DIN ISO IEC 17789-2017 Information technology - Cloud computing - Reference architecture (ISO IEC 17789 2014)《信息技术 云计算 参考架构(ISO IEC 17789-2014)》.pdf

1、July 2017 English price group 26No part of this translation may be reproduced without prior permission ofDIN Deutsches Institut fr Normung e. V., Berlin. Beuth Verlag GmbH, 10772 Berlin, Germany,has the exclusive right of sale for German Standards (DIN-Normen).ICS 35.210!%h-“2691092www.din.deDIN ISO

2、/IEC 17789Information technology Cloud computing Reference architecture (ISO/IEC 17789:2014),English translation of DIN ISO/IEC 17789:2017-07Informationstechnik Cloud Computing Referenzarchitektur (ISO/IEC 17789:2014),Englische bersetzung von DIN ISO/IEC 17789:2017-07Technologies de linformation Inf

3、ormatique en nuage Architecture de rfrence (ISO/IEC 17789:2014),Traduction anglaise de DIN ISO/IEC 17789:2017-07www.beuth.deDocument comprises 57 pagesDTranslation by DIN-Sprachendienst.In case of doubt, the German-language original shall be considered authoritative.07.17 1 Scope 5 2 Normative refer

4、ences 5 2.1 Identical Recommendations | International Standards 5 2.2 Additional references 5 3 Definitions 5 3.1 Terms defined elsewhere . 5 3.2 Terms defined in this Recommendation | International Standard 5 4 Abbreviations . 6 5 Conventions 6 6 Cloud computing reference architecture goals and obj

5、ectives 7 7 Reference architecture concepts . 8 7.1 CCRA architectural views . 8 7.2 User view of cloud computing 9 7.3 Functional view of cloud computing . 11 7.4 Relationship between the user view and the functional view 12 7.5 Relationship of the user view and functional view to cross-cutting asp

6、ects 12 7.6 Implementation view of cloud computing . 13 7.7 Deployment view of cloud computing 13 8 User view 13 8.1 Introduction to roles, sub-roles and cloud computing activities 13 8.2 Cloud service customer . 14 8.3 Cloud service provider 18 8.4 Cloud service partner 25 8.5 Cross-cutting aspects

7、 . 27 9 Functional view 33 9.1 Functional architecture 33 9.2 Functional components . 34 10 Relationship between the user view and the functional view . 42 10.1 General 42 10.2 Overview . 42 Annex A Further details regarding the user view and functional view . 48 A.1 The cloud service customercloud

8、service provider relationship 48 A.2 The providerpeer provider (or “inter-cloud“) relationship 51 A.3 The cloud service developercloud service provider relationship . 54 A.4 The cloud service providerAuditor relationship 55 Bibliography 57 Contents PageForeword 4National foreword 3 National Annex (i

9、nformative) Bibliography 3 A comma is used as the decimal marker.DIN ISO/IEC 17789:2017-07 2 National foreword This document has been prepared by Joint Technical Committee ISO/IEC JTC 1 “Information Technology”, Subcommittee 38 “Cloud Computing and Distributed Platforms”, in collaboration with ITU-T

10、. The responsible German body involved in its preparation was DIN-Normenausschuss Informationstechnik und Anwendungen (DIN Standards Committee Information Technology and selected IT Applications), Working Committee NA 043-01-38 AA “Distributed application platforms and services (DAPS)”. Attention is

11、 drawn to the possibility that some of the elements of this document may be the subject of patent rights. DIN and/or DKE shall not be held responsible for identifying any or all such patent rights. This standard provides a reference architecture for cloud computing which comprises roles, activities

12、and functional components of cloud computing and their relationship. The term “capabilities” has been translated into German by Tauglichkeit, Fhigkeiten, Eigenschaften or Funktionen, depending on the context. The DIN Standards corresponding to the International Standards referred to in this document

13、 are as follows: ISO/IEC 17788:2014 DIN ISO/IEC 17788:2016-04 ISO/IEC 27001:2013 DIN ISO/IEC 27001:2015-03 ISO/IEC 27002:2013 DIN ISO/IEC 27002:2016-11 National Annex NA (informative) Bibliography DIN ISO/IEC 17788:2016-04, Information technology Cloud computing Overview and vocabulary (ISO/IEC 778:

