clouds B. Khasnabish Internet-Draft ZTE USA Intended status: Standards Track C. JunSheng Expires: July 4, 2011 ZTE December 31, 2010 Cloud SDO Activities Survey and Analysis draft-khasnabish-cloud-sdo-survey-00.txt Abstract At the IETF 77 Clouds Bar BoF, it was suggested that an internet draft on survey of standard organizations and working groups that are focusing on cloud-based systems and services be prepared. The objective is to take a snapshot of industry activities related to cloud features and functions for the purpose of creating a gap analysis. This document is that survey. At the end of this survey a section on gap analysis is presented. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on July 4, 2011. Copyright Notice Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must Khasnabish & JunSheng Expires July 4, 2011 [Page 1] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November 10, 2008. The person(s) controlling the copyright in some of this material may not have granted the IETF Trust the right to allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s) controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate it into languages other than English. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 3. Survey of other SDOs . . . . . . . . . . . . . . . . . . . . . 6 3.1. ARTS (The Association for Retail Technology Standards) . . 6 3.2. ATIS (Alliance for Telecommunications Industry Solutions) SON FG. . . . . . . . . . . . . . . . . . . . . 6 3.3. CCF (Cloud Computing Forum, Korea). . . . . . . . . . . . 7 3.4. CCIF (Cloud Computing Interoperability Forum). . . . . . . 8 3.5. CloudAudit . . . . . . . . . . . . . . . . . . . . . . . . 9 3.6. CCSA - Clouds . . . . . . . . . . . . . . . . . . . . . . 9 3.7. Cloud Computing Use Cases Group . . . . . . . . . . . . . 10 3.8. China Institute of Electronics. . . . . . . . . . . . . . 11 3.9. Cloud Operations and Security, Japan. . . . . . . . . . . 11 3.10. CSA (Cloud Security Alliance) . . . . . . . . . . . . . . 11 3.11. CSA/TCI (Cloud Security Alliance / Trusted Cloud Initiative) . . . . . . . . . . . . . . . . . . . . . . . 13 3.12. DMTF (Distributed Management Task Force) . . . . . . . . . 13 3.13. DMTF VMAN Initiative (DMTF Virtualization Management Initiative) . . . . . . . . . . . . . . . . . . . . . . . 15 3.14. ENISA(European Network and Information Security Agency) . 15 3.15. ETSI STF 331 (Specialist Task Force on ICT GRID Technologies Interoperability and Standardization) . . . . 16 3.16. ETSI TC GRID (Technical Committee Grid) . . . . . . . . . 17 3.17. GICTF (Global Inter-Cloud Technology Forum, Japan) . . . . 18 3.18. IEEE SA (Standards Association) . . . . . . . . . . . . . 19 3.19. IETF/APP Decade . . . . . . . . . . . . . . . . . . . . . 20 3.20. IETF/TSV/nfsv4 . . . . . . . . . . . . . . . . . . . . . . 22 3.21. IETF/OPS/netconf . . . . . . . . . . . . . . . . . . . . . 24 3.22. IRTF/P2PRG . . . . . . . . . . . . . . . . . . . . . . . . 25 Khasnabish & JunSheng Expires July 4, 2011 [Page 2] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 3.23. IRTF/VNRG . . . . . . . . . . . . . . . . . . . . . . . . 25 3.24. ISO/IEC JTC1 SC38 SGCC . . . . . . . . . . . . . . . . . . 26 3.25. ITU-T FG Cloud (Focus Group Cloud Computing) . . . . . . . 27 3.26. KCSA (Korea Cloud Service Association) . . . . . . . . . . 29 3.27. Liberty Alliance / Kantara Initiative . . . . . . . . . . 29 3.28. NCOIC (Network Centric Operations Industry Consortium) . . 30 3.29. NIST . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 3.30. OASIS . . . . . . . . . . . . . . . . . . . . . . . . . . 32 3.31. OCC . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 3.32. OGF / OCCI . . . . . . . . . . . . . . . . . . . . . . . . 34 3.33. OMG(Object Management Group) . . . . . . . . . . . . . . . 35 3.34. OCM (Open Cloud Manifesto) . . . . . . . . . . . . . . . . 37 3.35. OGC WG (Open Group Cloud Work Group) . . . . . . . . . . . 37 3.36. SNIA . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 3.37. Study group on Smart Cloud, Japan . . . . . . . . . . . . 39 3.38. TM Forum . . . . . . . . . . . . . . . . . . . . . . . . . 40 4. Summary and Analysis . . . . . . . . . . . . . . . . . . . . . 42 5. Security Considerations . . . . . . . . . . . . . . . . . . . 43 6. Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . 44 7. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 45 8. Appendix A: Cloud Standards WiKi. . . . . . . . . . . . . . . 46 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 47 10. Normative references . . . . . . . . . . . . . . . . . . . . . 48 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 49 Khasnabish & JunSheng Expires July 4, 2011 [Page 3] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 1. Introduction This draft presents a survey of the standards development organizations (SDOs) related to cloud activities. By conducting a comprehensive survey, gaps and overlaps in Clouds standards can be determined. This will allow us to determine the IETF work that would be required to address the gaps. Once these IETF work have been completed, seamless interoperability of cloud services can be realized. Khasnabish & JunSheng Expires July 4, 2011 [Page 4] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 2. Terminology Cloud-based systems are conveniently-connected modular blocks of resources o Both physical and virtual modularizations of resources are possible o For this discussion, the resources include computing (CPU), communications (bandwidth), memory (storage), management, database, software, applications, services, interconnectivity, etc. o The objective is to make the resources available ubiquitously for mission-specific applications and services in order to support the ultimate level of privacy/security, scalability and reliability cost-effectively and without the headache of owning and maintaining the infrastructure Clouds Discussion Archive: http://www.ietf.org/mail-archive/web/clouds/current/maillist.html NIST definition: http://csrc.nist.gov/groups/SNS/cloud-computing/ Service over Cloud o Utilize (stitch, weave, embroider, ...) the resources from Cloud to provision, create, deliver, and maintain an End-to-End Service o Use the service only when you Need it o Pay only for the time duration and type of use of service (include the costs for resources used) Khasnabish & JunSheng Expires July 4, 2011 [Page 5] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 3. Survey of other SDOs 3.1. ARTS (The Association for Retail Technology Standards) The ARTS is dedicated to creating an open environment where both retailers and technology vendors work together to create international retail technology standards and to reduce the costs of the technology. Recently, this group also started looking at researching cloud computing and developing white papers to address cloud issues. Cloud Computing team starts work on a "mini RFP(Request for Proposal)" to help retailers evaluate cloud strategies and solutions. ARTS is a separate council within the NRF(National Retail Federation) governed by a council of retailers and technology solution providers. ARTS has four standards/Committees: o UnifiedPOS - Committee Chair Paul Gay, Epson o Data Model - Committee Chair Lynn Myers, Lowe's Companies o ARTS XML - Committee Chair Tim Hood, SAP o Standard RFPs - Committee Chair Ann McCool ARTS Cloud Computing for Retail White Paper, Best Practices Documents. This Cloud Computing for Retail whitepaper offers unbiased guidance for achieving maximum results from this relatively new technology. Version 1.0 represents a significant update to the draft version released in October 2009, specifically providing more examples of cloud computing in retail, as well as additional information on the relationship to Service Oriented Architecture (SOA) and constructing a Private Cloud. Website:http://www.nrf-arts.org/ Status: Active. Partnership/Coordination: NRF. Language: English. 