  . . . . . . . . . . . . 57
     3.43. TM Forum . . . . . . . . . . . . . . . . . . . . . . . . . 57
   4.  Summary and Analysis . . . . . . . . . . . . . . . . . . . . . 59
   5.  Security Considerations  . . . . . . . . . . . . . . . . . . . 60
   6.  Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . 61
   7.  Acknowledgement  . . . . . . . . . . . . . . . . . . . . . . . 62
   8.  Appendix A: Cloud Standards WiKi.  . . . . . . . . . . . . . . 63
   9.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 64
   10. Normative references . . . . . . . . . . . . . . . . . . . . . 65
   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 66














Khasnabish & JunSheng     Expires June 30, 2013                 [Page 3]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


1.  Introduction

   This draft presents a survey of the SDOs related to cloud activities.
   By conducting a comprehensive survey, gaps and overlaps in cloud
   standards can be determined.  This will allow us to determine the
   IETF work that would be required to address the gaps.  Once these
   IETF work have been completed, seamless interoperability of cloud
   services can be realized.











































Khasnabish & JunSheng     Expires June 30, 2013                 [Page 4]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


2.  Terminology

   Cloud-based systems are conveniently-connected modular blocks of
   resources

   o  Both physical and virtual modularizations of resources are
      possible

   o  For this discussion, the resources include computing (CPU),
      communications (network), memory, storage, management, database,
      software, applications, services, interconnectivity, etc.

   o  The objective is to make the resources available ubiquitously for
      mission-specific applications and services.  These resources are
      used to support the ultimate level of privacy/security,
      scalability and reliability cost-effectively and without the
      headache of owning and maintaining the infrastructure.

   Clouds Discussion Archive:
   http://www.ietf.org/mail-archive/web/clouds/current/maillist.html

   NIST definition: http://csrc.nist.gov/groups/SNS/cloud-computing/

   Service over Cloud

   o  Utilize (stitch, weave, embroider, ...) the virtualized resources
      from cloud to provision, create, deliver, and maintain an End-to-
      End Service

   o  Use the service only when you Need it

   o  Pay only for the time duration and type of use of service (include
      the costs for resources used)


















Khasnabish & JunSheng     Expires June 30, 2013                 [Page 5]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


3.  Survey of other SDOs

3.1.  ARTS (The Association for Retail Technology Standards)

   The ARTS is dedicated to creating an open environment where both
   retailers and technology vendors work together to create
   international retail technology standards and to reduce the costs of
   the technology.  Recently, this group also started looking at
   researching cloud computing and developing white papers to address
   cloud issues.  Cloud Computing team starts work on a "mini
   RFP(Request for Proposal)" to help retailers evaluate cloud
   strategies and solutions.  ARTS is a separate council within the
   NRF(National Retail Federation) governed by a council of retailers
   and technology solution providers.

   ARTS has four standards/Committees:

   o  UnifiedPOS - Committee Chair Paul Gay, Epson

   o  Data Model - Committee Chair Lynn Myers, Lowe's Companies

   o  ARTS XML - Committee Chair Tim Hood, SAP

   o  Standard RFPs - Committee Chair Ann McCool

   ARTS Cloud Computing for Retail White Paper, Best Practices
   Documents.  This Cloud Computing for Retail whitepaper offers
   unbiased guidance for achieving maximum results from this relatively
   new technology.  Version 1.0 represents a significant update to the
   draft version released in October 2009, specifically providing more
   examples of cloud computing in retail, as well as additional
   information on the relationship to Service Oriented Architecture
   (SOA) and constructing a Private Cloud.

   Website:http://www.nrf-arts.org/

   Status: Active.

   Partnership/Coordination: NRF.

   Language: English.

3.2.  ATIS (Alliance for Telecommunications Industry Solutions).

   ATIS prioritizes the industry's most pressing, technical and
   operational issues, and creates interoperable, implementable, end to
   end solutions -- standards when the industry needs them and where
   they need them.



Khasnabish & JunSheng     Expires June 30, 2013                 [Page 6]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   Over 600 industry professionals from more than 250 communications
   companies actively participate in ATIS committees and incubator
   solutions programs.

   ATIS develops standards and solutions addressing a wide range of
   industry issues in a manner that allocates and coordinates industry
   resources and produces the greatest return for communications
   companies.

   ATIS is accredited by the American National Standards Institute
   (ANSI).

3.2.1.  ATIS SON (Service Oriented Networks) Forum.

   The SON Forum is addressing work to enable the interoperability and
   implementation of Service Oriented Network (SON) applications and
   services by developing standards, providing coordination for the
   development of standards and practices, and facilitating related
   technical activities.  This forum is placing an emphasis on
   telecommunications industry needs in collaboration with regional and
   international standards development programs in the
   telecommunications, IT and Web industries.

   ATIS has three Working Areas:

   o  WORK AREA1:Policy and Data Models Work Area (PDM)

   o  WORK AREA2:OSS/BSS and Virtualization Work Area (OBV)

   o  WORK AREA3:Service Delivery Creation and Enablers Work Area (SDCE)

   SON Forum Chair: Andrew White, Qwest

   Son Forum Vice Chair:Gary Munson, AT&T

   Website:http://www.atis.org/SON/index.asp

   Status: Inactive (The activities have been transferred to ATIS CSF;
   please see section 3.2.2 for details).

   Partnership/Coordination:

   o  ANSI

   o  3GPP(TBC)

   Language: English.




Khasnabish & JunSheng     Expires June 30, 2013                 [Page 7]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


3.2.2.  ATIS CSF (Cloud Services Forum).

   The ATIS Board recently approved the launch of the Cloud Services
   Forum (CSF).  The Forum will focus, among other things, on the
   operators' provision of cloud services, and develop a framework to
   ensure integration of the network and IT.  It will account for basic
   APIs in the control plane layer of the network rather than as a
   service on the network, define a minimum set of APIs to expose
   between service providers, and define interoperability, security, and
   standardization, among other things, between service provider clouds.

   Drawing upon business use cases that leverage Cloud Services'
   potential, the Forum will address industry priorities and develop
   implementable solutions for the evolving Cloud marketplace.
   Ultimately, the CSF will work to see that Cloud capabilities are
   quickly operationalized and operators are able to offer managed
   services.

   Initial CSF objectives that are being discussed include:

   o  Cloud Service Framework for CDN;

   o  Developing a framework to ensure the integration of the network
      and IT;

   o  Ascertaining basic APIs in the control plane layer of the network;

   o  Using industry input to define a minimum set of APIs to expose
      between service providers; and

   o  Utilizing control plane layer interfaces to allow for a greater
      network role.

   Cloud Services Forum Active and Closed Issues:

   o  Common Service Enabler Description

         Doc: http://www.atis.org/cloud/_Com/Docs/issue002.doc.

         Status: Final Closure.

   o  Consistency of 3rd Party Interfaces

         Doc: http://www.atis.org/cloud/_Com/Docs/issue003.doc.

         Status: Final Closure.





Khasnabish & JunSheng     Expires June 30, 2013                 [Page 8]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  Common Name Space Requirements

         Doc: http://www.atis.org/cloud/_Com/Docs/issue007.doc.

         Status: Active.

   o  Cloud Service Framework for CDN

         Doc: http://www.atis.org/cloud/_Com/Docs/issue0011.doc.

         Status: Final Closure.

   o  Cloud-Based Inter-Provider Telepresence: Access Agnostic End to
      end service flow (Service Architecture Document): In considering
      Telepresence and VPNs Service Definitions

         Doc: http://www.atis.org/cloud/_Com/Docs/issue0012.doc.

         Status: Initial Closure.

   o  Charging for Cloud Services

         Doc: http://www.atis.org/cloud/_Com/Docs/issue0014.doc.

         Status: Active.

   o  Cloud Service Logging and Auditing

         Doc: http://www.atis.org/cloud/_Com/Docs/issue0015.doc.

         Status: Active.

   o  Cloud Services Control Plane

         Doc: http://www.atis.org/cloud/_Com/Docs/issue0016.doc.

         Status: Active.

   o  Cloud Services Checklist

         Doc: http://www.atis.org/cloud/_Com/Docs/issue0017.doc.

         Status: Active.

   o  Cloud Services Virtual Desktop Requirements

         Doc: http://www.atis.org/cloud/_Com/Docs/issue0018.doc.




Khasnabish & JunSheng     Expires June 30, 2013                 [Page 9]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


         Status: Active.

   o  Cloud Services Glossary and Acronyms

         Doc: http://www.atis.org/cloud/_Com/Docs/issue0020.doc.

         Status: Active.

   o  CDN Interconnection Use Cases & Requirements for Multicast-Based
      Content Distribution

         Doc: http://www.atis.org/cloud/_Com/Docs/issue0021.doc.

         Status: Initial Closure.

   o  CDN Interconnection Use Cases & Requirements "C Release 2

         Doc: http://www.atis.org/cloud/_Com/Docs/issue0022.doc.

         Status: Active.

   o  Federation of Cloud Services and Networks for Service Delivery

         Doc: http://www.atis.org/cloud/_Com/Docs/issue0024.doc.

         Status: Active.

   o  Service provider requirements for VPN-Oriented Data Center
      Services (VDCS)

         Doc: http://www.atis.org/cloud/_Com/Docs/issue0025.doc.

         Status: Active.

   o  Cloud Services Inter-Service Provider Billing Requirements

         Doc: http://www.atis.org/cloud/_Com/Docs/issue0026.doc.

         Status: Active.

   o  Cloud-Based Telepresence: Interconnect, Interoperability and
      Architecture

         Doc: http://www.atis.org/cloud/_Com/Docs/issue0027.doc.

         Status: Active.

   Cloud Services Forum Withdrawn Issues:



Khasnabish & JunSheng     Expires June 30, 2013                [Page 10]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  Common Product Data Catalog Repository

         Doc: http://www.atis.org/cloud/_Com/Docs/issue001.doc.

         Status: Withdrawn.

   o  Standardization of WS-* Specifications

         Doc: http://www.atis.org/cloud/_Com/Docs/issue004.doc.

         Status: Withdrawn.

   o  Common Policy Reference Model, Syntax, and Semantics

         Doc: http://www.atis.org/cloud/_Com/Docs/issue005.doc.

         Status: Withdrawn.

   o  Common Data Model Requirements

         Doc: http://www.atis.org/cloud/_Com/Docs/issue006.doc.

         Status: Withdrawn.

   o  Packaging of OSS/BSS Components as Service Enablers

         Doc: http://www.atis.org/cloud/_Com/Docs/issue008.doc.

