ISO/IEC JTC 1/SC 38
ISO/IEC JTC 1/SC 38 Cloud Computing and Distributed Platforms is a standardization subcommittee, which is part of the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).
ISO/IEC JTC 1/SC 38 serves as the focus, proponent, and systems integration entity on Cloud Computing, Distributed Platforms, and the application of these technologies. ISO/IEC JTC 1/SC 38 provides guidance to JTC 1, IEC, ISO and other entities developing standards in these areas. The Subcommittee is addressing the demand pull from users, especially governments, for standards to assist them in specifying, acquiring and applying Cloud Computing and distribute platform technologies and services.
History
ISO/IEC JTC 1/SC 38 was formed at the October 2009 ISO/IEC JTC 1 Plenary Meeting in Tel Aviv via approval of Resolution 36. The international secretariat of ISO/IEC JTC 1/SC 38 is the American National Standards Institute (ANSI), located in the United States.[1] The first meeting of the subcommittee took place in Beijing, China in May 2010. ISO/IEC JTC 1/SC 38 approved its scope, established three working groups and developed terms of reference for each at this inaugural meeting.
Established to address three related areas of technology - Web Services, Service Oriented Architecture (SOA), and Cloud Computing - ISO/IEC JTC 1/SC 38 was initially titled Distributed Application Platforms and Services (DAPS). Meeting in Plenary 2 times per year during its first 6 years, with interim electronic and face-to-face meetings of its Working Groups, ISO/IEC JTC 1/SC 38 completed work in Web Services and SOA and increased its focus on Cloud Computing. To reflect this evolution in focus, the JTC 1 2014 Plenary Meeting in Abu Dhabi approved a revised scope and new title for ISO/IEC JTC 1/SC 38, Cloud Computing and Distributed Platforms.
Scope and mission
The scope of ISO/IEC JTC 1/SC 38 is the “Standardization in the area of Cloud Computing and Distributed Platforms”. [2] This includes:
- Foundational concepts and technologies,
- Operational issues, and
- Interactions among Cloud Computing systems and with other distributed systems
Structure
ISO/IEC JTC 1/SC 38 is made up of two working groups (WGs). Each working group carries out specific tasks in standards development within the field of Cloud Computing and Distributed Platforms, where the focus of each working group is described in the group’s terms of reference. The two active working groups of ISO/IEC JTC 1/SC 38 are:[3][4]
Working Group | Working Area |
---|---|
ISO/IEC JTC 1/SC 38/WG 3 | Cloud Computing Fundamentals (CCF) |
ISO/IEC JTC 1/SC 38/WG 5 | Cloud Computing Data and its Flow (CCDF) |
- WG 3 - CLOUD COMPUTING FUNDAMENTALS (CCF)
Terms of Reference:
- Projects related to Cloud Computing Service Agreements
- Projects related to fundamental concepts, terminology and definitions for Cloud Computing
- Projects related to guidance on use of international standards in the development of policies that govern or regulate cloud service providers and cloud services, and policies that govern the use of cloud services in enterprise organizations
- Establish liaisons and collaborate with other entities within JTC 1, SDOs and consortia performing work related to Cloud Computing
- WG 5 – DATA IN CLOUD COMPUTING AND RELATED TECHNOLOGIES
Terms of Reference:
- Standardization in the area of data in cloud computing, distributed platforms, connected devices and related technologies
- Establish liaisons and collaborate with other entities within and external to JTC 1 as appropriate
Collaborations
ISO/IEC JTC 1/SC 38 works closely with a number of other JTC 1 subcommittees, including ISO/IEC JTC 1/SC 7, Software and Systems Engineering, and ISO/IEC JTC 1/SC 27, IT Security Techniques.[2] In addition, the subcommittee works with a number of external forums, including the Cloud Security Alliance, Distributed Management Task Force (DMTF), the Open Grid Forum and The Open Group.[5] Together, ISO/IEC JTC 1/SC 38 (specifically WG 3: Cloud Computing) and ITU-T/SG 13 formed Collaborative Teams on Cloud Computing Overview and Vocabulary (CT-CCVOCAB) and Cloud Computing Reference Architecture (CT-CCRA) that developed two standards: ISO/IEC JTC 1 17788 – Cloud Computing Vocabulary and ISO/IEC JTC 1 17789 – Cloud Computing Reference Architecture.