3.2. ATIS (Alliance for Telecommunications Industry Solutions) SON FG. The SON Forum is addressing work to enable the interoperability and implementation of Service Oriented Network (SON) applications and services by developing standards, providing coordination for the development of standards and practices, and facilitating related Khasnabish & JunSheng Expires July 4, 2011 [Page 6] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 technical activities. This forum is placing an emphasis on telecommunications industry needs in collaboration with regional and international standards development programs in the telecommunications, IT and Web industries. ATIS is accredited by the American National Standards Institute (ANSI). ATIS has three Working Areas: o WORK AREA1:Policy and Data Models Work Area (PDM) o WORK AREA2:OSS/BSS and Virtualization Work Area (OBV) o WORK AREA3:Service Delivery Creation and Enablers Work Area (SDCE) SON Forum Chair: Andrew White, Qwest Son Forum Vice Chair:Gary Munson, AT&T Website:http://www.atis.org/SON/index.asp Status: Active. Partnership/Coordination: o ANSI o 3GPP(TBC) Language: English. 3.3. CCF (Cloud Computing Forum, Korea). Main mission of CCF: o Constitute National level CC Forum o Provide CC technology development and standardization activity o Sharing CC technology information o Study on CC adaptation method into Public sectors o Support international standardization activity of CC o Develop CC related Law and policy Khasnabish & JunSheng Expires July 4, 2011 [Page 7] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 CCF has six Working Groups: o Group 1: Policy and Certification o Group 2: CC Technology Framework o Group 3: Media Cloud o Group 4: Storage Cloud o Group 5: CC Technology for Green IDC o Group 6: Mobile Cloud Chair: Mr. Son seung-won Website:http://www.ccsf-kr.org/ Status: Active. Partnership/Coordination: Not known. Language: Korean, with some titles in English. 3.4. CCIF (Cloud Computing Interoperability Forum). Goals The CCIF was formed in order to enable a global cloud computing ecosystem whereby organizations are able to seamlessly work together for the purposes for wider industry adoption of cloud computing technology and related services. A key focus will be placed on the creation of a common agreed upon framework / ontology that enables the ability of two or more cloud platforms to exchange information in an unified manor. Mission CCIF is an open, vendor neutral, open community of technology advocates, and consumers dedicated to driving the rapid adoption of global cloud computing services. CCIF shall accomplish this by working through the use open forums (physical and virtual) focused on building community consensus, exploring emerging trends, and advocating best practices / reference architectures for the purposes of standardized cloud computing. Note: CCIF is INACTIVE now. Khasnabish & JunSheng Expires July 4, 2011 [Page 8] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 CCIF comes up with a unified cloud interface (a.k.a. cloud broker) whose features are as follows: unify various cloud APIs and abstract it behind an open and standardized cloud interface, that is, create an API about other APIs. Proposed a UCI architecture. CCIF has two Working Groups: o Standard and Interoperability Working Group o Unified Cloud Interface Working Group Chair: Mr. Reuven Cohen (Enomaly Inc.) Website:http://www.cloudforum.org/ Status: Inactive. Partnership/Coordination: Not known. Language: English. 3.5. CloudAudit The goal of CloudAudit is to provide a common interface and namespace that allows cloud computing providers to automate the Audit, Assertion, Assessment, and Assurance (A6) of their infrastructure (IaaS), platform (PaaS), and application (SaaS) environments and allow authorized consumers of their services to do likewise via an open, extensible and secure interface and methodology. Automated Audit, Assertion, Assessment, and Assurance API (A6 Working Group), officially launched in January 2010. Chair: Mr. Christofer Hoff Website:http://www.cloudaudit.org/ Status: Active. Partnership/Coordination: Not known. Language: English. 3.6. CCSA - Clouds CCSA only follows up and evaluates the influence of cloud computing on telecommunication network. The main focus of CCSA is on Cloud Computing in Mobile Internet, Cloud Computing with P2P technology, Khasnabish & JunSheng Expires July 4, 2011 [Page 9] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 Resource Virtualization Application Mode and Operation Requirement, etc. CCSA has two Clouds related Working Groups: o TC2 WG1 o TC1 WG4 Website:http://www.ccsa.org.cn/ Status: Active. Partnership/Coordination: Not known. Language: English. 3.7. Cloud Computing Use Cases Group The goal of this group is to bring together cloud consumers and cloud vendors to define common use cases for cloud computing. The use cases will demonstrate the performance and economic benefits of cloud computing, and will be based on the needs of the widest possible range of consumers. The ToC of the latest version (V3) of the white paper includes o Definitions and Taxonomy o Use Case Scenarios o Customer Scenarios o Developer Requirements o Security Scenarios o Security Use Case Scenarios Website:http://groups.google.com/group/cloud-computing-use-cases Status: Active. Partnership/Coordination: OCM. Language: English. Khasnabish & JunSheng Expires July 4, 2011 [Page 10] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 3.8. China Institute of Electronics. The goal of the CIA is to solve the emerged problems with the rapid development of Cloud Computing, follows up the latest development of technologies related to Cloud Computing, strengthen communication and cooperation in the domain of Cloud Computing, prompt the research and application on the technology of Cloud Computing, and draw up industry specification on Cloud Computing. Clouds related Group: Cloud Computing Experts Association. Chair: Mr. Li Deyi Website:http://www.ciecloud.org/ Status: Active. Partnership/Coordination: OCM. Language: Chinese, with some titles in English. 3.9. Cloud Operations and Security, Japan. Information Security Awareness Campaign to be jointly launched by the public and private sectors. The Ministry of Economy, Trade and Industry (METI), Symantec Corporation, Trend Micro Incorporated, McAfee, Inc., and the Information-Technology Promotion Agency, Japan, will jointly launch the campaign to strengthen information security measures. As information technology (IT) penetrates further into people's lives and socio-economic activities, Internet users face higher risks of becoming victims of computer viruses, unauthorized access or other security breaches. This campaign is aimed at preventing such risks and increase people's awareness and knowledge of precautions for the safe use of IT. Website:http://www.meti.go.jp/english Status: Active. Partnership/Coordination: Not known. Language: English. 3.10. CSA (Cloud Security Alliance) The Cloud Security Alliance is a non-profit organization formed to promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Khasnabish & JunSheng Expires July 4, 2011 [Page 11] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 Computing to help secure all other forms of computing. The CSA is mainly focus on: o Promoting a common level of understanding between the consumers and providers of cloud computing regarding the necessary security requirements and attestation of assurance. o Promoting independent research into best practices for cloud computing security. o Launching awareness campaigns and educational programs on the appropriate uses of cloud computing and cloud security solutions. o Creating consensus lists of issues and guidance for cloud security assurance. 