         Status: Withdrawn.

   o  IT Infrastructure Virtualization

         Doc: http://www.atis.org/cloud/_Com/Docs/issue009.doc.

         Status: Withdrawn.

   o  Guidelines for COTS/Third-Party Software Installation in a Cloud
      Environment

         Doc: http://www.atis.org/cloud/_Com/Docs/issue0010.doc.

         Status: Withdrawn.

   o  Cloud Services Network-Network Interconnect

         Doc: http://www.atis.org/cloud/_Com/Docs/issue0013.doc.





Khasnabish & JunSheng     Expires June 30, 2013                [Page 11]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


         Status: Withdrawn.

   o  Cloud Services Reference Framework

         Doc: http://www.atis.org/cloud/_Com/Docs/issue0019.doc.

         Status: Withdrawn.

   o  Landscape of Computing, Storage, and Network Virtualized Resources
      for Cloud-based Services Offering

         Doc: http://www.atis.org/cloud/_Com/Docs/issue0023.doc.

         Status: Withdrawn.

   CSF Chair: Andrew White, NSN

   CSF Vice Chair: Dan Druta, AT&T

   Website:http://www.atis.org/cloud/index.asp

   Status: Active.

   Partnership/Coordination:

   o  ANSI

   o  3GPP(TBC)

   Language: English.

3.3.  CCF (Cloud Computing Forum, Korea).

   Main mission of CCF:

   o  Constitute National level CC Forum

   o  Provide CC technology development and standardization activity

   o  Sharing CC technology information

   o  Study on CC adaptation method into Public sectors

   o  Support international standardization activity of CC

   o  Develop CC related Law and policy

   CCF has six Working Groups:



Khasnabish & JunSheng     Expires June 30, 2013                [Page 12]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  Group 1: Policy and Certification

   o  Group 2: CC Technology Framework

   o  Group 3: Media Cloud

   o  Group 4: Storage Cloud

   o  Group 5: CC Technology for Green IDC

   o  Group 6: Mobile Cloud

   Chair: Mr. Son seung-won

   Website:http://www.ccsf-kr.org/

   Status: Active.

   Partnership/Coordination: Not known.

   Language: Korean, with some titles in English.

3.4.  CCIF (Cloud Computing Interoperability Forum).

   Goals

   The CCIF was formed in order to enable a global cloud computing
   ecosystem whereby organizations are able to seamlessly work together
   for the purposes for wider industry adoption of cloud computing
   technology and related services.  A key focus will be placed on the
   creation of a common agreed upon framework / ontology that enables
   the ability of two or more cloud platforms to exchange information in
   an unified manor.

   Mission

   CCIF is an open, vendor neutral, open community of technology
   advocates, and consumers dedicated to driving the rapid adoption of
   global cloud computing services.  CCIF shall accomplish this by
   working through the use open forums (physical and virtual) focused on
   building community consensus, exploring emerging trends, and
   advocating best practices / reference architectures for the purposes
   of standardized cloud computing.

   Note: CCIF is INACTIVE now.

   CCIF comes up with a unified cloud interface (a.k.a. cloud broker)
   whose features are as follows: unify various cloud APIs and abstract



Khasnabish & JunSheng     Expires June 30, 2013                [Page 13]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   it behind an open and standardized cloud interface, that is, create
   an API about other APIs.  Proposed a UCI architecture.

   CCIF has two Working Groups:

   o  Standard and Interoperability Working Group

   o  Unified Cloud Interface Working Group

   Chair: Mr. Reuven Cohen (Enomaly Inc.)

   Website:http://www.cloudforum.org/

   Status: Inactive.

   Partnership/Coordination: Not known.

   Language: English.

3.5.  CloudAudit

   The goal of CloudAudit is to provide a common interface and namespace
   that allows cloud computing providers to automate the Audit,
   Assertion, Assessment, and Assurance (A6) of their infrastructure
   (IaaS), platform (PaaS), and application (SaaS) environments and
   allow authorized consumers of their services to do likewise via an
   open, extensible and secure interface and methodology.

   Automated Audit, Assertion, Assessment, and Assurance API (A6 Working
   Group), officially launched in January 2010.

   Chair: Mr. Christofer Hoff

   Website:http://www.cloudaudit.org/

   Status: Active.

   Partnership/Coordination: Not known.

   Language: English.

3.6.  CCSA - Clouds

   CCSA only follows up and evaluates the influence of cloud computing
   on telecommunication network.  The main focus of CCSA is on Cloud
   Computing in Mobile Internet, Cloud Computing with P2P technology,
   Resource Virtualization Application Mode and Operation Requirement,
   etc.



Khasnabish & JunSheng     Expires June 30, 2013                [Page 14]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   CCSA has two Clouds related Working Groups:

   o  TC2 WG1

   o  TC1 WG4

   Website:http://www.ccsa.org.cn/

   Status: Active.

   Partnership/Coordination: Not known.

   Language: English.

3.7.  Cloud Computing Use Cases Group

   The goal of this group is to bring together cloud consumers and cloud
   vendors to define common use cases for cloud computing.  The use
   cases will demonstrate the performance and economic benefits of cloud
   computing, and will be based on the needs of the widest possible
   range of consumers.

   The ToC of the latest version (V3) of the white paper includes

   o  Definitions and Taxonomy

   o  Use Case Scenarios

   o  Customer Scenarios

   o  Developer Requirements

   o  Security Scenarios

   o  Security Use Case Scenarios

   Website:http://groups.google.com/group/cloud-computing-use-cases

   Status: Active.

   Partnership/Coordination: OCM.

   Language: English.

3.8.  China Institute of Electronics.

   The goal of the CIA is to solve the emerged problems with the rapid
   development of Cloud Computing, follows up the latest development of



Khasnabish & JunSheng     Expires June 30, 2013                [Page 15]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   technologies related to Cloud Computing, strengthen communication and
   cooperation in the domain of Cloud Computing, prompt the research and
   application on the technology of Cloud Computing, and draw up
   industry specification on Cloud Computing.

   Clouds related Group: Cloud Computing Experts Association.

   Chair: Mr. Li Deyi

   Website:http://www.ciecloud.org/

   Status: Active.

   Partnership/Coordination: OCM.

   Language: Chinese, with some titles in English.

3.9.  Cloud Operations and Security, Japan.

   Information Security Awareness Campaign to be jointly launched by the
   public and private sectors.  The Ministry of Economy, Trade and
   Industry (METI), Symantec Corporation, Trend Micro Incorporated,
   McAfee, Inc., and the Information-Technology Promotion Agency, Japan,
   will jointly launch the campaign to strengthen information security
   measures.  As information technology (IT) penetrates further into
   people's lives and socio-economic activities, Internet users face
   higher risks of becoming victims of computer viruses, unauthorized
   access or other security breaches.  This campaign is aimed at
   preventing such risks and increase people's awareness and knowledge
   of precautions for the safe use of IT.

   Website:http://www.meti.go.jp/english

   Status: Active.

   Partnership/Coordination: Not known.

   Language: English.

3.10.  CSA (Cloud Security Alliance)

   The Cloud Security Alliance is a non-profit organization formed to
   promote the use of best practices for providing security assurance
   within Cloud Computing, and provide education on the uses of Cloud
   Computing to help secure all other forms of computing.

   The CSA is mainly focus on:




Khasnabish & JunSheng     Expires June 30, 2013                [Page 16]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  Promoting a common level of understanding between the consumers
      and providers of cloud computing regarding the necessary security
      requirements and attestation of assurance.

   o  Promoting independent research into best practices for cloud
      computing security.

   o  Launching awareness campaigns and educational programs on the
      appropriate uses of cloud computing and cloud security solutions.

   o  Creating consensus lists of issues and guidance for cloud security
      assurance.

   8 Working Groups:

   o  Group 1: Architecture and Framework

   o  Group 2: Governance, Risk Management, Compliance, Audit, Physical,
      BCM, DR

   o  Group 3: Legal and eDiscovery

   o  Group 4: Portability & Interoperability and Application Security

   o  Group 5: Identity and Access Mgt, Encryption & Key Mgt

   o  Group 6: Data Center Operations and Incident Response

   o  Group 7: Information Lifecycle Management & Storage

   o  Group 8: Virtualization and Technology Compartmentalization

   Chair: Mr. Jim Reavis (Executive Director), Mr. Christofer Hoff
   (Technical Director)

   Website:http://www.cloudsecurityalliance.org/

   Status: Active.

   Partnership/Coordination: Not known.

   Language: English.

3.11.  CSA/TCI (Cloud Security Alliance / Trusted Cloud Initiative)

   The Trusted Cloud Initiative will help cloud providers develop
   industry-recommended, secure and interoperable identity, access and
   compliance management configurations, and practices.  We well develop



Khasnabish & JunSheng     Expires June 30, 2013                [Page 17]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   reference models, education, certification criteria and a cloud
   provider self-certification toolset in 2010.

   The TCI hopes to publish the industry's first cloud security
   certification by the end of 2010.

   Chair: Mr. Liam Lynch (eBay), Mr. Nick Nikols (Novell)

   Website:http://www.trusted-cloud.com/

   Status: Active.

   Partnership/Coordination: CSA(TBC).

   Language: English.

3.12.  DELTA Cloud

   Deltacloud is a top-level project at the Apache Software Foundation
   (ASF), having graduated from the ASF Incubator in October 2011.
   Through a collaborative and meritocratic development process, Apache
   projects deliver enterprise-grade, freely available software products
   that attract large communities of users.

   Apache Deltacloud is a REST-based (HATEOAS) cloud abstraction API,
   that enables management of resources in different IaaS clouds using a
   single API.  A series of back-end drivers 'speak' each cloud
   provider's native API and the Deltacloud Core Framework provides the
   basis for implementing drivers as needed for other/new IaaS cloud
   providers.  Apache Deltacloud currently supports many back-end cloud
   providers, as listed in Drivers.

   The Apache Deltacloud project empowers its users in avoiding lockin
   to any single cloud provider.  Deltacloud provides an API abstraction
   that can be implemented as a wrapper around a large number of clouds,
   freeing users of cloud from dealing with the particulars of each
   cloud's API.

   Delta Cloud provides:

   o  A RESTful API for simple, any-platform access

   o  Support for all major cloud service providers

   o  Backward compatibility across versions, providing long-term
      stability for scripts, tools and applications





Khasnabish & JunSheng     Expires June 30, 2013                [Page 18]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  A separate CIMI frontend, as well as CIMI API compliance tests and
      a simple CIMI client application.

   The Deltacloud documentation is divided into the following parts:

   o  Installation, dependencies and quick-start

   o  REST API definition

   o  Information about currently supported drivers

   o  The Deltacloud Ruby client

   o  The libdeltacloud C library

   Website:http://deltacloud.apache.org

   Status: Active.

