Cloud Standardization

Cloud Standards Customer Council Publishes API Management Reference Architecture

Grazed from Cloud Standards Customer Council

The Cloud Standards Customer Council (CSCC) has published a new whitepaper, Cloud Customer Architecture for API Management, that describes the architecture elements and capabilities of an effective API Management Platform. The architectural capabilities described in the document can be used to instantiate an API runtime and management environment using private, public or hybrid cloud deployment models. The new reference architecture is available for download here:

An Application Programming Interface or "API" is useful because it exposes a business' defined assets, data, or services for public consumption. APIs allow companies to open up data and services to external third party developers, business partners, and internal departments within their organization to create innovative channel applications. The reuse of core business assets enables digital transformation. An effective API management Platform will provide a layer of controlled and secure self-service access to the APIs.

Cloud Standards Customer Council Publishes Cloud Customer Architecture for Hybrid Integration

Grazed from Cloud Standards Customer Council (CSCC)

The Cloud Standards Customer Council (CSCC) has published a new reference architecture to assist enterprise IT professionals with the integration requirements of hybrid cloud computing. IT environments are now fundamentally hybrid in nature - devices, systems, and people are spread across the globe, and at the same time virtualized. Achieving integration across this ever-changing environment, and doing so at the pace of modern digital initiatives, is a significant challenge. This deliverable explains the core reference architecture and concepts for hybrid integration in the enterprise. It is available for download at:

Data protection, contracts, and the cloud meet in ISO 27018

Grazed from CloudComputingIntelligence.  Author: Richard Kemp.

As it approaches its first birthday, ISO 27018 – the first international standard focusing on the protection of personal data in the public cloud – continues to move centre stage as the battle for the Cloud moves up a gear.

At the highest level, this is a competitive field for the biggest companies – think billion dollar investments and million square foot data centres with a hundred thousand servers using enough energy to power a city.  According to research firm Synergy, the Cloud infrastructure services market - Infrastructure as a Service (Iaas), Platform as a Services (PaaS) and Private and Hybrid Cloud – was worth $16bn in 2014, up 50% on 2013, and is predicted to grow 30% to over $21bn in 2015...

Should the Cloud be Standardised?

Grazed from BackupTechnology. Author: Editorial Staff.

Today, the cloud is not standardised. Companies operate in the cloud under different criteria. Basically, they all do their own thing without regard to what their competitors or other related companies do. Is this an effective strategy or does this lack of standardisation adversely affect the end user? If so, what can be done to streamline and harmonise the activities of cloud vendors?

Presently, we are seeing a plethora of cloud based vendors offering a variety of services ranging from financial management services, video applications, data storage and archiving, email hosting, and many other services. The cloud also allows businesses and individuals to have a virtual office, sharing and storing documents in a cost effective and time efficient manner. This is a boon for anyone wanting to do business more efficiently and cost effectively. However, cloud based vendors currently operate in a vacuum, and as a result, there are some challenges inherent in cloud computing that could be positively affected if the industry was standardised...

Cloud-to-Cloud Integration to Enable IoT: What About Standards?

Grazed from ITBusiness Edge. Author: Don Tennant.

It occurs to me that as the Internet of Things emerges as a topic of increasing relevance to CIOs, one of the things they’re going to need to be concerned about is standards. As the cloud-to-cloud integration that is necessarily associated with IoT becomes more commonplace, that integration will entail the adoption of certain standards that may or may not be in place at this point. So where is all of this heading?

I had the opportunity to discuss this topic with Shane Dyer, CEO of Arrayent, an IoT platform provider in Redwood City, Calif. To kick off the discussion, I asked Dyer what role industry associations like the IPSO Alliance, the Cloud Computing Association, and the Cloud Industry Forum are playing in advancing cloud-to-cloud integration, and how effective they’ve been in this regard...

First international privacy-specific cloud standard adopted by Microsoft

Grazed from Lexology. Author: Neasa Ni ghrada.

On 1 August 2014, the International Standards Organisation (ISO) and the International Electrotechnical Commission (IEC) published the first privacy-specific international standard for the cloud: ISO/IEC 27018 "Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors". Early adopters Microsoft announced on 16 February 2015 that it was the first company to receive certification for the standard.

ISO/IEC 27018 builds on existing ISO standards such as ISO 27001 (the existing best practice for information security management) and is aimed at increasing confidence in data security and cloud computing. Adoption of the standard would complement one of the exceptions to the prohibition on transferring personal data outside of the EEA such as model contracts, Binding Corporate Rules and Safe Harbour...

OpenCloud Connect Releases Reference Architecture to Promote Consistent Cloud Standards

Grazed from TheWhir. Author: Cheryl Kemp.

A new 104-page document describing best practices for cloud providers was released on Tuesday by OpenCloud Connect (OCC). The organization’s focus is to provide cloud providers with guidelines for scaling and enhancing ethernet technology to better deal with the increasing demands of cloud services.

“One of the primary goals of OpenCloud Connect is to advance technology standards, vendor interoperability and best design practices,” stated the executive summary. “These initiatives will help businesses create a flexible and dynamic cloud infrastructure.” “Where other standards bodies had the space to shape standards in advance of market penetration, cloud computing is already surging ahead in every direction powered by NFV, SDN, virtualization technologies and networking – technologies that are themselves still evolving quickly...

PCI Council Releases PCI-DSS Cloud Computing Guidelines

Grazed from LawBlogs.  Author: Mike Nonaka.

On February 7, 2013, the Payment Card Industry (PCI) council released a supplement to the payment card industry data security standards (PCI-DSS) on the use of cloud technologies and considerations for maintaining PCI DSS controls in cloud environments.  The supplement is intended for merchants, service providers, assessors, and other entities in evaluating the use of cloud computing in the context of PCI DSS.

The supplement considers “cloud computing” to mean a model for enabling on-demand network access to a shared pool of computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or cloud provider interaction...

Read more from the source @

Better Cloud Computing Standards? Essential Metrics and CSPs

Grazed from MidsizeInsider. Author: Doug Bonderud.

Right now, there are no hard-and-fast rules governing ideal cloud computing standards. To address this issue, the National Institute of Standards and Technology (NIST) is drafting a guide to help businesses choose the best cloud for their needs, and it wants public opinion on what metrics matter most. How will this push for improved standards impact cloud service providers?

Confusion Abounds

With no set standards for cloud computing, businesses often face an uphill battle when it comes to finding the right combination of price and performance. According to a press release from NIST, "Different organizations and groups often use the same cloud computing terms with slightly different, or even contradictory meanings, leading to confusion among cloud service providers, customer and carriers...

NIST drafts new cloud metrics guide

Grazed from SC Magazine.  Author: Danielle Walker.

The National Institute of Standards and Technology (NIST) has drafted a new guide aimed at helping organizations find the right cloud service.  Announced Monday, the publication, called “Cloud Computing Service Metrics Description,”(PDF) is currently in a public comment phase. According to NIST, the 25-page guide “discusses the basic nature of the problem of measuring cloud services and offers a model and method for developing appropriate cloud metrics,” a release said.

An example of a “customer response metric,” for instance, might be characterized as “the time it takes from someone hitting ‘send' on an email until it's delivered to a recipient on the same cloud service,” NIST explained...