8 Working Groups: o Group 1: Architecture and Framework o Group 2: Governance, Risk Management, Compliance, Audit, Physical, BCM, DR o Group 3: Legal and eDiscovery o Group 4: Portability & Interoperability and Application Security o Group 5: Identity and Access Mgt, Encryption & Key Mgt o Group 6: Data Center Operations and Incident Response o Group 7: Information Lifecycle Management & Storage o Group 8: Virtualization and Technology Compartmentalization Chair: Mr. Jim Reavis (Executive Director), Mr. Christofer Hoff (Technical Director) Website:http://www.cloudsecurityalliance.org/ Status: Active. Partnership/Coordination: Not known. Language: English. Khasnabish & JunSheng Expires July 4, 2011 [Page 12] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 3.11. CSA/TCI (Cloud Security Alliance / Trusted Cloud Initiative) The Trusted Cloud Initiative will help cloud providers develop industry-recommended, secure and interoperable identity, access and compliance management configurations, and practices. We well develop reference models, education, certification criteria and a cloud provider self-certification toolset in 2010. The TCI hopes to publish the industry's first cloud security certification by the end of 2010. Chair: Mr. Liam Lynch (eBay), Mr. Nick Nikols (Novell) Website:http://www.trusted-cloud.com/ Status: Active. Partnership/Coordination: CSA(TBC). Language: English. 3.12. DMTF (Distributed Management Task Force) DMTF's Open Cloud Standards Incubator will focus on standardizing interactions between cloud environments by developing cloud resource management protocols, packaging formats and security mechanisms to facilitate interoperability. Using the recommendations developed by DMTF's Open Cloud Standards Incubator, the Cloud Managenment Working Group (CMWG) is focused on standardizing interactions between cloud environments by developing specifications that deliver architectural semantics and implementation details to achieve interoperable cloud management between service prociders and their consumers and developers. A DMTF partner initiative, SMI is a Storage Networking Industry Association (SNIA) initiative to standardize interoperable storage management technologies, based on the rich foundation provided by the DMTF's CIM and WBEM specifications. The Open Cloud Standards Incubator addresses the following aspects of the lifecycle of a cloud service: o description of the cloud service in a template o deployment of the cloud service into a cloud Khasnabish & JunSheng Expires July 4, 2011 [Page 13] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 o offering of the service to consumers o consumer entrance into contracts for the offering o provider operation and management of instances of the service o removal of the service offering The most recent version of DSP4003 v1.3.0 (the Alliance Partner Work Register Process document) approved by the DMTF board of directors on June 8th, 2006 defines how an alliance partner work register is created and the sequence of steps that are required before a work register is approved and the alliance partnership is established. Chair: Mr. Vinston Bumpus (President, DMTF) Website:http://www.dmtf.org/about/cloud-incubator/ Status: Active. Partnership/Coordination: o CSA o CompTIA(Computing Technology Industry Association ) o ECMA(Ecma International) o OGF(Open Grid Forum) o TGG(The Green Grid) o TOG(The Open Group) o OMG(Object Management Group) o PWG(Printer Working Group) o SNIA o TMF(TeleManagement Forum) o TCG(Trusted Computing Group) o UEFI(Unified Extensible Firmware Interface) Language: English. Khasnabish & JunSheng Expires July 4, 2011 [Page 14] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 3.13. DMTF VMAN Initiative (DMTF Virtualization Management Initiative) DMTF's Virtualization Management Initiative (VMAN) includes a set of specifications that address the management lifecycle of a virtual environment. VMAN's OVF (Open Virtualization Format) specification provides a standard format for packaging and describing virtual machines and applications for deployment across heterogeneous virtualization platforms. VMAN's profiles standardize many aspects of the operational management of a heterogeneous virtualized environment. OVF is a common packaging format for independent software vendors (ISVs) to package and securely distribute virtual appliances, enabling cross-platform portability. By packaging virtual appliances in OVF, ISVs can create a single, pre-packaged appliance that can run on customers!_ virtualization platforms of choice. The key properties of the format are as follows: o Optimized for distribution o Optimized for a simple, automated user experience o Supports both single VM and multiple o Portable VM packaging o Vendor and platform independent o Extensible - OVF is immediately useful - and extensible o Localizable - OVF supports user-visible descriptions in multiple locales Chair: Mr. Vinston Bumpus (President, DMTF) Website:http://www.dmtf.org/initiatives/vman_nitiative/ Status: Active. Partnership/Coordination: DMTF. Language: English. 3.14. ENISA(European Network and Information Security Agency) ENISA is carrying out a risk assessment of cloud computing with input from 30 experts from major companies and academic institutions. The Khasnabish & JunSheng Expires July 4, 2011 [Page 15] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 paper should provide an assessment of key risks and their mitigation strategies in cloud computing. ENISA Cloud Computing Risk Assessment ENISA is carrying out a risk assessment of cloud computing with input from 30 experts from major companies and academic institutions. The paper should provide an assessment of key risks and their mitigation strategies in cloud computing which will allow: o European Policymakers to decide on research policy (to develop technologies to mitigate risks) o European Policymakers to decide on appropriate policy and economic incentives, legislative measures, awareness-raising initiatives etc... vis-a-vis cloud-computing technologies. o Business leaders to evaluate the risks of adopting such technologies and possible mitigation strategies. Individuals/ citizens to evaluate the cost/benefit of ----using the consumer version of such applications. Executive Director, Dr Udo Helmbrecht Website:http://www.enisa.europa.eu/ Status: Active. Partnership/Coordination: EP3R(European Public-Private Partnership for Resilience, http://ec.europa.eu/information_society/policy/nis/ strategy/activities/ciip/impl_activities/index_en.htm ) Language: English. 3.15. ETSI STF 331 (Specialist Task Force on ICT GRID Technologies Interoperability and Standardization) The Specialist Task Force (STF) addressed, in general, IT-Telecom (Information Technology and Telecommunications) convergence and, in particular, the lack of interoperable GRID solutions built by IT in conjunction with the Telecom industry. At the request of TC GRID, this scope was extended to include "cloud computing". White paper: o Grid and Cloud Computing Technology: Interoperability and Standardization for the Telecommunications Industry, 2009. Khasnabish & JunSheng Expires July 4, 2011 [Page 16] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 Technical Report: o ETSI TR 102 659-1 Study of ICT GRID interoperability gaps; Part 1: Inventory of ICT Stakeholders V1.2.1, 2009-10 o ETSI TR 102 659-2 Study of ICT GRID interoperability gaps; Part 2: List of identified Gaps V1.2.1, 2009-10 o ETSI TR 102 766 ICT GRID Interoperability Testing Framework and survey of existing ICT Grid interoperability solutions V1.1.1, 2009-10 Technical Specification: o TSI TS 102 786 ICT GRID Interoperability Testing Framework V1.1.1, 2009-10 Chair: Mr. Geoffrey Caryer (STF 331 team leader) Website:http://portal.etsi.org/STFs/STF_HomePages/STF331/STF331.asp Status: Active. Partnership/Coordination: ETSI Language: English. 