   Language: English.

3.13.  DMTF (Distributed Management Task Force)

   DMTF enables more effective management of millions of IT systems
   worldwide by bringing the IT industry together to collaborate on the
   development, validation and promotion of systems management
   standards.

   Virtualization Management(VMAN) Initiative: VMAN unleashes the power
   of virtualization by delivering broadly supported interoperability
   and portability standards to virtual computing environments.  As
   another initiative based on the CIM and WBEM standards, the suite of
   management standards helps IT managers deploy virtual computer
   systems, discover/inventory virtual computer systems, manage the
   lifecycle of virtual computer systems, create/modify/delete virtual
   resources and monitor virtual systems for health and performance.
   The VMAN initiative strives to promote standards for virtualization
   management within the industry and enable vendors to implement
   compliant, interoperable virtualization management solutions.

   DMTF's Open Cloud Standards Incubator will focus on standardizing
   interactions between cloud environments by developing cloud resource
   management protocols, packaging formats and security mechanisms to
   facilitate interoperability.

   The Open Cloud Standards Incubator addresses the following aspects of
   the lifecycle of a cloud service:




Khasnabish & JunSheng     Expires June 30, 2013                [Page 19]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  description of the cloud service in a template

   o  deployment of the cloud service into a cloud

   o  offering of the service to consumers

   o  consumer entrance into contracts for the offering

   o  provider operation and management of instances of the service

   o  removal of the service offering

   A DMTF partner initiative, SMI is a Storage Networking Industry
   Association (SNIA) initiative to standardize interoperable storage
   management technologies, based on the rich foundation provided by the
   DMTF's CIM and WBEM specifications.

3.13.1.  CMWG (Cloud Management Working Group)

   Using the recommendations developed by DMTF's Open Cloud Standards
   Incubator, the Cloud Management Working Group (CMWG) is focused on
   standardizing interactions between cloud environments by developing
   specifications that deliver architectural semantics and
   implementation details to achieve interoperable cloud management
   between service prociders and their consumers and developers.

   DSP0263 Cloud Infrastructure Management Interface (CIMI) Model and
   REST Interface over HTTP is an Interface for Managing Cloud
   Infrastructure.  This profile defines a logical model for the
   management of resources within the Infrastructure as a Service
   domain.  A model was developed to address the use cases outlined in
   the !oScoping Framework for Cloud Management Models and Protocol
   Requirements!+/- document.

   The most recent version of DSP4003 v1.3.0 (the Alliance Partner Work
   Register Process document) approved by the DMTF board of directors on
   June 8th, 2006 defines how an alliance partner work register is
   created and the sequence of steps that are required before a work
   register is approved and the alliance partnership is established.

   WorkGroup Chair: Winston Bumpus, VMware Inc. wbumpus@vmware.com.

   WorkGroup Chair: Mark Johnson, IBM. mwj@us.ibm.com.

   Website:http://members.dmtf.org/apps/org/workgroup/cmwg/

   Status: Active.




Khasnabish & JunSheng     Expires June 30, 2013                [Page 20]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   Partnership/Coordination:

   o  CSA

   o  CompTIA(Computing Technology Industry Association )

   o  ECMA(Ecma International)

   o  OGF(Open Grid Forum)

   o  TGG(The Green Grid)

   o  TOG(The Open Group)

   o  OMG(Object Management Group)

   o  PWG(Printer Working Group)

   o  SNIA

   o  TMF(TeleManagement Forum)

   o  TCG(Trusted Computing Group)

   o  UEFI(Unified Extensible Firmware Interface)

   Language: English.

3.13.2.  SVPC(System Virtualization, Partitioning, and Clustering)

   DMTF's SVPC includes a set of specifications that address the
   management lifecycle of a virtual environment.  SVPC's OVF (Open
   Virtualization Format) specification provides a standard format for
   packaging and describing virtual machines and applications for
   deployment across heterogeneous virtualization platforms.  SVPC's
   profiles standardize many aspects of the operational management of a
   heterogeneous virtualized environment.

   OVF is a common packaging format for independent software vendors
   (ISVs) to package and securely distribute virtual appliances,
   enabling cross-platform portability.  By packaging virtual appliances
   in OVF, ISVs can create a single, pre-packaged appliance that can run
   on customers' virtualization platforms of choice.

   The key properties of the format are as follows:

   o  Optimized for distribution




Khasnabish & JunSheng     Expires June 30, 2013                [Page 21]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  Optimized for a simple, automated user experience

   o  Supports both single VM and multiple

   o  Portable VM packaging

   o  Vendor and platform independent

   o  Extensible - OVF is immediately useful - and extensible

   o  Localizable - OVF supports user-visible descriptions in multiple
      locales

   Workgroup Chair: Mr. Lawrence Lamers, VMware Inc.
   ljlamers@vmware.com.

   Vice-Chair: Michael Johanssen, IBM. johanssn@de.ibm.com.

   Website:http://www.dmtf.org/initiatives/vman_nitiative/

   Status: Active.

   Partnership/Coordination: DMTF.

   Language: English.

3.13.3.  CADF(Cloud Auditing Data Federation Working Group)

   CADF is developing specifications for federating audit event data
   from cloud providers which includes defining a normative,
   prescriptive audit data format, event classification taxonomies,
   interface definitions and a compatible interaction model.

   The data format specification will include the constructs for
   federating audit event data in the form of customized audit reports
   and logs which preserves reference to source information on the
   participating cloud resources.

   Member use cases are now being accepted as input to the development
   process in order to assure the data format and interface models
   specified by the working group consumable by different customer
   scenarios and implementations.

   The WG deliverables:

   o  Cloud Audit Event Data Model Specification





Khasnabish & JunSheng     Expires June 30, 2013                [Page 22]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  Cloud Audit Event API Specification

   o  Profiles of the Cloud Audit Event Data Model and Event API
      Specifications which the CADF deems necessary.

   o  Protocol requirements delivered to the CMWG (or other groups if
      they exist)

   o  Other documents and whitepapers which the Cloud Audit Working
      Group deems necessary.

   Workgroup Chair: Mr. Matthew Rutkowski, IBM.

   Workgroup: Mr. David Corlette, Novell. johanssn@de.ibm.com.

   Website:http://members.dmtf.org/apps/org/workgroup/cadf/
   description.php

   Status: Active.

   Partnership/Coordination: DMTF, CSA, TOG(The Open Group).

   Language: English.

3.13.4.  Cloud Incubator

   This Incubator was started in 2009.  The goal of the Incubator is to
   define a set of architectural semantics that unify the interoperable
   management of enterprise and cloud computing.  In July 2010 the
   incubator delivered two important documents: Use Cases and
   Interactions for Managing Clouds (DSP-IS0103) and Architecture for
   Managing Clouds (DSP-IS0102).

   These two documents together describe how standardized interfaces and
   data formats can be used to manage clouds.  The first document
   focuses on the overall architecture, including requirements for the
   architected interfaces in general (e.g., requirements on resource
   model).  The second document focuses on interactions and data
   formats.  The use cases involved resources include service resources
   provision, changing and monitoring etc.

   Incubator deliverables:

   o  Cloud taxonomy

   o  Cloud Interoperability whitepaper





Khasnabish & JunSheng     Expires June 30, 2013                [Page 23]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  Informational specifications

   o  Proposed OVF changes for cloud usage

   o  Proposed Profiles for management of resources exposed by a cloud

   o  Proposed changes to other DMTF standards

   o  Requirements for trust for cloud resource management

   o  Work register(s) with appropriate alliance partners (See below)

   Workgroup Chair: Mr. Billy Cox, Intel Corporation.

   Website:http://members.dmtf.org/apps/org/workgroup/cloud/
   description.php

   Status: Active.

   Partnership/Coordination: DMTF, SNIA.

   Language: English.

3.14.  ENISA(European Network and Information Security Agency)

   ENISA is carrying out a risk assessment of cloud computing with input
   from 30 experts from major companies and academic institutions.  The
   paper should provide an assessment of key risks and their mitigation
   strategies in cloud computing.

   ENISA Cloud Computing Risk Assessment

   ENISA is carrying out a risk assessment of cloud computing with input
   from 30 experts from major companies and academic institutions.  The
   paper should provide an assessment of key risks and their mitigation
   strategies in cloud computing which will allow:

   o  European Policymakers to decide on research policy (to develop
      technologies to mitigate risks)

   o  European Policymakers to decide on appropriate policy and economic
      incentives, legislative measures, awareness-raising initiatives
      etc... vis-a-vis cloud-computing technologies.

   o  Business leaders to evaluate the risks of adopting such
      technologies and possible mitigation strategies.  Individuals/
      citizens to evaluate the cost/benefit of ----using the consumer
      version of such applications.



Khasnabish & JunSheng     Expires June 30, 2013                [Page 24]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   Executive Director, Dr Udo Helmbrecht

   Website:http://www.enisa.europa.eu/

   Status: Active.

   Partnership/Coordination: EP3R(European Public-Private Partnership
   for Resilience, http://ec.europa.eu/information_society/policy/nis/
   strategy/activities/ciip/impl_activities/index_en.htm )

   Language: English.

3.15.  ETSI STF 331 (Specialist Task Force on ICT GRID Technologies
       Interoperability and Standardization)

   The Specialist Task Force (STF) addressed, in general, IT-Telecom
   (Information Technology and Telecommunications) convergence and, in
   particular, the lack of interoperable GRID solutions built by IT in
   conjunction with the Telecom industry.  At the request of TC GRID,
   this scope was extended to include "cloud computing".

   White paper:

   o  Grid and Cloud Computing Technology: Interoperability and
      Standardization for the Telecommunications Industry, 2009.

   Technical Report:

   o  ETSI TR 102 659-1 Study of ICT GRID interoperability gaps; Part 1:
      Inventory of ICT Stakeholders V1.2.1, 2009-10

   o  ETSI TR 102 659-2 Study of ICT GRID interoperability gaps; Part 2:
      List of identified Gaps V1.2.1, 2009-10

   o  ETSI TR 102 766 ICT GRID Interoperability Testing Framework and
      survey of existing ICT Grid interoperability solutions V1.1.1,
      2009-10

   Technical Specification:

   o  TSI TS 102 786 ICT GRID Interoperability Testing Framework V1.1.1,
      2009-10

   Chair: Mr. Geoffrey Caryer (STF 331 team leader)

   Website:http://portal.etsi.org/STFs/STF_HomePages/STF331/STF331.asp

   Status: Active.