Organizations internal to ISO or IEC that collaborate with or are in liaison to ISO/IEC JTC 1/SC 38 include:[6]
- ISO/IEC JTC 1/SC 6, Telecommunications and information exchange between systems
- ISO/IEC JTC 1/SC 7, Software and systems engineering
- ISO/IEC JTC 1/SC 27, Security techniques
- ISO/IEC JTC 1/SC 32, Data management and interchange
- ISO/IEC JTC 1/SC 37, Biometrics
- ISO/IEC JTC 1/SC 39, Sustainability for and by Information Technology
- ISO/IEC JTC 1/SC 40, Service Management and IT Governance
- ISO/IEC JTC 1/SC 41, Internet of Things and related technologies
- ISO/IEC JTC 1/SC 42, Artificial intelligence
Organizations external to ISO or IEC that collaborate with or are in liaison to ISO/IEC JTC 1/SC 38 include:
- Cloud security alliance (CSA)
- Distributed Management Task Force (DMTF)
- IEEE Computer Society
- Latino American Institute for Quality Assurance (INLAC)
- ITU‐T Study Group 13
- ITU‐T Study Group 17
- Organization for the Advancement of Structured Information Standards (OASIS)
- Open Grid Forum (OGF)
- Storage Networking Industry (SNIA)
Member countries
Countries pay a fee to ISO to be members of subcommittees.[7]
The 29 "P" (participating) members of ISO/IEC JTC 1/SC 38 are: Australia, Austria, Belgium, Brazil, Canada, China, Denmark, Finland, France, Germany, India, Ireland, Israel, Italy, Japan, Republic of Korea, Luxembourg, Netherlands, Poland, Portugal, Russian Federation, Singapore, Slovakia, South Africa, Spain, Sweden, Switzerland, United Kingdom, and United States of America.
The 8 "O" (observing) members of ISO/IEC JTC 1/SC 38 are: Argentina, Bosnia and Herzegovina, Czech Republic, Hong Kong, New Zealand, Norway, Serbia, and Uruguay.[1]
Standards
As of 2019, ISO/IEC JTC 1/SC 38 has 15 published standards. Some standards related to the work in ISO/IEC JTC 1/SC 38 include:[8]
ISO/IEC Standard | Title | Status | Description | WG |
---|---|---|---|---|
ISO/IEC 17203 | Information technology — Open Virtualization Format (OVF) specification | Published (2017) | Specifies an open, secure, portable, efficient and extensible format for the packaging and distribution of software to be run in virtual machines. | |
ISO/IEC 17788[9] | Information technology -- Cloud computing -- Overview and vocabulary | Published (2014) | Provides an overview of cloud computing along with a set of terms and definitions | 3 |
ISO/IEC 17789 | Information technology — Cloud computing — Reference architecture | Published (2014) | Specifies the cloud computing reference architecture (CCRA). The reference architecture includes the cloud computing roles , cloud computing activities , and the cloud computing functional components and their relationships. | 3 |
ISO/IEC 17826 | Information technology – Cloud Data Management Interface (CDMI) | Published (2012) | Specifies the interface to access cloud storage and to manage the stored data | 3 |
ISO/IEC 17963 | Web Services for Management (WS-Management) Specification | Published (2013) | Describes a Web services protocol based on SOAP for use in management‑specific domains | 1 |
ISO/IEC 17998[10] | Information technology – SOA Governance Framework | Published (2012) | Describes a framework for providing context and definitions related to SOA for organizations to use when deploying SOA governance. Defines:
|
2 |
ISO/IEC 18384-1 | Information technology — Reference Architecture for Service Oriented Architecture (SOA RA) — Part 1: Terminology and concepts for SOA | Published (2016) | Establishes vocabulary, guidelines, and general technical principles underlying service oriented architecture (SOA), including principles relating to functional design, performance, development, deployment, and management. | 2 |
ISO/IEC 18384-2 | Information technology — Reference Architecture for Service Oriented Architecture (SOA RA) — Part 2: Reference Architecture for SOA Solutions | Published (2016) | Describes a Reference Architecture for SOA Solutions which applies to functional design, performance, development, deployment and management of SOA Solutions. | 2 |