3.16. ETSI TC GRID (Technical Committee Grid) Responsible for producing test specifications and standards to integrate the use of telecommunications infrastructures in networked computing, including both Grid computing and Cloud computing. ETSI's Grid Technical Committee (TC GRID) is addressing issues associated with the convergence of Information Technology (IT) and telecommunications, paying particular attention to scenarios where connectivity goes beyond the local network. This includes not only Grid computing but also the emerging commercial trend towards Cloud computing which places particular emphasis on ubiquitous network access to scalable computing and storage resources. The vision is to evolve towards a coherent and consistent general purpose infrastructure, made up of interoperable elements ranging from small devices up to supercomputers, connected by global networks and capable of supporting communities ranging from individuals to whole industries, and with applications in business, public sector, academic and consumer environments. Note: TC GRID will be renamed to TC Cloud shortly and start work on Khasnabish & JunSheng Expires July 4, 2011 [Page 17] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 standardization requirements for cloud services (ETSI TR 102 997) Chair: Mr. Michael Fisher (BT Group Plc) Website:http://portal.etsi.org/portal/server.pt/community/GRID/310 Status: Initiating TC Cloud. Partnership/Coordination: o ETSI TC TISPAN o ETSI TC MTS o ETSI CTI (Centre for Testing & Interoperability) o ETSI Plugtests Events o ITU-T o Open Grid Forum, with which a Memorandum of Understanding has been signed o European Commission DG INFSO, DG ENTR o NESSI European Technology Platform Language: English. 3.17. GICTF (Global Inter-Cloud Technology Forum, Japan) GICTF aims to promote standardization of network protocols and the interfaces through which cloud systems interwork with each other, and to enable the provision of more reliable cloud services than those available today. Main activities and goals o Promote the development and standardization of technologies to use cloud systems; o Propose standard interfaces that allow cloud systems to interwork with each other; o Collect and disseminate proposals and requests regarding organization of technical exchange meetings and training courses; Khasnabish & JunSheng Expires July 4, 2011 [Page 18] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 o Establish liaison with counterparts in the U.S. and Europe, and promote exchange with relevant R&D teams. Working Group o General Assembly o Board of Directors o Technology Task Force o Application Task Force Chair: Prof. Tomonori Aoyama (Keio Univ.) Website:http://www.gictf.jp/index_e.html Status: Active. Partnership/Coordination: Not known Language: English. 3.18. IEEE SA (Standards Association) CLOUD 2009 is created to provide a prime international forum for both researchers and industry practitioners to exchange the latest fundamental advances in the state of the art and practice of Cloud Computing, identify emerging research topics, and define the future of Cloud Computing. http://www.thecloudcomputing.org/2009/2/ CLOUD 2010 tries to attract researchers, practitioners, and industry business leaders in all the following areas to help define and shape cloud computing, and its related modernization strategy and directions of the services industry. http://www.thecloudcomputing.org/2010/ IEEE SA collaborated with CSA in a cloud security standards survey, and in some events related to cloud standards. A number of existing IEEE standards is indirectly linked to cloud computing. Cloud Security Alliance and IEEE Join Forces to Identify Cloud Security Standards Requirements For IT Practitioners General Chairs: Stephen S. Yau, Arizona State University, USA. Liang-Jie Zhang, IBM T.J. Watson Research, USA Program Chairs: Wu Chou, Avaya Labs Research, Avaya, USA. Adrezej M Goscinski, Deakin University, Australia. Khasnabish & JunSheng Expires July 4, 2011 [Page 19] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 Application and Industry Track Chairs: Claudio Bartolini, HP Labs, USA. Min Luo, IBM Software Group, USA Website:http://standards.ieee.org/ Status: Active. Partnership/Coordination: CSA Language: English. 3.19. IETF/APP Decade The Working Group (WG) will have three primary tasks. First, the WG will identify target applications to appropriately scope the problem and requirements. P2P applications are the primary target, but suitability to other applications with similar requirements may be considered depending on additional complexity required to support such applications. Second, the WG will identify the requirements to enable target applications to utilize in-network storage. Requirements will include the ability for an application to (1) store, retrieve, and manage data, (2) indicate access control policies for storing and retrieving data suitable to an environment with users across multiple administrative and security domains (e.g., in a P2P environment), and (3) indicate resource control policies for storing and retrieving data. Third, the WG will develop an architecture within which the DECADE protocol can be specified. This architecture will identify DECADE's relationship to existing IETF protocols and where (if any) new protocol is needed or extensions to existing protocols need to be made. The architecture will not specify a protocol or extension; if development of a new protocol is needed, the WG will seek to recharter for this purpose or might ask an existing WG to work on such extensions. The architecture will not specify a protocol or extension; if development of a new protocol is needed, the WG will seek to recharter for this purpose or might ask an existing WG to work on such extensions. The WG will focus on the following work items: Khasnabish & JunSheng Expires July 4, 2011 [Page 20] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 o A "problem statement" document. This document provides a description of the problem and common terminology. o A requirements document. This document lists the requirements for the in-network storage service (e.g., supported operations) and the protocol to support it. The service will include storing, retrieving, and managing data as well as specifying both access control and resource control policies in the in-network storage pertaining to that data. o A survey document. This document will survey existing related mechanisms and protocols (e.g., HTTP, NFS, and WebDAV), and evaluate their applicability to DECADE. o An architecture document. This document will identify DECADE's relationship with existing IETF protocols. Existing protocols will be used wherever possible and appropriate to support DECADE's requirements. In particular, data storage, retrieval, and management may be provided by an existing IETF protocols. The WG will not limit itself to a single data transport protocol since different protocols may have varying implementation costs and performance tradeoffs. However, to keep interoperability manageable, a small number of specific, targeted, data transport protocols will be identified and used. If new protocol development is deemed necessary, the WG will be rechartered. It is not expected that all work items will be ready for IESG review by that point, but WG consensus must show that documents directing eventual protocol development (Requirements and Architecture document) have stabilized. This permits adjustments to such documents as necessary to maintain consistency as protocol development is done. The following issues are considered out-of-scope for the WG: o Specification of policies regarding copyright-protected or illegal content. o Locating the "best" in-network storage location from which to retrieve content if there are more than one location can provide the same content. o Developing a new protocol for data transport between P2P applications and in-network storage. Chairs: Richard Woundy(Richard_Woundy@cable.comcast.com), Haibin Song(melodysong@huawei.com). Khasnabish & JunSheng Expires July 4, 2011 [Page 21] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 Area Director: Alexey Melnikov(alexey.melnikov@isode.com). Website:https://datatracker.ietf.org/wg/decade/ Status: Active. Partnership/Coordination: o IRTF o IASA/IAOC/Trust IANA Language: English. 