Khasnabish & JunSheng     Expires June 30, 2013                [Page 25]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   Partnership/Coordination: ETSI

   Language: English.

3.16.  ETSI TC GRID (Technical Committee Grid)

   Responsible for producing test specifications and standards to
   integrate the use of telecommunications infrastructures in networked
   computing, including both Grid computing and Cloud computing.

   ETSI's Grid Technical Committee (TC GRID) is addressing issues
   associated with the convergence of Information Technology (IT) and
   telecommunications, paying particular attention to scenarios where
   connectivity goes beyond the local network.  This includes not only
   Grid computing but also the emerging commercial trend towards Cloud
   computing which places particular emphasis on ubiquitous network
   access to scalable computing and storage resources.  The vision is to
   evolve towards a coherent and consistent general purpose
   infrastructure, made up of interoperable elements ranging from small
   devices up to supercomputers, connected by global networks and
   capable of supporting communities ranging from individuals to whole
   industries, and with applications in business, public sector,
   academic and consumer environments.

   Note: TC GRID will be renamed to TC Cloud shortly and start work on
   standardization requirements for cloud services (ETSI TR 102 997)

   Chair: Mr. Michael Fisher (BT Group Plc)

   Website:http://portal.etsi.org/portal/server.pt/community/GRID/310

   Status: Initiating TC Cloud.

   Partnership/Coordination:

   o  ETSI TC TISPAN

   o  ETSI TC MTS

   o  ETSI CTI (Centre for Testing & Interoperability)

   o  ETSI Plugtests Events

   o  ITU-T

   o  Open Grid Forum, with which a Memorandum of Understanding has been
      signed




Khasnabish & JunSheng     Expires June 30, 2013                [Page 26]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  European Commission DG INFSO, DG ENTR

   o  NESSI European Technology Platform

   Language: English.

3.17.  GICTF (Global Inter-Cloud Technology Forum, Japan)

   GICTF aims to promote standardization of network protocols and the
   interfaces through which cloud systems interwork with each other, and
   to enable the provision of more reliable cloud services than those
   available today.

   Main activities and goals

   o  Promote the development and standardization of technologies to use
      cloud systems;

   o  Propose standard interfaces that allow cloud systems to interwork
      with each other;

   o  Collect and disseminate proposals and requests regarding
      organization of technical exchange meetings and training courses;

   o  Establish liaison with counterparts in the U.S. and Europe, and
      promote exchange with relevant R&D teams.

   Working Group

   o  General Assembly

   o  Board of Directors

   o  Technology Task Force

   o  Application Task Force

   Chair: Prof. Tomonori Aoyama (Keio Univ.)

   Website:http://www.gictf.jp/index_e.html

   Status: Active.

   Partnership/Coordination: Not known

   Language: English.





Khasnabish & JunSheng     Expires June 30, 2013                [Page 27]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


3.18.  IEEE SA (Standards Association)

   CLOUD 2009 is created to provide a prime international forum for both
   researchers and industry practitioners to exchange the latest
   fundamental advances in the state of the art and practice of Cloud
   Computing, identify emerging research topics, and define the future
   of Cloud Computing. http://www.thecloudcomputing.org/2009/2/

   CLOUD 2010 tries to attract researchers, practitioners, and industry
   business leaders in all the following areas to help define and shape
   cloud computing, and its related modernization strategy and
   directions of the services industry.
   http://www.thecloudcomputing.org/2010/

   IEEE SA collaborated with CSA in a cloud security standards survey,
   and in some events related to cloud standards.  A number of existing
   IEEE standards is indirectly linked to cloud computing.  Cloud
   Security Alliance and IEEE Join Forces to Identify Cloud Security
   Standards Requirements For IT Practitioners

   General Chairs: Stephen S. Yau, Arizona State University, USA.
   Liang-Jie Zhang, IBM T.J. Watson Research, USA

   Program Chairs: Wu Chou, Avaya Labs Research, Avaya, USA.  Adrezej M
   Goscinski, Deakin University, Australia.

   Application and Industry Track Chairs: Claudio Bartolini, HP Labs,
   USA.  Min Luo, IBM Software Group, USA

   Website:http://standards.ieee.org/

   Status: Active.

   Partnership/Coordination: CSA

   Language: English.

3.19.  IETF/APP/SCIM

   System for Cross-domain Identity Management (SCIM) WG Charter: The
   System for Cross-domain Identity Management (SCIM) working group will
   standardize methods for creating, reading, searching, modifying, and
   deleting user identities and identity-related objects across
   administrative domains, with the goal of simplifying common tasks
   related to user identity management in services and applications.

   "Standardize" does not necessarily mean that the working group will
   develop new technologies.  The existing specifications for "SCIM 1.0"



Khasnabish & JunSheng     Expires June 30, 2013                [Page 28]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   provide RESTful interfaces on top of HTTP rather than defining a new
   application protocol.  That will be the basis for the new work.

   Today, distributed identity management across administrative domains
   is complicated by a lack of protocol and schema standardization
   between consumers and producers of identities.  This has led to a
   number of approaches, including error-prone manual administration and
   bulk file uploads, as well as proprietary protocols and mediation
   devices that must be adapted to each service for each organization.
   While there is existing work in the field, it has not been widely
   adopted for a variety of reasons, including a lack of common
   artifacts such as schema, toolsets, and libraries.

   The SCIM working group will develop the core schema and interfaces
   based on HTTP and REST to address these problems.  Initially, the
   group will focus on

   o  a schema definition

   o  a set of operations for creation, modification, and deletion of
      users

   o  schema discovery

   o  read and search

   o  bulk operations

   o  mapping between the inetOrgPerson LDAP object class (RFC 2798) and
      the SCIM schema

   It will follow that by considering extensions for client targeting of
   specific SCIM endpoints and SAML binding.  The approach will be
   extensible.  The group will use, as starting points, the following
   drafts in the following ways:

   o  draft-scim-use-cases-00 as the initial use cases for SCIM

   o  draft-scim-core-schema-00 as the schema specification

   o  draft-scim-api-00 as the protocol specification

   These drafts are based on existing specifications, which together are
   commonly known as SCIM 1.0.  Because there is existing work with
   existing implementations, some consideration should be given to
   backward compatibility, though getting it right takes priority.  This
   group will consider the operational experience gathered from the
   existing work, as well as experiences with work done by other bodies,



Khasnabish & JunSheng     Expires June 30, 2013                [Page 29]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   including the OASIS Provisioning TC.

   The use cases document will be a "living document", guiding the
   working group during its development of the standards.  The group may
   take snapshots of that document for Informational publication, to
   serve as documentation of the motivation for the work in progress and
   to similarly guide planning and implementation.

   The group will produce Proposed Standards for a schema, a REST-based
   protocol, and a SAML binding, as well as an Informational document
   defining an LDAP mapping.  In doing so, the group will make the
   terminology consistent, identify any functional gaps that would be
   useful for future work, address internationalization, and provide
   guidelines and mechanisms for extensibility.

   In addition, the working group will ensure that the SCIM protocol
   embodies good security practices.  Given both the sensitivity of the
   information being conveyed in SCIM messages and the regulatory
   requirements regarding the privacy of personally identifiable
   information, the working group will pay particular attention to
   issues around authorization, authenticity, and privacy.

   The group considers the following out of scope for this group:

   o  Defining new authentication schemes

   o  Defining new policy/authorization schemes

   Area Director: Barry Leiba (barryleiba@computer.org)

   Website:http://datatracker.ietf.org/wg/scim/

   Status: Active.

   Partnership/Coordination: IETF

   Language: English.

3.20.  IETF/TSV Decade

   The Working Group (WG) will have three primary tasks.

   First, the WG will identify target applications to appropriately
   scope the problem and requirements.  P2P applications are the primary
   target, but suitability to other applications with similar
   requirements may be considered depending on additional complexity
   required to support such applications.




Khasnabish & JunSheng     Expires June 30, 2013                [Page 30]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   Second, the WG will identify the requirements to enable target
   applications to utilize in-network storage.  Requirements will
   include the ability for an application to (1) store, retrieve, and
   manage data, (2) indicate access control policies for storing and
   retrieving data suitable to an environment with users across multiple
   administrative and security domains (e.g., in a P2P environment), and
   (3) indicate resource control policies for storing and retrieving
   data.

   Third, the WG will develop an architecture within which the DECADE
   protocol can be specified.  This architecture will identify DECADE's
   relationship to existing IETF protocols and where (if any) new
   protocol is needed or extensions to existing protocols need to be
   made.

   The architecture will not specify a protocol or extension; if
   development of a new protocol is needed, the WG will seek to
   recharter for this purpose or might ask an existing WG to work on
   such extensions.

   The architecture will not specify a protocol or extension; if
   development of a new protocol is needed, the WG will seek to
   recharter for this purpose or might ask an existing WG to work on
   such extensions.

   The WG will focus on the following work items:

   o  A "problem statement" document.  This document provides a
      description of the problem and common terminology.

   o  A requirements document.  This document lists the requirements for
      the in-network storage service (e.g., supported operations) and
      the protocol to support it.  The service will include storing,
      retrieving, and managing data as well as specifying both access
      control and resource control policies in the in-network storage
      pertaining to that data.

   o  A survey document.  This document will survey existing related
      mechanisms and protocols (e.g., HTTP, NFS, and WebDAV), and
      evaluate their applicability to DECADE.

   o  An architecture document.  This document will identify DECADE's
      relationship with existing IETF protocols.  Existing protocols
      will be used wherever possible and appropriate to support DECADE's
      requirements.  In particular, data storage, retrieval, and
      management may be provided by an existing IETF protocols.  The WG
      will not limit itself to a single data transport protocol since
      different protocols may have varying implementation costs and



Khasnabish & JunSheng     Expires June 30, 2013                [Page 31]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


      performance tradeoffs.

   However, to keep interoperability manageable, a small number of
   specific, targeted, data transport protocols will be identified and
   used.  If new protocol development is deemed necessary, the WG will
   be rechartered.  It is not expected that all work items will be ready
   for IESG review by that point, but WG consensus must show that
   documents directing eventual protocol development (Requirements and
   Architecture document) have stabilized.  This permits adjustments to
   such documents as necessary to maintain consistency as protocol
   development is done.

   The following issues are considered out-of-scope for the WG:

   o  Specification of policies regarding copyright-protected or illegal
      content.

   o  Locating the "best" in-network storage location from which to
      retrieve content if there are more than one location can provide
      the same content.

   o  Developing a new protocol for data transport between P2P
      applications and in-network storage.

   Chairs: Richard Woundy(Richard_Woundy@cable.comcast.com), Haibin
   Song(melodysong@huawei.com).