14、2014) DIN ISO/IEC 27001:2015-03, Information technology Security techniques Information security management systems Requirements (ISO/IEC 27001:2013 + Cor. 1:2014) DIN ISO/IEC 27002:2016-11, Information technology Security techniques Code of practice for information security controls (ISO/IEC 27002:

15、2013 + Cor. 1:2014 + Cor. 2:2015) DIN ISO/IEC 17789:2017-07 3 DIN ISO/IEC 17789:2017-07 4Foreword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are membe

16、rs of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international orga

17、nizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IE

18、C Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 %

19、 of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. ISO/IEC 17789 was prepared by Joint Technical Committ

20、ee ISO/IEC JTC 1, Information technology, Subcommittee SC 38, Distributed application platforms and services (DAPS), in collaboration with ITU-T. The identical text is published as ITU-T Rec. Y.3502 (08/2014). 1 Scope This Recommendation | International Standard specifies the cloud computing referen

21、ce architecture (CCRA). The reference architecture includes the cloud computing roles, cloud computing activities, and the cloud computing functional components and their relationships. 2 Normative references The following Recommendations and International Standards contain provisions which, through

22、 reference in this text, constitute provisions of this Recommendation | International Standard. At the time of publication, the editions indicated were valid. All Recommendations and Standards are subject to revision, and parties to agreements based on this Recommendation | International Standard ar

23、e encouraged to investigate the possibility of applying the most recent edition of the Recommendations and Standards listed below. Members of IEC and ISO maintain registers of currently valid International Standards. The Telecommunication Standardization Bureau of the ITU maintains a list of current

24、ly valid ITU-T Recommendations. 2.1 Identical Recommendations | International Standards Recommendation ITU-T Y.3500 (2014) | ISO/IEC 17788:2014, Information technology Cloud computing Overview and vocabulary. 2.2 Additional references ISO/IEC 29100:2011, Information technology Security techniques Pr

25、ivacy framework. 3 Definitions For the purposes of this Recommendation | International Standard, the terms and definitions in Rec. ITU-T Y.3500 | ISO/IEC 17788 and the following definitions apply. 3.1 Terms defined elsewhere The following term is defined in ISO/IEC/IEEE 42010: 3.1.1 architecture: Fu

26、ndamental concepts or properties of a system in its environment embodied in its elements, relationships and in the principles of its design and evolution. The following term is defined in ISO/IEC 29100: 3.1.2 personally identifiable information (PII): Any information that (a) can be used to identify

27、 the PII principal to whom such information relates, or (b) is or might be directly or indirectly linked to a PII principal. NOTE To determine whether a PII principal is identifiable, account should be taken of all the means which can reasonably be used by the privacy stakeholder holding the data, o

28、r by any other party, to identify that natural person. 3.2 Terms defined in this Recommendation | International Standard This Recommendation | International Standard defines the following terms: 3.2.1 activity: A specified pursuit or set of tasks. 3.2.2 cloud service product: A cloud service, allied

29、 to the set of business terms under which the cloud service is offered. NOTE Business terms can include pricing, rating and service levels. 3.2.3 functional component: A functional building block needed to engage in an activity (clause 3.2.1), backed by an implementation. DIN ISO/IEC 17789:2017-07 5

30、 3.2.4 peer cloud service: A cloud service of one cloud service provider which is used as part of a cloud service of one or more other cloud service providers. 3.2.5 peer cloud service provider: A cloud service provider who provides one or more cloud services for use by one or more other cloud servi

31、ce providers as part of their cloud services. 3.2.6 product catalogue: A listing of all the cloud service products (clause 3.2.2) which cloud service providers make available to cloud service customers. 3.2.7 role: A set of activities (clause 3.2.1) that serves a common purpose. 3.2.8 service catalo

32、gue: A listing of all the cloud services of a particular cloud service provider. 3.2.9 sub-role: A subset of the activities (clause 3.2.1) of a given role (clause 3.2.7). 4 Abbreviations For the purposes of this Recommendation | International Standard, the following abbreviations apply: API Applicat