3.20. IETF/TSV/nfsv4 NFS Version 4 is the IETF standard for file sharing. To maintain NFS Version 4's utility and currency, the working group is chartered to: o maintain the existing NFSv4, NFSv4.1 and related specifications, such as RPC and XDR, o progress these specifications along the standards track, o develop a protocol to create a federated namespace using NFSv4's existing referral mechanisms. Goals and Milestones: o Done - Issue strawman Internet-Draft for v4 o Done - Submit Initial Internet-Draft of requirements document o Done - Submit Final Internet-Draft of requirements document o Done - AD reassesses WG charter o Done - Submit v4 Internet-Draft sufficient to begin prototype implementations o Done - Begin Interoperability testing of prototype implementations o Done - Submit NFS version 4 to IESG for consideration as a Proposed Standard. o Done - Conduct final Interoperability tests Khasnabish & JunSheng Expires July 4, 2011 [Page 22] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 o Done - Conduct full Interoperability tests for all NFSv4 features o Done - Update API advancement draft o Done - Form core design team to work on NFS V4 migration/ replication requirements and protocol o Done - Submit revised NFS Version 4 specification (revision to RFC 3010) to IESG for consideration as a Proposed Standard o Done - Strawman NFS V4 replication/migration protocol proposal submitted as an ID o Done - WG Last Call for RPC and NFS RDMA drafts o Done - WG Last Call for rfc1831bis (RPC version 2) o Done - WG Last Call for NFSv4.1 Object-based layout o Done - WG Last Call for NFSv4 minor version 1 o Done - WG Last Call for NFSv4.1 block/volume layout o Done - Submit NFS Minor Version 1 to IESG for publication as a Proposed Standard o Done - Submit Object-based pNFS Operations to IESG for publication as a Proposed Standard o Done - Submit pNFS Block/Volume Layout to IESG for publication as a Proposed Standard o May 2009 - WG Last Call for Requirements for Federated File Systems draft-ietf-nfsv4-federated-fs-reqts-01 o Sep 2009 - WG Last Call for rfc3530bis (NFS version 4) o Oct 2009 - WG Last Call for Administration Protocol for Federated Filesystems draft-ietf-nfsv4-federated-fs-admin-00.txt o Oct 2009 - WG Last Call for NSDB Protocol for Federated Filesystems draft-ietf-nfsv4-federated-fs-protocol-00.txtwith IPv6. Additionally, it will create an IANA registry for RPC program numbers and seed it with a registry Sun has been maintaining. Chairs: Brian Pawlowski(beepy@netapp.com). Spencer Khasnabish & JunSheng Expires July 4, 2011 [Page 23] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 Shepler(spencer.shepler@gmail.com) Website:http://tools.ietf.org/wg/nfsv4/charters Status: Active. Partnership/Coordination: IRTF Language: English. 3.21. IETF/OPS/netconf The NETCONF Working Group is chartered to produce a protocol suitable for network configuration, with the following characteristics: o Provides retrieval mechanisms which can differentiate between configuration data and non-configuration data o Is extensible enough so that vendors will provide access to all configuration data on the device using a single protocol o Has a programmatic interface (avoids screen scraping and formatting-related changes between releases) o Uses a textual data representation, that can be easily manipulated using non-specialized text manipulation tools o Supports integration with existing user authentication methods o Supports integration with existing configuration database systems o Supports network wide configuration transactions (with features such as locking and rollback capability) o Is as transport-independent as possible o Provides support for asynchronous notifications The NETCONF protocol is using XML for data encoding purposes, because XML is a widely deployed standard which is supported by a large number of applications. The NETCONF protocol should be independent of the data definition language and data models used to describe configuration and state data. Chair: Bert Wijnen(bertietf@bwijnen.net), Mehmet Ersue(mehmet.ersue@nsn.com) Khasnabish & JunSheng Expires July 4, 2011 [Page 24] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 Website:http://datatracker.ietf.org/wg/netconf/ Status: Active. Partnership/Coordination: o IASA/IAOC/Trust IANA o IRTF Language: English. 3.22. IRTF/P2PRG Overall, the field of P2P technologies presents a number of interesting challenges which includes new methods for optimizing P2P application overlays, performing routing and peer selection decisions, managing traffic and discovering resources. Areas of interest are also new techniques for P2P streaming and interconnecting distinct P2P application overlays. Other challenges for P2P are related to storage, reliability, and information retrieval in P2P systems. Yet another challenging area is security, privacy, anonymity and trust. Finally, it is challenging to examine P2P systems that are deployed, for example, to measure, monitor and characterize P2P applications. In addition to these areas of research, it is of interest to investigate the requirements of new applications (e.g., real-time P2P applications or P2P applications for wireless networks) on the P2P technologies used. The P2P RG will collaborate with academia and industry on making progress addressing these challenges. Chair: Volker Hilt(volkerh@bell-labs.com), Stefano Previdi(sprevidi@cisco.com) Website:http://www.irtf.org/charter?gtype=rg&group=p2prg Status: Active. Partnership/Coordination: IETF Language: English. 3.23. IRTF/VNRG The Virtual Networks Research Group (VNRG) provides a forum for interchange of ideas among a group of network researchers with an interest in network virtualization in the context of the Internet and also beyond the current Internet. Khasnabish & JunSheng Expires July 4, 2011 [Page 25] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 The VNRG will consider the whole system of a VN and not only single components or a limited set of components; we will identify architectural challenges resulting from VNs, addressing network management of VNs, and exploring emerging technological and implementation issues. Initial set of work items: o concepts/background/terminology o common parts of VN architectures o common problems/challenges in VN o descriptions of appropriate uses o some solutions (per-problem perhaps) Chair: Joe Touch (touch@isi.edu), Martin Stiemerling (stiemerling@nw.neclab.eu) Website:http://www.irtf.org/charter?gtype=rg&group=vnrg Status: Active. Partnership/Coordination: IETF Language: English. 3.24. ISO/IEC JTC1 SC38 SGCC Study Group on Cloud Computing(SGCC) o Provide a taxonomy, terminology and value proposition for Cloud Computing. o Assess the current state of standardization in Cloud Computing within JTC1 and in other SDOs and consortia. o Document standardization market/business/user requirements and the challenges to be addressed. o Liaise and collaborate with relevant SDOs and consortia related to Cloud Computing. o Hold workshops to gather requirements as needed. Khasnabish & JunSheng Expires July 4, 2011 [Page 26] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 o Provide a report of activities and recommendations to SC38. SC38 Chairman: Dr. Donald Deutsch (USA) SGCC Convenor: Dr. Seungyun Lee (Korea) Website:http://www.iso.org/iso/standards_development/ technical_committees/list_of_iso_technical_committees/ iso_technical_committee.htm?commid=601355 Status: Active. Partnership/Coordination: o IEEE o IETF Language: English. 