   Area Director: Alexey Melnikov(alexey.melnikov@isode.com).

   Website:https://datatracker.ietf.org/wg/decade/

   Status: Active.

   Partnership/Coordination:

   o  IRTF

   o  IASA/IAOC/Trust IANA

   Language: English.

3.21.  IETF/TSV/nfsv4

   NFS Version 4 is the IETF standard for file sharing.  To maintain NFS
   Version 4's utility and currency, the working group is chartered to:

   o  maintain the existing NFSv4, NFSv4.1 and related specifications,
      such as RPC and XDR,



Khasnabish & JunSheng     Expires June 30, 2013                [Page 32]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  progress these specifications along the standards track,

   o  develop a protocol to create a federated namespace using NFSv4's
      existing referral mechanisms.

   Goals and Milestones:

   o  Done - Issue strawman Internet-Draft for v4

   o  Done - Submit Initial Internet-Draft of requirements document

   o  Done - Submit Final Internet-Draft of requirements document

   o  Done - AD reassesses WG charter

   o  Done - Submit v4 Internet-Draft sufficient to begin prototype
      implementations

   o  Done - Begin Interoperability testing of prototype implementations

   o  Done - Submit NFS version 4 to IESG for consideration as a
      Proposed Standard.

   o  Done - Conduct final Interoperability tests

   o  Done - Conduct full Interoperability tests for all NFSv4 features

   o  Done - Update API advancement draft

   o  Done - Form core design team to work on NFS V4 migration/
      replication requirements and protocol

   o  Done - Submit revised NFS Version 4 specification (revision to RFC
      3010) to IESG for consideration as a Proposed Standard

   o  Done - Strawman NFS V4 replication/migration protocol proposal
      submitted as an ID

   o  Done - WG Last Call for RPC and NFS RDMA drafts

   o  Done - WG Last Call for rfc1831bis (RPC version 2)

   o  Done - WG Last Call for NFSv4.1 Object-based layout

   o  Done - WG Last Call for NFSv4 minor version 1

   o  Done - WG Last Call for NFSv4.1 block/volume layout




Khasnabish & JunSheng     Expires June 30, 2013                [Page 33]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  Done - Submit NFS Minor Version 1 to IESG for publication as a
      Proposed Standard

   o  Done - Submit Object-based pNFS Operations to IESG for publication
      as a Proposed Standard

   o  Done - Submit pNFS Block/Volume Layout to IESG for publication as
      a Proposed Standard

   o  May 2009 - WG Last Call for Requirements for Federated File
      Systems draft-ietf-nfsv4-federated-fs-reqts-01

   o  Sep 2009 - WG Last Call for rfc3530bis (NFS version 4)

   o  Oct 2009 - WG Last Call for Administration Protocol for Federated
      Filesystems draft-ietf-nfsv4-federated-fs-admin-00.txt

   o  Oct 2009 - WG Last Call for NSDB Protocol for Federated
      Filesystems draft-ietf-nfsv4-federated-fs-protocol-00.txtwith
      IPv6.

   Additionally, it will create an IANA registry for RPC program numbers
   and seed it with a registry Sun has been maintaining.

   Chairs: Brian Pawlowski(beepy@netapp.com).  Spencer
   Shepler(spencer.shepler@gmail.com)

   Website:http://tools.ietf.org/wg/nfsv4/charters

   Status: Active.

   Partnership/Coordination: IRTF

   Language: English.

3.22.  IETF/OPS/netconf

   The NETCONF Working Group is chartered to produce a protocol suitable
   for network configuration, with the following characteristics:

   o  Provides retrieval mechanisms which can differentiate between
      configuration data and non-configuration data

   o  Is extensible enough so that vendors will provide access to all
      configuration data on the device using a single protocol

   o  Has a programmatic interface (avoids screen scraping and
      formatting-related changes between releases)



Khasnabish & JunSheng     Expires June 30, 2013                [Page 34]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  Uses a textual data representation, that can be easily manipulated
      using non-specialized text manipulation tools

   o  Supports integration with existing user authentication methods

   o  Supports integration with existing configuration database systems

   o  Supports network wide configuration transactions (with features
      such as locking and rollback capability)

   o  Is as transport-independent as possible

   o  Provides support for asynchronous notifications

   The NETCONF protocol is using XML for data encoding purposes, because
   XML is a widely deployed standard which is supported by a large
   number of applications.

   The NETCONF protocol should be independent of the data definition
   language and data models used to describe configuration and state
   data.

   Chair: Bert Wijnen(bertietf@bwijnen.net), Mehmet
   Ersue(mehmet.ersue@nsn.com)

   Website:http://datatracker.ietf.org/wg/netconf/

   Status: Active.

   Partnership/Coordination:

   o  IASA/IAOC/Trust IANA

   o  IRTF

   Language: English.

3.23.  IETF/OPS/ARMD

   Address Resolution for Massive numbers of hosts in the Data center
   (armd) WG Charter: Changing workloads in datacenters are having an
   impact on the performance of current datacenter network designs.  For
   example, the use of virtual machines (VMs) as a means for deployment
   and management of new services often results in a significant
   increase in the number of hosts attached to the network.  Various
   requirements for the deployment of VMs in data center networks, such
   as support for VM mobility, has led to architectures in which
   broadcast domains are scaling up to span more switching devices and



Khasnabish & JunSheng     Expires June 30, 2013                [Page 35]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   VM servers, and to interconnect more hosts (as represented by VMs).

   In these deployment architectures, heavily used protocols that are
   based on broadcast or multicast, such as ARP and ND, may contribute
   to poor network performance.  The armd Working Group will investigate
   the impact of changing workloads and existing protocols on datacenter
   network performance.

   In its work, the armd Working Group will take into consideration work
   done in data center networking standardization by other SDOs, such as
   the IEEE 802.1 Data Center Bridging Task Group, and will communicate
   and exchange information with these organizations.

   Area Director: Ronald Bonica (rbonica@juniper.net)

   Website:http://datatracker.ietf.org/wg/armd/

   Status: Active.

   Partnership/Coordination: IETF

   Language: English.

3.24.  IETF/RTG/NVO3

   Network Virtualization Overlays (NVO3) WG Charter: Support for multi-
   tenancy has become a core requirement of data centers (DCs),
   especially in the context of data centers supporting virtualized
   hosts known as virtual machines (VMs).  Three key requirements needed
   to support multi-tenancy are:

   o Traffic isolation, so that a tenant's traffic is not visible to any
   other tenant, and

   o Address independence, so that one tenant's addressing scheme does
   not collide with other tenant's addressing schemes or with addresses
   used within the data center itself.

   o Support the placement and migration of VMs anywhere within the data
   center, without being limited by DC network constraints such as the
   IP subnet boundaries of the underlying DC network.

   An NVO3 solution (known here as a Data Center Virtual Private Network
   (DCVPN)) is a VPN that is viable across a scaling range of a few
   thousand VMs to several million VMs running on greater than one
   hundred thousand physical servers.  It thus has good scaling
   properties from relatively small networks to networks with several
   million DCVPN endpoints and hundreds of thousands of DCVPNs within a



Khasnabish & JunSheng     Expires June 30, 2013                [Page 36]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   single administrative domain.

   A DCVPN also supports VM migration between physical servers in a sub-
   second timeframe.

   Note that although this charter uses the term VM throughout, NVO3
   must also support connectivity to traditional hosts e.g. hosts that
   do not have hypervisors.

   NVO3 will consider approaches to multi-tenancy that reside at the
   network layer rather than using traditional isolation mechanisms that
   rely on the underlying layer 2 technology (e.g., VLANs).  The NVO3 WG
   will determine which types of connectivity services are needed by
   typical DC deployments (for example, IP and/or Ethernet).

   NVO3 will document the problem statement, the applicability, and an
   architectural framework for DCVPNs within a data center environment.
   Within this framework, functional blocks will be defined to allow the
   dynamic attachment / detachment of VMs to their DCVPN, and the
   interconnection of elements of the DCVPNs over the underlying
   physical network.  This will support the delivery of packets to the
   destination VM within the scaling and migration limits described
   above.

   Based on this framework, the NVO3 WG will develop requirements for
   both control plane protocol(s) and data plane encapsulation
   format(s), and perform a gap analysis of existing candidate
   mechanisms.  In addition to functional and architectural
   requirements, the NVO3 WG will develop management, operational,
   maintenance, troubleshooting, security and OAM protocol requirements.

   The NVO3 WG will investigate the interconnection of the DCVPNs and
   their tenants with non-NVO3 IP network(s) to determine if any
   specific work is needed.

   The NVO3 WG will write the following informational RFCs, which must
   have completed Working Group Last Call before rechartering can be
   considered:

   o  Problem Statement

   o  Framework document

   o  Control plane requirements document

   o  Data plane requirements document





Khasnabish & JunSheng     Expires June 30, 2013                [Page 37]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  Operational Requirements

   o  Gap Analysis

   Driven by the requirements and consistent with the gap analysis, the
   NVO3 WG may request being rechartered to document solutions
   consisting of one or more data plane encapsulations and control plane
   protocols as applicable.  Any documented solutions will use existing
   IETF protocols if suitable.  Otherwise, the NVO3 WG may propose the
   development of new IETF protocols, or the writing of an applicability
   statement for non-IETF protocols.

   If the WG anticipates the adoption of the technologies of another
   SDO, such as the IEEE, as part of the solution, it will liaise with
   that SDO to ensure the compatibility of the approach.

   Area Director: Stewart Bryant (stbryant@cisco.com)

   Website:http://datatracker.ietf.org/wg/nvo3/

   Status: Active.

   Partnership/Coordination: IETF

   Language: English.

3.25.  IRTF/P2PRG

   Overall, the field of P2P technologies presents a number of
   interesting challenges which includes new methods for optimizing P2P
   application overlays, performing routing and peer selection
   decisions, managing traffic and discovering resources.  Areas of
   interest are also new techniques for P2P streaming and
   interconnecting distinct P2P application overlays.  Other challenges
   for P2P are related to storage, reliability, and information
   retrieval in P2P systems.  Yet another challenging area is security,
   privacy, anonymity and trust.  Finally, it is challenging to examine
   P2P systems that are deployed, for example, to measure, monitor and
   characterize P2P applications.  In addition to these areas of
   research, it is of interest to investigate the requirements of new
   applications (e.g., real-time P2P applications or P2P applications
   for wireless networks) on the P2P technologies used.  The P2P RG will
   collaborate with academia and industry on making progress addressing
   these challenges.