33、ion Programming Interface CaaS Communications as a Service CCRA Cloud Computing Reference Architecture CPU Central Processing Unit CS Cloud Service CSC Cloud Service Customer CSN Cloud Service partner CSP Cloud Service Provider IaaS Infrastructure as a Service ICT Information and Communication Techn

34、ology KPI Key Performance Indicator MSA Master Service Agreement NaaS Network as a Service PaaS Platform as a Service PII Personally Identifiable Information QoS Quality of Service RAM Random Access Memory SaaS Software as a Service SLA Service Level Agreement ToS Terms of Service T to describe the

35、fundamental characteristics of cloud computing systems; to specify basic cloud computing activities and functional components, and describe their relationships to each other and to the environment; to identify principles guiding the design and evolution of the CCRA. The CCRA supports the following i

36、mportant standardization objectives: to enable the production of a coherent set of international standards for cloud computing; to provide a technology-neutral reference point for defining standards for cloud computing; to encourage openness and transparency in the identification of cloud computing

37、benefits and risks. The CCRA focuses on the requirements of “what“ cloud services provide and not on “how to“ design cloud-based solutions and implementations. The CCRA does not represent the system architecture of a specific cloud computing system, although it could put constraints on a specific sy

38、stem. The CCRA is not tied to any specific vendor products, services or reference implementation; nor does it define prescriptive solutions that inhibit innovation. The CCRA is also intended to: facilitate the understanding of the operational intricacies of cloud computing; illustrate and provide un

39、derstanding of various cloud services and their provisioning and use; provide a technical reference to enable the international community to understand, discuss, categorize and compare cloud services; be a tool for describing, discussing, and for developing a system-specific architecture using a com

40、mon framework of reference; facilitate the analysis of candidate standards in areas including security, interoperability, portability, reversibility, reliability and service management, and support analysis of reference implementations. DIN ISO/IEC 17789:2017-07 7 7 Reference architecture concepts T

41、his Recommendation | International standard defines a CCRA that can serve as a fundamental reference point for cloud computing standardization and which provides an overall framework for the basic concepts and principles of a cloud computing system. This clause provides an overview of the architectu

42、ral approaches that are used in this Recommendation | International standard. 7.1 CCRA architectural views Cloud computing systems can be described using a viewpoint approach. Four distinct viewpoints are used in the CCRA (see Figure 7-1): user view; functional view; implementation view; and deploym

43、ent view. Figure 7-1 Transformations between architectural views Table 7-1 provides a description of each of these views. Table 7-1 CCRA views CCRA view Description of the CCRA view Scope User view The system context, the parties, the roles, the sub-roles and the cloud computing activities Within sc

44、ope Functional view The functions necessary for the support of cloud computing activities Within scope Implementation view The functions necessary for the implementation of a cloud service within service parts and/or infrastructure parts Out of scope Deployment view How the functions of a cloud serv

45、ice are technically implemented within already existing infrastructure elements or within new elements to be introduced in this infrastructure Out of scope NOTE While details of the user view and functional view are addressed within this Recommendation | International Standard, the implementation an

46、d deployment views are related to technology and vendor-specific cloud computing implementations and actual deployments, and are therefore out of the scope of this Recommendation | International Standard. Figure 7-2 shows the transition from the user view to the functional view. Details are presente

47、d in clause 7.4. DIN ISO/IEC 17789:2017-07 8 Y . 3 5 0 2 (1 4 )_ F 7 -2Fu n ct io n alco mp o n en tPart yRo leA sp ectRo leSu b -r o le Su b -r o leA ct iv ityA ct iv ityA ct iv ityA ct iv ityU ser v iew Fu n ct io n al v iewFu n ct io n alco mp o n en tFu n ct io n alco mp o n en tFu n ct io n alc

48、o mp o n en tL ay erL ay erL ay erMu lti-l ay erfu n ct io n sFigure 7-2 Transition from user view to functional view 7.2 User view of cloud computing The user view addresses the following cloud computing concepts: cloud computing activities; roles and sub-roles; parties; cloud services; cloud deploy