3.25. ITU-T FG Cloud (Focus Group Cloud Computing) The Focus Group will, from the standardization view points and within the competences of ITU-T, contribute with the telecommunication aspects, i.e., the transport via telecommunications networks, security aspects of telecommunications, service requirements, etc., in order to support services/applications of "cloud computing" making use of telecommunication networks; specifically: o identify potential impacts on standards development and priorities for standards needed to promote and facilitate telecommunication/ ICT support for cloud computing o investigate the need for future study items for fixed and mobile networks in the scope of ITU-T o analyze which components would benefit most from interoperability and standardization o familiarize ITU-T and standardization communities with emerging attributes and challenges of telecommunication/ICT support for cloud computing o analyze the rate of change for cloud computing attributes, functions and features for the purpose of assessing the appropriate timing of standardization of telecommunication/ICT in support of cloud computing Khasnabish & JunSheng Expires July 4, 2011 [Page 27] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 The Focus Group will collaborate with worldwide cloud computing communities (e.g., research institutes, forums, academia) including other SDOs and consortia. o Provide a taxonomy, terminology and value proposition for Cloud Computing. o Assess the current state of standardization in Cloud Computing within JTC1 and in other SDOs and consortia. o Document standardization market/business/user requirements and the challenges to be addressed. o Liaise and collaborate with relevant SDOs and consortia related to Cloud Computing. o Hold workshops to gather requirements as needed. o Provide a report of activities and recommendations to SC38. WG1: Cloud computing benefits & requirements o Cloud Definition, Ecosystem & Taxonomy o Uses cases Requirements & Architecture o Cloud security o Infrastructure & Network enabled Cloud o Cloud Services & Resource Management, Platforms and Middleware o Cloud computing benefits & first Requirements from ICT perspectives WG2: Gap Analysis and Roadmap on Cloud Computing Standards development in ITU-T o Overview of cloud computing SDOs activities o Gap analysis & Action plan for development of relevant ITU-T Cloud Standard Former chair: Mr. Vladimir Belenkovich (Federation Russia), current chair: Victor Kutukov (Stack Soft, Russia). Website:http://www.itu.int/ITU-T/focusgroups/cloud/ Khasnabish & JunSheng Expires July 4, 2011 [Page 28] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 Status: Initiating (first meeting on 14-16, June 2010). Partnership/Coordination: TBC. Language: English. 3.26. KCSA (Korea Cloud Service Association) Main mission of KCSA: o Create demand of Cloud service o Create Cloud service activation framework and its environments o Disseminate and promote Cloud service to public sectors Chair: Mr. Choi Do-Hwan Website:http://www.kcsa.or.kr/index.jsp Status: Active. Partnership/Coordination: Not known. Language: English. 3.27. Liberty Alliance / Kantara Initiative As of June 2009, the work of the Liberty Alliance is transitioning to the Kantara Initiative. The vision of Liberty Alliance is to enable [a networked world] web services based on open standards where consumers, citizens, businesses and governments can more easily conduct online transactions while protecting the privacy and security of identity information. o Build open standard-based specifications for federated identity and identity-based Web services. o Drive global identity theft prevention solutions. o Provide interoperability testing. o Offer a formal certification program for products utilizing Liberty specifications. Khasnabish & JunSheng Expires July 4, 2011 [Page 29] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 o Establish best practices, rules, liabilities, and business guidelines. o Collaborate with other standards bodies, privacy advocates, and government policy groups. o Address end user privacy and confidentiality issues. Kantara Initiative: Bridging and harmonizing the identity community with actions that will help ensure secure, identity-based, online interactions while preventing misuse of personal information so that networks will become privacy protecting and more natively trustworthy environments. Managing Director: Mr. Joni Brennan Website:http://www.projectliberty.org/, http://kantarainitiative.org/ Status: New Initiative. Partnership/Coordination: Not known. Language: English. 3.28. NCOIC (Network Centric Operations Industry Consortium) The Network Centric Operations Industry Consortium is a global, not- for-profit organization dedicated to advancing interoperability via network centric operations. NCOIC has formed a Cloud Computing Working Group that will investigate ways to leverage clouds to support global interoperability. NCOIC's 90 member organizations from 19 nations will advocate for open standards and, on reaching consensus, will make voice of industry recommendations about their applicability. Further, NCOIC will develop operational and capability patterns that can enable our customers-in military, aviation, emergency response and cyber security-to achieve portability of information and services from cloud to cloud. Managing Director: TBD Website:https://www.ncoic.org/about/ Status: Initiative. Partnership/Coordination: Not known. Language: English. Khasnabish & JunSheng Expires July 4, 2011 [Page 30] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 3.29. NIST NIST's role in cloud computing is to promote the effective and secure use of the technology within government and industry by providing technical guidance and promoting standards. Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. Essential Characteristics: o On-demand self-service. A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service!_s provider. o Broad network access. Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, laptops, and PDAs). o Resource pooling. The provider!_s computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or datacenter). Examples of resources include storage, processing, memory, network bandwidth, and virtual machines. o Rapid elasticity. Capabilities can be rapidly and elastically provisioned, in some cases automatically, to quickly scale out and rapidly released to quickly scale in. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be purchased in any quantity at any time. o Measured Service. Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported providing transparency for both the provider and consumer of the utilized service. Khasnabish & JunSheng Expires July 4, 2011 [Page 31] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 Working Group: o Cryptographic Technology o Systems & Emerging Technologies Security Research o Security Management & Assurance o CMVP & CAVP - (now part of Security Management & Assurance) Chair: Mr. Peter Mell(mell@nist.gov) Website:http://csrc.nist.gov/groups/SNS/cloud-computing/ Status: Active. Partnership/Coordination: Not known. Language: English. 