   Chair: Volker Hilt(volkerh@bell-labs.com), Stefano
   Previdi(sprevidi@cisco.com)




Khasnabish & JunSheng     Expires June 30, 2013                [Page 38]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   Website:http://www.irtf.org/charter?gtype=rg&group=p2prg

   Status: Active.

   Partnership/Coordination: IETF

   Language: English.

3.26.  IRTF/VNRG

   The Virtual Networks Research Group (VNRG) provides a forum for
   interchange of ideas among a group of network researchers with an
   interest in network virtualization in the context of the Internet and
   also beyond the current Internet.

   The VNRG will consider the whole system of a VN and not only single
   components or a limited set of components; we will identify
   architectural challenges resulting from VNs, addressing network
   management of VNs, and exploring emerging technological and
   implementation issues.

   Initial set of work items:

   o  concepts/background/terminology

   o  common parts of VN architectures

   o  common problems/challenges in VN

   o  descriptions of appropriate uses

   o  some solutions (per-problem perhaps)

   Chair: Joe Touch (touch@isi.edu), Martin Stiemerling
   (stiemerling@nw.neclab.eu)

   Website: http://irtf.org/concluded/vnrg

   Status: Concluded.

   Partnership/Coordination: IETF

   Language: English.

3.27.  ISO/IEC JTC1 SC38 SGCC






Khasnabish & JunSheng     Expires June 30, 2013                [Page 39]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


3.27.1.  Study Group on Cloud Computing(SGCC)

   Terms of Reference:

   o  Provide a taxonomy, terminology and value proposition for Cloud
      Computing.

   o  Assess the current state of standardization in Cloud Computing
      within JTC1 and in other SDOs and consortia.

   o  Document standardization market/business/user requirements and the
      challenges to be addressed.

   o  Liaise and collaborate with relevant SDOs and consortia related to
      Cloud Computing.

   o  Hold workshops to gather requirements as needed.

   o  Provide a report of activities and recommendations to SC38.

3.27.2.  Working Group 3 on Cloud Computing

   Terms of Reference:

   o  Identify, develop, and maintain JTC 1 deliverables initially in
      the field of Cloud Computing Reference Architecture and Terms and
      Definitions.

   o  Investigate the requirements for new work in the areas of Use case
      Analysis Methodology and Principle of Cloud Service Delivery, as
      provided in Clause 5.2 of the Study Group Report on Cloud
      Computing (SC 38 N 430).

   o  As a basis for the evaluation and development of new work, utilize
      a use case-based methodology as described in the SC 38 Study Group
      Report on Cloud Computing (SC 38 N 430) as appropriate.

   o  Support SC 38 goals and respond to requests pertaining to Cloud
      Computing initiated by SC 38, JTC 1 and external Liaison
      organizations.

   o  Liaise and collaborate with SDOs and consortia related to Cloud
      Computing as appropriate.

   o  Maintain future JTC 1 PAS and Fast Track submissions assigned to
      SC 38 in the area of Cloud Computing and Virtualization.

   SC38 Chairman: Dr. Donald Deutsch (USA)



Khasnabish & JunSheng     Expires June 30, 2013                [Page 40]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   SC38 Secretary: Ms. Marisa Peacock (USA)

   SGCC Convenor: Dr. Seungyun Lee (Korea)

   Website:http://www.iso.org/iso/standards_development/
   technical_committees/list_of_iso_technical_committees/
   iso_technical_committee.htm?commid=601355

   Status: Active.

   Partnership/Coordination:

   o  IEEE

   o  IETF

   Language: English.

3.28.  ITU-T JCA-Cloud (Joint Coordination Activity on Cloud Computing )

   The TSAG (January 2012 meeting) agreed the establishment of the Joint
   Coordination Activity on Cloud Computing (JCA-Cloud) with SG 13 as
   parent group (Cf. TSB Circular 261,
   http://www.itu.int/md/T09-TSB-CIR-0261/en).

   The scope of JCA-Cloud is coordination of the ITU-T cloud computing
   standardization work within ITU-T and coordination of the
   communication with standards development organizations and forums
   also working on Cloud Computing protocols and standards.

   JCA-Cloud is open to ITU Members and designated representatives of
   relevant Standards Development Organizations and Forums
   (http://www.itu.int/en/ITU-T/jca/Cloud/Pages/relevant-sdos.aspx).

   The terms of reference (ToR) can be found at the website: http://
   www.itu.int/en/ITU-T/jca/Cloud/Documents/ToR/ToR%20JCA%20Cloud.pdf.

   Chair: Monique Morrow (Cisco)).

   Website: http://www.itu.int/en/ITU-T/jca/Cloud/Pages/default.aspx

   Status: Active.

   Partnership/Coordination: Many
   (http://www.itu.int/en/ITU-T/jca/Cloud/Pages/relevant-sdos.aspx)

   Language: English.




Khasnabish & JunSheng     Expires June 30, 2013                [Page 41]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


3.29.  KCSA (Korea Cloud Service Association)

   Main mission of KCSA:

   o  Create demand of Cloud service

   o  Create Cloud service activation framework and its environments

   o  Disseminate and promote Cloud service to public sectors

   Chair: Mr. Choi Do-Hwan

   Website:http://www.kcsa.or.kr/index.jsp

   Status: Active.

   Partnership/Coordination: Not known.

   Language: English.

3.30.  Liberty Alliance / Kantara Initiative

   As of June 2009, the work of the Liberty Alliance is transitioning to
   the Kantara Initiative.

   The vision of Liberty Alliance is to enable [a networked world] web
   services based on open standards where consumers, citizens,
   businesses and governments can more easily conduct online
   transactions while protecting the privacy and security of identity
   information.

   o  Build open standard-based specifications for federated identity
      and identity-based Web services.

   o  Drive global identity theft prevention solutions.

   o  Provide interoperability testing.

   o  Offer a formal certification program for products utilizing
      Liberty specifications.

   o  Establish best practices, rules, liabilities, and business
      guidelines.

   o  Collaborate with other standards bodies, privacy advocates, and
      government policy groups.





Khasnabish & JunSheng     Expires June 30, 2013                [Page 42]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  Address end user privacy and confidentiality issues.

   Kantara Initiative: Bridging and harmonizing the identity community
   with actions that will help ensure secure, identity-based, online
   interactions while preventing misuse of personal information so that
   networks will become privacy protecting and more natively trustworthy
   environments.

   Managing Director: Mr. Joni Brennan

   Website:http://www.projectliberty.org/, http://kantarainitiative.org/

   Status: New Initiative.

   Partnership/Coordination: Not known.

   Language: English.

3.31.  NCOIC (Network Centric Operations Industry Consortium)

   The Network Centric Operations Industry Consortium is a global, not-
   for-profit organization dedicated to advancing interoperability via
   network centric operations.  NCOIC has formed a Cloud Computing
   Working Group that will investigate ways to leverage clouds to
   support global interoperability.  NCOIC's 90 member organizations
   from 19 nations will advocate for open standards and, on reaching
   consensus, will make voice of industry recommendations about their
   applicability.  Further, NCOIC will develop operational and
   capability patterns that can enable our customers-in military,
   aviation, emergency response and cyber security-to achieve
   portability of information and services from cloud to cloud.

   Managing Director: TBD

   Website:https://www.ncoic.org/about/

   Status: Initiative.

   Partnership/Coordination: Not known.

   Language: English.

3.32.  NIST

   NIST's role in cloud computing is to promote the effective and secure
   use of the technology within government and industry by providing
   technical guidance and promoting standards.




Khasnabish & JunSheng     Expires June 30, 2013                [Page 43]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   Cloud computing is a model for enabling convenient, on-demand network
   access to a shared pool of configurable computing resources (e.g.,
   networks, servers, storage, applications, and services) that can be
   rapidly provisioned and released with minimal management effort or
   service provider interaction.

   Essential Characteristics:

   o  On-demand self-service.  A consumer can unilaterally provision
      computing capabilities, such as server time and network storage,
      as needed automatically without requiring human interaction with
      each service's provider.

   o  Broad network access.  Capabilities are available over the network
      and accessed through standard mechanisms that promote use by
      heterogeneous thin or thick client platforms (e.g., mobile phones,
      laptops, and PDAs).

   o  Resource pooling.  The provider's computing resources are pooled
      to serve multiple consumers using a multi-tenant model, with
      different physical and virtual resources dynamically assigned and
      reassigned according to consumer demand.  There is a sense of
      location independence in that the customer generally has no
      control or knowledge over the exact location of the provided
      resources but may be able to specify location at a higher level of
      abstraction (e.g., country, state, or datacenter).  Examples of
      resources include storage, processing, memory, network bandwidth,
      and virtual machines.

   o  Rapid elasticity.  Capabilities can be rapidly and elastically
      provisioned, in some cases automatically, to quickly scale out and
      rapidly released to quickly scale in.  To the consumer, the
      capabilities available for provisioning often appear to be
      unlimited and can be purchased in any quantity at any time.

   o  Measured Service.  Cloud systems automatically control and
      optimize resource use by leveraging a metering capability at some
      level of abstraction appropriate to the type of service (e.g.,
      storage, processing, bandwidth, and active user accounts).
      Resource usage can be monitored, controlled, and reported
      providing transparency for both the provider and consumer of the
      utilized service.

   Working Group:

   o  Cryptographic Technology





Khasnabish & JunSheng     Expires June 30, 2013                [Page 44]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  Systems & Emerging Technologies Security Research

   o  Security Management & Assurance

   o  CMVP & CAVP - (now part of Security Management & Assurance)

   Chair: Mr. Peter Mell(mell@nist.gov)

   Website:http://csrc.nist.gov/groups/SNS/cloud-computing/

   Status: Active.

   Partnership/Coordination: Not known.

   Language: English.

3.33.  OASIS

   OASIS is a not-for-profit consortium that drives the development,
   convergence and adoption of open standards for the global information
   society.  The consortium produces more Web services standards than
   any other organization along with standards for security, e-business,
   and standardization efforts in the public sector and for application-
   specific markets.  OASIS sees Cloud Computing as a natural extension
   of SOA and network management models.  Related standards are:

   o  Security, access and identity policy standards -- e.g., OASIS
      SAML, XACML, SPML, WS-Security Policy, WS-Trust.

   o  Content, format control and data import/export standards -- e.g.,
      OASIS ODF.

   o  Registry, repository and directory standards -- e.g., OASIS ebXML
      and UDDI.

   o  SOA methods and models, network management, service quality and
      interoperability -- e.g., OASIS SOA-RM, and BPEL.