ISO/IEC 18384-3 | Information technology — Reference Architecture for Service Oriented Architecture (SOA RA) — Part 3: Service Oriented Architecture ontology | Published (2016) | Defines a formal ontology for service-oriented architecture (SOA), an architectural style that supports service orientation. The terms defined in this ontology are key terms from the vocabulary in ISO/IEC 18384-1. | 2 |
ISO/IEC 19086-1 | Information technology — Cloud computing — Service level agreement (SLA) framework — Part 1: Overview and concepts | Published (2016) | Establish a set of common cloud SLA building blocks (concepts, terms, definitions, contexts) that can be used to create cloud Service Level Agreements (SLAs). | 3 |
ISO/IEC 19086-2 | Cloud computing — Service level agreement (SLA) framework — Part 2: Metric model | Published (2018) | Establishes common terminology, defines a model for specifying metrics for cloud SLAs, and includes applications of the model with examples. | 3 |
ISO/IEC 19086-3 | Information technology — Cloud computing — Service level agreement (SLA) framework — Part 3: Core conformance requirements | Published (2017) | Specifies the core conformance requirements for service level agreements (SLAs) for cloud services based on ISO/IEC 19086‑1 and guidance on the core conformance requirements. | 3 |
ISO/IEC 19941 | Information technology — Cloud computing — Interoperability and portability | Published (2017) | Specifies cloud computing interoperability and portability types, the relationship and interactions between these two cross-cutting aspects of cloud computing and common terminology and concepts used to discuss interoperability and portability, particularly relating to cloud services. | 4 |
ISO/IEC 19944 | Information technology — Cloud computing — Cloud services and devices: Data flow, data categories and data use | Published (2017) | Extends the existing cloud computing vocabulary and reference architecture in ISO/IEC 17788 and ISO/IEC 17789 to describe an ecosystem involving devices using cloud services | 5 |
ISO/IEC TR 22678 | Information technology — Cloud computing — Guidance for policy development | Published (2019) | Provides guidance on the use of international standards as a tool in the development of those policies that govern or regulate cloud service providers (CSPs) and cloud services, and those policies and practices that govern the use of cloud services in organisations. | 3 |
ISO/IEC TR 23186 | Information technology — Cloud computing — Framework of trust for processing of multi-sourced data | Published (2018) | Describes a framework of trust for the processing of multi-sourced data that includes data use obligations and controls, data provenance, chain of custody, security and immutable proof of compliance as elements of the framework. | 5 |
ISO/IEC TR 30102 | Information technology – Distributed Application Platforms and Services (DAPS) – General technical principles of Service Oriented Architecture | Published (2012) | Describes general technical principles underlying SOA including principles relating to functional design, performance, development, deployment and management |
See also
- ISO/IEC JTC1
- List of ISO standards
- American National Standards Institute
- International Organization for Standardization
- International Electrotechnical Commission
References
- ISO. "ISO/IEC JTC 1/SC 38 - Cloud Computing and Distributed Platforms". Retrieved 2013-07-12.
- JTC 1/SC 38 Chair (2014-10-23). "Business Plan for JTC 1/SC 38". Cite journal requires
|journal=
(help) - ISO. "JTC 1/SC 38 Cloud Computing and Distributed Platforms". ISO. Retrieved 2013-07-12.
- Krutz, Ronald L.; Vines, Russell Dean (2010). Cloud Security: A Comprehensive Guide to Secure Cloud Computing. Indianapolis, IN: Wiley Publishing, Inc. p. 225. Retrieved 2013-07-19.
- O’Gara, Maureen (2011-04-24). "Cloud Security Alliance & ISO/IEC Team Up". Cloud Ventures. SYS-CON Media, Inc. Retrieved 2013-07-12.
- "ISO/IEC JTC 1/SC 38". ISO. Retrieved 2015-07-20.
- ISO (June 2012). "III. What Help Can I Get from the ISO Central Secretariat?". ISO Membership Manual (PDF). ISO. pp. 17–18. Retrieved 2013-07-12.
- ISO. "Standards Catalogue". Retrieved 2013-07-12.
- ISO (2014-10-10). "ISO/IEC 17788:2014". ISO. Retrieved 2015-08-21.
- ISO (2012-08-31). "ISO/IEC 17998:2012". ISO. Retrieved 2013-07-19.