3.30. OASIS OASIS is a not-for-profit consortium that drives the development, convergence and adoption of open standards for the global information society. The consortium produces more Web services standards than any other organization along with standards for security, e-business, and standardization efforts in the public sector and for application- specific markets. OASIS sees Cloud Computing as a natural extension of SOA and network management models. Related standards are: o Security, access and identity policy standards -- e.g., OASIS SAML, XACML, SPML, WS-Security Policy, WS-Trust. o Content, format control and data import/export standards -- e.g., OASIS ODF. o Registry, repository and directory standards -- e.g., OASIS ebXML and UDDI. o SOA methods and models, network management, service quality and interoperability -- e.g., OASIS SOA-RM, and BPEL. OASIS specifications are available here. http://www.oasis-open.org/specs/ OASIS Committees by Category Khasnabish & JunSheng Expires July 4, 2011 [Page 32] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 o Adoption Services o Computing Management o Document-Centric Applications o e-Commerce o Law & Government o Localisation o Security o SOA o Standards Adoption o Supply Chain o Web Services o XML Processing Website:http://www.oasis-open.org Status: Active. Partnership/Coordination: Not known. Language: English. 3.31. OCC The OCC is a member driven organization that supports the development of standards for cloud computing and frameworks for interoperating between clouds, develops benchmarks for cloud computing, and supports reference implementations for cloud computing. The OCC also manages testbeds for cloud computing, such as the Open Cloud Testbed, and operates clouds computing infrastructure to support scientific research, such as the Open Science Data Cloud. OCC Working Group. o Working Group on Standards and Interoperability For Large Data Clouds Khasnabish & JunSheng Expires July 4, 2011 [Page 33] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 o The Open Cloud Testbed Working Group o The Open Science Data Cloud (OSDC) Working Group o Intercloud Testbed Working Group Website:http://opencloudconsortium.org/ Status: Active. Partnership/Coordination(Contributing Members and Partners): o Calit2 o Johns Hopkins University o National Lambda Rail o University of Chicago Language: English. 3.32. OGF / OCCI OGF is an open community committed to driving the rapid evolution and adoption of applied distributed computing. Applied Distributed Computing is critical to developing new, innovative and scalable applications and infrastructures that are essential to productivity in the enterprise and within the science community. OGF accomplishes its work through open forums that build the community, explore trends, share best practices and consolidate these best practices into standards. The purpose of the OCCI group is the creation of a practical solution to interface with Cloud infrastructures exposed as a service (IaaS). We will focus on a solution which covers the provisioning, monitoring and definition of Cloud Infrastructure services. The group should create this API in an agile way as we can have advantages over other groups if we deliver fast. Overlapping work and efforts will be contributed and synchronized with other groups. The OCC also manages testbeds for cloud computing, such as the Open Cloud Testbed, and operates clouds computing infrastructure to support scientific research, such as the Open Science Data Cloud. Areas of work of the OGF Standards Function. Khasnabish & JunSheng Expires July 4, 2011 [Page 34] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 o Applications o Architecture o Compute o Data o Infrastructure o Liaison o Management o Security Open Cloud Computing Interface WG (occi-wg), Thijs Metsch Chair, Andy Edmonds Chair, Alexis Richardson Chair, Sam Johnston Secretary Website:http://www.ogf.org/, http://www.occi-wg.org/doku.php Status: Active. Partnership/Coordination: o IETF o W3C(World Wide Web Consortium) o OASIS o DMTF o SNIA o WS-I(Web Services Interoperability Organization) Language: English. 3.33. OMG(Object Management Group) The Cloud Standards Coordination Group is committed to development of a joint resource on cloud computing strategies, standards and implementations. Different SDOs are bringing together different but complementary abilities: storage, execution models, deployment models, service level agreements, security, authentication, privacy. Specific cloud-related specification efforts have only just begun in OMG, focusing on modeling deployment of applications & services on Khasnabish & JunSheng Expires July 4, 2011 [Page 35] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 clouds for portability, interoperability & reuse. Relevant committees include Analysis & Design Task Force (ADTF) and SOA Special Interest Group (SOA SIG). Working Group: o Architecture Board o Platform Technology Committee o Domain Technology Committee Website:http://www.omg.org/ Status: Active. Partnership/Coordination: o ASC X12 o ASC T1M1 o CEN/ISSS (Information Society Standardization System) o DICOM (Digital Imaging and Communications in Medicine) o DMTF (Distributed Management Task Force) o ECMA (European Computer Manufacturers Association.) o FIPA (Foundation for Intelligent Physical Agents) o HL7 (Health Level Seven) o ICT-SB (Information and Communications Technology Standards Board) o IEEE 1226 o ISO o ITU-T Standardization Sector o NCPDP (National Council for Prescription Drug Programs) o Parlay o SDRF - Software Defined Radio Forum Khasnabish & JunSheng Expires July 4, 2011 [Page 36] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 o SWIFT (The Society for Worldwide International Financial Telecommunication) o TMForum (TeleManagement Forum) o 3GPP Language: English. 3.34. OCM (Open Cloud Manifesto) The Open Cloud Manifesto establishes a core set of principles to ensure that organizations will have freedom of choice, flexibility, and openness as they take advantage of cloud computing. While cloud computing has the potential to have a positive impact on organizations, there is also potential for lock-in and lost flexibility if appropriate open standards are not identified and adopted. To open the cloud computing, the rules specified by the OCM need be referenced. Website:http://www.opencloudmanifesto.org/ Status: Active. Partnership/Coordination: CCIF(Inactive) Language: English. 3.35. OGC WG (Open Group Cloud Work Group) The Open Group Cloud Work Group exists to create a common understanding among buyers and suppliers of how enterprises of all sizes and scales of operation can include Cloud Computing technology in a safe and secure way in their architectures to realize its significant cost, scalability and agility benefits. To open the cloud computing, the rules specified by the OCM need be referenced. Chair: Mr. David Lounsbury (VP Government Programs, The Open Group) Website:http://www.opengroup.org/cloudcomputing/ Status: Active. Partnership/Coordination: Not known. Khasnabish & JunSheng Expires July 4, 2011 [Page 37] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 Language: English. 