   OASIS specifications are available here.
   http://www.oasis-open.org/specs/

   OASIS Committees by Category

   o  Adoption Services

   o  Computing Management





Khasnabish & JunSheng     Expires June 30, 2013                [Page 45]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  Document-Centric Applications

   o  e-Commerce

   o  Law & Government

   o  Localisation

   o  Security

   o  SOA

   o  Standards Adoption

   o  Supply Chain

   o  Web Services

   o  XML Processing

   Website:http://www.oasis-open.org

   Status: Active.

   Partnership/Coordination: Not known.

   Language: English.

3.34.  OCC

   The OCC is a member driven organization that supports the development
   of standards for cloud computing and frameworks for interoperating
   between clouds, develops benchmarks for cloud computing, and supports
   reference implementations for cloud computing.

   The OCC also manages testbeds for cloud computing, such as the Open
   Cloud Testbed, and operates clouds computing infrastructure to
   support scientific research, such as the Open Science Data Cloud.

   OCC Working Group.

   o  Working Group on Standards and Interoperability For Large Data
      Clouds

   o  The Open Cloud Testbed Working Group

   o  The Open Science Data Cloud (OSDC) Working Group




Khasnabish & JunSheng     Expires June 30, 2013                [Page 46]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  Intercloud Testbed Working Group

   Website:http://opencloudconsortium.org/

   Status: Active.

   Partnership/Coordination(Contributing Members and Partners):

   o  Calit2

   o  Johns Hopkins University

   o  National Lambda Rail

   o  University of Chicago

   Language: English.

3.35.  ODCA (Open Data Center Alliance)

   The Open Data Center Alliance (ODCA) was formed in 2010 as a unique
   consortium of leading global IT organizations.  ODCA's focus is to
   deliver a unified voice for emerging data center and cloud computing
   requirements.  The mission of ODCA is to speed the migration to cloud
   computing by enabling the solution and service ecosystem to address
   IT requirements with the highest level of interoperability and
   standards.  This includes:

   o  Identifying customer requirements for corporate adoption and
      deployment of cloud computing

   o  Defining usage models for these requirements based on open,
      industry-standard, multi-vendor solutions that support a vision of
      secure federation, automation, common management, and transparency

   o  Influencing industry innovation with:

      *  Collective membership commitment to use Alliance usage models
         to guide corporate planning and purchasing of data center
         resources

      *  Solution Provider member commitment to prioritize solution
         delivery based on Alliance Usage Model requirements

   o  Collaborating with industry standards bodies to define standards
      development aligned with Alliance priorities.

   ODCA established technical workgroups in five categories that cover



Khasnabish & JunSheng     Expires June 30, 2013                [Page 47]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   essential areas of cloud computing:

   o  Infrastructure: Related to core infrastructure of a cloud,
      including cloud data centers, access devices, and platforms.  Use
      cases will span compute, storage, network, and facilities.

   o  Management: Related to effective management of the cloud and cloud
      services to meet cloud subscriber, cloud provider, end user, and
      intermediary objectives.

   o  Regulation and Ecosystem: Use cases and patterns where government
      regulations help or hinder cloud adoption.  Also included are
      ecosystem practices that impede cloud models and/or render the
      models inefficient (for example, licensing).

   o  Security: Use cases that highlight security needs of the cloud,
      particularly where significant user concerns limit adoption.

   o  Services: Related to the kinds of cloud services and ways they
      might be used.  This category is driven by dominant and emerging
      business models in the cloud.

   Website:http://www.opendatacenteralliance.org/

   Status: Active.

   Partnership/Coordination(Contributing Members and Partners):

   o  CSA

   o  DMTF

   o  TM Forum

   o  OASIS

   o  Open Computer Project

   Language: English.

3.36.  OGF / OCCI

   OGF is an open community committed to driving the rapid evolution and
   adoption of applied distributed computing.  Applied Distributed
   Computing is critical to developing new, innovative and scalable
   applications and infrastructures that are essential to productivity
   in the enterprise and within the science community.  OGF accomplishes
   its work through open forums that build the community, explore



Khasnabish & JunSheng     Expires June 30, 2013                [Page 48]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   trends, share best practices and consolidate these best practices
   into standards.

   The purpose of the OCCI group is the creation of a practical solution
   to interface with Cloud infrastructures exposed as a service (IaaS).
   It will focus on a solution which covers the provisioning, monitoring
   and definition of Cloud Infrastructure services.  The group should
   create this API in an agile way as we can have advantages over other
   groups if we deliver fast.  Overlapping work and efforts will be
   contributed and synchronized with other groups.

   OCCI is a RESTful-based network Protocol and API for managing cloud
   computing infrastructure.  It has since evolved into an extensible
   API with a strong focus on interoperability while still offering a
   high degree of extensibility.  The current release of the OCCI is
   suitable to serve many other models in addition to IaaS, including
   e.g.  PaaS and SaaS.

   OCCI are described from three aspects.

   o  OCCI Core Mode.

      *  Core Mode defines a representation of resource types which is
         an abstraction of real-world resources, including the means to
         identify, classify, associate and extend those resources.

      *  Any resource exposed through OCCI is a Resource or a sub-type
         thereof.  The Resource type contains a number of common
         attributes that Resource sub-types inherit.  The Resource type
         is complemented by the Link type which associates one Resource
         instance with another.  The Link type contains a number of
         common attributes that Link sub-types inherit.

      *  OCCI Core Model types include Category, Kind, Mixin, Action,
         Entity, Resource and Link.

   o  OCCI Rendering.

      *  OCCI Rendering types include HTTP Header, XHTML5, etc.

      *  OCCI Rendering is a lightweight yet all-encompassing means to
         describe infrastructure.

      *  It provides the capability to send a native (e.g.  OVF, VMX)
         representation for clients that can digest such a native
         rendering.





Khasnabish & JunSheng     Expires June 30, 2013                [Page 49]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  OCCI Infrastructure Model

      *  OCCI Infrastructure Model describes a particular OCCI
         Infrastructure extension for the IaaS domain.

      *  The main infrastructure types defined within OCCI
         Infrastructure are:

         +  Compute.  Information processing resources.

         +  Network.  Interconnection resource and represents a L2
            networking resource.

         +  Storage.  Information recording resources.

      *  Link sub-types for the Resource types are the following:

         +  NetworkInterface connects a Compute instance to a Network
            instance.

         +  StorageLink connects a Compute instance to a Storage
            instance.

   The OCC also manages testbeds for cloud computing, such as the Open
   Cloud Testbed, and operates clouds computing infrastructure to
   support scientific research, such as the Open Science Data Cloud.

   Areas of work of the OGF Standards Function.

   o  Applications

   o  Architecture

   o  Compute

   o  Data

   o  Infrastructure

   o  Liaison

   o  Management

   o  Security

   Open Cloud Computing Interface WG (occi-wg), Thijs Metsch Chair, Andy
   Edmonds Chair, Alexis Richardson Chair, Sam Johnston Secretary




Khasnabish & JunSheng     Expires June 30, 2013                [Page 50]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   Website:http://www.ogf.org/, http://www.occi-wg.org/doku.php

   Status: Active.

   Partnership/Coordination:

   o  IETF

   o  W3C(World Wide Web Consortium)

   o  OASIS

   o  DMTF

   o  SNIA

   o  WS-I(Web Services Interoperability Organization)

   Language: English.

3.37.  OMA(Open Mobile Alliance)

   OMA is the leading industry forum for developing market driven,
   interoperable mobile service enablers.

   OMA has developed OMA Cloud Computing White Paper v1.0 which
   identifies the following areas of interest as potential future
   developments opportunities:

   1.  The development and support of Cloud Computing related O&M
       functionality with OMA enablers.

   2.  To extend the OMA Mobile Commerce and Charging area.

   3.  To evaluate the need of developing new activities/work item to
       enable the 'Virtualized Experience' in Cloud Computing.  OMA has
       established a new work item namely 'Unified Virtual Experience'
       i.e. use cases and requirements for Unified Virtual Experience
       (UVE) Enabler.

   4.  To extend the OMA Security area.

   Recently OMA is continuing extension of OMA Cloud Computing White
   Paper v1.0, i.e. the study of how OMA enablers need to be modified to
   be useful in the Cloud Computing environment.  The scope of this new
   version v2.0 focuses on:





Khasnabish & JunSheng     Expires June 30, 2013                [Page 51]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  More detailed gap analysis with other SDOs and start a dialogue/
      collaboration with them.

   o  More gap analysis on other OMA areas, e.g.:

      *  Person-to-Person Communication area.

      *  Service Customization area.

      *  End-to-end Efficiency aspect.

   o  More recommendations of the future work in OMA.

   The goals of such analysis and recommendation in this White Paper
   are:

   o  to consider a cloud delivery model as a converged platform to
      deliver IT and communication services over any network (fixed,
      mobile,..) and used by any end user connected devices (PC, TV,
      Smart Phone, M2M!).

   o  to facilitate the operators to deliver a rich set of communication
      services (voice & video call, audio, video & web conf, messaging,
      unified communication, content creation, broadcasting...).
      Moreover the network services should be seen as smart pipes
      !ohigh-grade network!+/- for cloud services transport and cloud
      interconnection (inter-cloud) in order to guarantee secure and
      high performance end-to-end quality of service QoS for end users
      (considered as an important key differentiator for
      telecommunication players).

   Working Group: BOD CLOUD

   Chair: Bin Hu(Huawei Technologies Co., Ltd, bin.hu@huawei.com )

   DSO: John Mudge(OMA, jmudge@omaorg.org )

   Website: http://www.openmobilealliance.org/

   Status: Active.

   Partnership/Coordination: None

   Language: English.







Khasnabish & JunSheng     Expires June 30, 2013                [Page 52]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


3.38.  OMG(Object Management Group)

   The Cloud Standards Coordination Group is committed to development of
   a joint resource on cloud computing strategies, standards and
   implementations.  Different SDOs are bringing together different but
   complementary abilities: storage, execution models, deployment
   models, service level agreements, security, authentication, privacy.
   Specific cloud-related specification efforts have only just begun in
   OMG, focusing on modeling deployment of applications & services on
   clouds for portability, interoperability & reuse.  Relevant
   committees include Analysis & Design Task Force (ADTF) and SOA
   Special Interest Group (SOA SIG).

   Working Group:

   o  Architecture Board

   o  Platform Technology Committee

   o  Domain Technology Committee

   Website:http://www.omg.org/

   Status: Active.