3.36. SNIA SNIA Mission: Lead the storage industry worldwide in developing and promoting standards, technologies, and educational services to empower organizations in the management of information. SNIA's Forums and Initiatives include: o the Cloud Storage Initiative, o the Data Management Forum, o the Green Storage Initiative, o the Ethernet Storage Forum, o Storage Management Initiative, o Solid State Storage Initiative, o the Storage Security Industry Forum o the XAM Initiative The Cloud Data Management Interface (CDMI) defines the functional interface that applications will use to create, retrieve, update and delete data elements from the Cloud. As part of this interface the client will be able to discover the capabilities of the cloud storage offering and use this interface to manage containers and the data that is placed in them. In addition, metadata can be set on containers and their contained data elements through this interface. This interface is also used by administrative and management applications to manage containers, accounts, security access and monitoring/billing information, even for storage that is accessible by other protocols. The capabilities of the underlying storage and data services are exposed so that clients can understand the offering. Storage Management Initiative Specification (SMI-S) defines a method for the interoperable management of a heterogeneous Storage Area Network (SAN), and describes the information available to a WBEM Client from an SMI-S compliant CIM Server and an object-oriented, XML-based, messaging-based interface designed to support the specific Khasnabish & JunSheng Expires July 4, 2011 [Page 38] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 requirements of managing devices in and through SANs. The eXtensible Access Method (XAM) Interface specification defines a standard access method (API) between "Consumers" (application and management software) and "Providers" (storage systems) to manage fixed content reference information storage services. XAM includes metadata definitions to accompany data to achieve application interoperability, storage transparency, and automation for ILM-based practices, long term records retention, and information security. XAM will be expanded over time to include other data types as well as support additional implementations based on the XAM API to XAM conformant storage systems. Website:http://www.SNIA.org Status: Active. Partnership/Coordination: o ARMA (Association of Records Managers and Administrators) International o DMTF o Eclipse Aperi Storage Management Project o FCIA (Fibre Channel Industry Association) o OGF (Open Grid Forum) o The Green Grid Language: English. 3.37. Study group on Smart Cloud, Japan Ministry of Internal Affairs and Communications of Japan holds study group meetings on smart cloud collecting key people from the academia and the industry in Japan. They surveyed the current status of cloud computing and identified important issues from the viewpoints of technologies, standardization and international cooperation. Professor Emeritus Hideo Miyahara, Osaka University Website: http://www.soumu.go.jp Status: Active. Khasnabish & JunSheng Expires July 4, 2011 [Page 39] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 Partnership/Coordination: Not known. Language: Japanese. 3.38. TM Forum The primary objective of TM Forum's Cloud Services Initiative is to help the industry overcome the barriers and assist the growth of a vibrant commercial marketplace for cloud based services. The centerpiece of this initiative is an ecosystem of major buyers and sellers who will collaborate to define a range of common approaches, processes, metrics and other key service enablers. TM Forum's vision is to ensure acceleration of service standardization and commoditization in an effective and efficient marketplace of cloud computing services in all global geographies, through alignment with the needs of the world's largest IT buyers. Enterprise Cloud Buyers Council Goals are: o to foster an effective and efficient marketplace for cloud compute infrastructure and services across all industry verticals and global geographies; o Accelerate standardization and commoditization of cloud services, and identifying common commodity processes best consumed as a service; o Solicit definition for standardized core and industry-specific SKUs for cloud services; o Achieve transparency of cost, service levels and reporting across the ecosystem; o Enable benchmarking of services across service providers and geographies; o Enable vendor measurement against normalized and agreed service level metrics; o Radically reduce cost of acquisition and operations for commodity compute & services. James Warner, head of Cloud computing TM Forum. Website: http://www.tmforum.org/ Status: Active. Khasnabish & JunSheng Expires July 4, 2011 [Page 40] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 Partnership/Coordination: Not known. Language: English. Khasnabish & JunSheng Expires July 4, 2011 [Page 41] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 4. Summary and Analysis This survey shows that there are a variety of ways to support both client-side and server-side application layer programming interfaces (APIs) to support cloud services. Many of these services tend to utilize resources across multiple administrative, technology, and geographical domains. Since there is no unified and universally acceptable protocol and mechanism to define the mobility of resources across domains, the early implementers tend to utilize the features and functions of the existing IETF protocols along with their proprietary modifications or extensions in order to achieve their goals. In addition to using a virtualization layer (VM layer), a thin Cloud operating system (OS) layer may be useful to hide the complexity, specificity, and regionality (locality) of the resources. We also observe that different SDOs are trying to develop many different methods for logging and reporting of resource usage for Cloud services. This will create auditing transparency problems which may negatively impact the development of security and service level agreement features. At the end, these may in fact result in an increase in the effective cost for services that utilize the cloud based systems and networks, violating the very foundation on which the concept of utilizing cloud is based on. Khasnabish & JunSheng Expires July 4, 2011 [Page 42] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 5. Security Considerations --[Editor's note] Will be added in future. Khasnabish & JunSheng Expires July 4, 2011 [Page 43] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 6. Conclusion We have presented a survey of the activities of Cloud SDOs along with a simple early analysis. This survey has revealed that different SDOs are utilizing or expect to utilize a set of common IETF protocols for cloud services, and some time they modify or extend these protocols in order to satisfy their niche objectives. These will not only cause interoperability problems, but may also negatively impact further development of protocols and services in this very important area of cloud computing and networking. IETF is the best organization to address these issues. Khasnabish & JunSheng Expires July 4, 2011 [Page 44] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 7. Acknowledgement --[Editor's note] Will be added in future. Khasnabish & JunSheng Expires July 4, 2011 [Page 45] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 8. Appendix A: Cloud Standards WiKi. http://cloud-standards.org/wiki/index.php?title=Main_Page This WiKi Website documents the coordination activities of the various SDOs working on Cloud standards. You can find related Cloud SDOs the WiKi Website addressed here. o CloudAudit o Cloud Security Alliance o Distributed Management Task Force (DMTF) o ETSI(The European Telecommunications Standards Institute) o NIST(National Institute of Standards and Technology) o Open Grid Forum (OGF) o Object Management Group (OMG) o Open Cloud Consortium (OCC) o OASIS(Organization for the Advancement of Structured Information Standards) o SNIA(Storage Networking Industry Association) o OG WG(The Open Group) o ARTS(Association for Retail Technology Standards) Khasnabish & JunSheng Expires July 4, 2011 [Page 46] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 9. IANA Considerations This document has no actions for IANA. Khasnabish & JunSheng Expires July 4, 2011 [Page 47] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 10. Normative references Khasnabish & JunSheng Expires July 4, 2011 [Page 48] Internet-Draft Cloud SDO Activities Survey and Analysis December 2010 Authors' Addresses Bhumip Khasnabish ZTE USA 33 Wood Avenue South, 2nd Floor Iselin, NJ 08830 USA Phone: +001-781-752-8003 Email: vumip1@gmail.com Chu JunSheng ZTE No.68 Zijinghua Rd,Yuhuatai District Nanjing China Phone: +86-25-5287-1114 Email: chujunsheng@zte.com.cn Khasnabish & JunSheng Expires July 4, 2011 [Page 49]