   Partnership/Coordination:

   o  ASC X12

   o  ASC T1M1

   o  CEN/ISSS (Information Society Standardization System)

   o  DICOM (Digital Imaging and Communications in Medicine)

   o  DMTF (Distributed Management Task Force)

   o  ECMA (European Computer Manufacturers Association.)

   o  FIPA (Foundation for Intelligent Physical Agents)

   o  HL7 (Health Level Seven)

   o  ICT-SB (Information and Communications Technology Standards Board)

   o  IEEE 1226





Khasnabish & JunSheng     Expires June 30, 2013                [Page 53]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   o  ISO

   o  ITU-T Standardization Sector

   o  NCPDP (National Council for Prescription Drug Programs)

   o  Parlay

   o  SDRF - Software Defined Radio Forum

   o  SWIFT (The Society for Worldwide International Financial
      Telecommunication)

   o  TMForum (TeleManagement Forum)

   o  3GPP

   Language: English.

3.39.  OCM (Open Cloud Manifesto)

   The Open Cloud Manifesto establishes a core set of principles to
   ensure that organizations will have freedom of choice, flexibility,
   and openness as they take advantage of cloud computing.  While cloud
   computing has the potential to have a positive impact on
   organizations, there is also potential for lock-in and lost
   flexibility if appropriate open standards are not identified and
   adopted.

   To open the cloud computing, the rules specified by the OCM need be
   referenced.

   Website:http://www.opencloudmanifesto.org/

   Status: Active.

   Partnership/Coordination: CCIF(Inactive)

   Language: English.

3.40.  OGC WG (Open Group Cloud Work Group)

   The Open Group Cloud Work Group exists to create a common
   understanding among buyers and suppliers of how enterprises of all
   sizes and scales of operation can include Cloud Computing technology
   in a safe and secure way in their architectures to realize its
   significant cost, scalability and agility benefits.




Khasnabish & JunSheng     Expires June 30, 2013                [Page 54]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   To open the cloud computing, the rules specified by the OCM need be
   referenced.

   Chair: Mr. David Lounsbury (VP Government Programs, The Open Group)

   Website:http://www.opengroup.org/cloudcomputing/

   Status: Active.

   Partnership/Coordination: Not known.

   Language: English.

3.41.  SNIA

   SNIA Mission:

   Lead the storage industry worldwide in developing and promoting
   standards, technologies, and educational services to empower
   organizations in the management of information.

   SNIA's Forums and Initiatives include:

   o  the Cloud Storage Initiative,

   o  the Data Management Forum,

   o  the Green Storage Initiative,

   o  the Ethernet Storage Forum,

   o  Storage Management Initiative,

   o  Solid State Storage Initiative,

   o  the Storage Security Industry Forum

   o  the XAM Initiative

   The Cloud Data Management Interface (CDMI) defines the functional
   interface that applications will use to create, retrieve, update and
   delete data elements from the Cloud.  As part of this interface the
   client will be able to discover the capabilities of the cloud storage
   offering and use this interface to manage containers and the data
   that is placed in them.  In addition, metadata can be set on
   containers and their contained data elements through this interface.

   This interface is also used by administrative and management



Khasnabish & JunSheng     Expires June 30, 2013                [Page 55]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   applications to manage containers, accounts, security access and
   monitoring/billing information, even for storage that is accessible
   by other protocols.  The capabilities of the underlying storage and
   data services are exposed so that clients can understand the
   offering.

   Metadata is a convenient mechanism in managing large amounts of data
   with differing requirements through expressing those requirements in
   such a way that underlying data services differentiate their
   treatment of the data to meet those requirements.

   Resource types which are accessed through RESTful interface include:

   o  Container.

   o  Accounting.

   o  DataObject.

      *  Files.

      *  Block Devices.

      *  Object Stores.

      *  Database Tables.

   o  Capability.

   Storage Management Initiative Specification (SMI-S) defines a method
   for the interoperable management of a heterogeneous Storage Area
   Network (SAN), and describes the information available to a WBEM
   Client from an SMI-S compliant CIM Server and an object-oriented,
   XML-based, messaging-based interface designed to support the specific
   requirements of managing devices in and through SANs.

   The eXtensible Access Method (XAM) Interface specification defines a
   standard access method (API) between "Consumers" (application and
   management software) and "Providers" (storage systems) to manage
   fixed content reference information storage services.  XAM includes
   metadata definitions to accompany data to achieve application
   interoperability, storage transparency, and automation for ILM-based
   practices, long term records retention, and information security.
   XAM will be expanded over time to include other data types as well as
   support additional implementations based on the XAM API to XAM
   conformant storage systems.

   Website:http://www.SNIA.org



Khasnabish & JunSheng     Expires June 30, 2013                [Page 56]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   Status: Active.

   Partnership/Coordination:

   o  ARMA (Association of Records Managers and Administrators)
      International

   o  DMTF

   o  Eclipse Aperi Storage Management Project

   o  FCIA (Fibre Channel Industry Association)

   o  OGF (Open Grid Forum)

   o  The Green Grid

   Language: English.

3.42.  Study group on Smart Cloud, Japan

   Ministry of Internal Affairs and Communications of Japan holds study
   group meetings on smart cloud collecting key people from the academia
   and the industry in Japan.  They surveyed the current status of cloud
   computing and identified important issues from the viewpoints of
   technologies, standardization and international cooperation.

   Professor Emeritus Hideo Miyahara, Osaka University

   Website: http://www.soumu.go.jp

   Status: Active.

   Partnership/Coordination: Not known.

   Language: Japanese.

3.43.  TM Forum

   The primary objective of TM Forum's Cloud Services Initiative is to
   help the industry overcome the barriers and assist the growth of a
   vibrant commercial marketplace for cloud based services.  The
   centerpiece of this initiative is an ecosystem of major buyers and
   sellers who will collaborate to define a range of common approaches,
   processes, metrics and other key service enablers.

   TM Forum's vision is to ensure acceleration of service
   standardization and commoditization in an effective and efficient



Khasnabish & JunSheng     Expires June 30, 2013                [Page 57]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


   marketplace of cloud computing services in all global geographies,
   through alignment with the needs of the world's largest IT buyers.

   Enterprise Cloud Buyers Council Goals are:

   o  to foster an effective and efficient marketplace for cloud compute
      infrastructure and services across all industry verticals and
      global geographies;

   o  Accelerate standardization and commoditization of cloud services,
      and identifying common commodity processes best consumed as a
      service;

   o  Solicit definition for standardized core and industry-specific
      SKUs for cloud services;

   o  Achieve transparency of cost, service levels and reporting across
      the ecosystem;

   o  Enable benchmarking of services across service providers and
      geographies;

   o  Enable vendor measurement against normalized and agreed service
      level metrics;

   o  Radically reduce cost of acquisition and operations for commodity
      compute & services.

   James Warner, head of Cloud computing TM Forum.

   Website: http://www.tmforum.org/

   Status: Active.

   Partnership/Coordination: Not known.

   Language: English.














Khasnabish & JunSheng     Expires June 30, 2013                [Page 58]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


4.  Summary and Analysis

   This survey shows that there are a variety of ways to virtualize
   computing and communication resources in order to support both
   client-side and server-side applications and services.  Many of these
   services tend to utilize resources across multiple administrative,
   technology, and geographical domains.  Since there is no unified and
   universally acceptable protocol and mechanism to define the mobility
   of resources across domains, the early implementers tend to utilize
   the features and functions of the existing IETF protocols along with
   their proprietary modifications or extensions in order to achieve
   their goals.

   In addition to using a virtualization layer (VM layer), a thin Cloud
   operating system (OS) layer may be useful to hide the complexity,
   specificity, and regionality (locality) of the resources.

   We also observe that different SDOs are trying to develop many
   different methods for logging and reporting of resource usage for
   Cloud services.  This will create auditing transparency problems
   which may negatively impact the development of security and service
   level agreement features.

   At the end, these may in fact result in an increase in the effective
   cost for services that utilize the cloud based systems and networks,
   violating the very foundation on which the concept of utilizing cloud
   is based on.
























Khasnabish & JunSheng     Expires June 30, 2013                [Page 59]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


5.  Security Considerations

   To be added later, on as-needed basis.
















































Khasnabish & JunSheng     Expires June 30, 2013                [Page 60]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


6.  Conclusion

   We have presented a survey of the activities of Cloud SDOs along with
   a simple early analysis.  This survey has revealed that different
   SDOs are utilizing or expect to utilize a set of common IETF
   protocols for cloud services, and some time they modify or extend
   these protocols in order to satisfy their niche objectives.

   These will not only cause interoperability problems, but may also
   negatively impact further development of protocols and services in
   this very important area of cloud computing and networking.  IETF is
   the best organization to address these issues.







































Khasnabish & JunSheng     Expires June 30, 2013                [Page 61]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


7.  Acknowledgement

   To be added later.
















































Khasnabish & JunSheng     Expires June 30, 2013                [Page 62]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


8.  Appendix A: Cloud Standards WiKi.

   http://cloud-standards.org/wiki/index.php?title=Main_Page

   This WiKi Website documents the coordination activities of the
   various SDOs working on Cloud standards.  You can find related Cloud
   SDOs the WiKi Website addressed here.

   o  CloudAudit

   o  Cloud Security Alliance

   o  Distributed Management Task Force (DMTF)

   o  ETSI(The European Telecommunications Standards Institute)

   o  NIST(National Institute of Standards and Technology)

   o  Open Grid Forum (OGF)

   o  Object Management Group (OMG)

   o  Open Cloud Consortium (OCC)

   o  OASIS(Organization for the Advancement of Structured Information
      Standards)

   o  SNIA(Storage Networking Industry Association)

   o  OG WG(The Open Group)

   o  ARTS(Association for Retail Technology Standards)



















Khasnabish & JunSheng     Expires June 30, 2013                [Page 63]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


9.  IANA Considerations

   This document has no actions for IANA.
















































Khasnabish & JunSheng     Expires June 30, 2013                [Page 64]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


10.  Normative references

   [Cloud Definition]
              NIST, Special Publication 800-145, "The NIST definition of
              Cloud Computing", September 2011.

   [RFC2119]  IETF, "Key words for use in RFCs to Indicate Requirement
              Levels", March 1997.











































Khasnabish & JunSheng     Expires June 30, 2013                [Page 65]


Internet-Draft  Cloud SDO Activities Survey and Analysis   December 2012


Authors' Addresses

   Bhumip Khasnabish
   ZTE USA, Inc.
   55 Madison Avenue, Suite 160
   Morristown, NJ 07960
   USA

   Phone: +001-781-752-8003
   Email: vumip1@gmail.com, bhumip.khasnabish@zteusa.com


   Chu JunSheng
   ZTE
   No.50 Ruanjian Dadao Road, Yuhuatai District
   Nanjing
   China

   Phone: +86-25-8801-4630
   Email: chu.junsheng@zte.com.cn































Khasnabish & JunSheng     Expires June 30, 2013                [Page 66]