1、BSI Standards Publication BS ISO/IEC 17788:2014 Information technology Cloud computing Overview and vocabularyBS ISO/IEC 17788:2014 BRITISH STANDARD National foreword This British Standard is the UK implementation of ISO/IEC 17788:2014. The UK participation in its preparation was entrusted to Techni
2、cal Committee IST/38, Distributed application platforms and services (DAPS). A list of organizations represented on this committee can be obtained on request to its secretary. This publication does not purport to include all the necessary provisions of a contract. Users are responsible for its corre
3、ct application. The British Standards Institution 2014. Published by BSI Standards Limited 2014 ISBN 978 0 580 79574 9 ICS 01.040.35; 35.020 Compliance with a British Standard cannot confer immunity from legal obligations. This British Standard was published under the authority of the Standards Poli
4、cy and Strategy Committee on 31 October 2014. Amendments issued since publication Date Text affectedBS ISO/IEC 17788:2014Reference number ISO/IEC 17788:2014(E) ISO/IEC 2014INTERNATIONAL STANDARD ISO/IEC 17788 First edition 2014-10-15 Information technology Cloud computing Overview and vocabulary Tec
5、hnologies de linformation Informatique en nuage Vue densemble et vocabulaire BS ISO/IEC 17788:2014 ISO/IEC 17788:2014(E) COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2014 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by an
6、y means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 G
7、eneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ii ISO/IEC 2014 All rights reservedBS ISO/IEC 17788:2014 ISO/IEC 17788:2014(E) ISO/IEC 2014 All rights reserved iiiCONTENTS Page 1 Scope 1 2 Normative references . 1 2.1 Identical R
8、ecommendations | International Standards 1 2.2 Paired Recommendations | International Standards 1 2.3 Additional references 1 3 Definitions 1 3.1 Terms defined elsewhere . 1 3.2 Terms defined in this Recommendation | International Sta ndard 2 4 Abbreviations . 4 5 Conventions 4 6 Cloud computing ove
9、rview 4 6.1 General 4 6.2 Key characteristics 4 6.3 Cloud computing roles and activities 5 6.4 Cloud capabilities types and cloud service cat egories . 6 6.5 Cloud deployment models . 6 6.6 Cloud computing cross cutting aspects . 7 Annex A Cloud service categories 9 Bibliography 10 BS ISO/IEC 17788:
10、2014 ISO/IEC 17788:2014(E) iv ISO/IEC 2014 All rights reservedForeword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participat
11、e in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and
12、 non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The m
13、ain task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies cas
14、ting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. ISO/IEC 17788 was prepared by Joint Technical Committee ISO/IEC JTC 1, Informati
15、on technology, Subcommittee SC 38, Distributed application platforms and services (DAPS), in collaboration with ITU-T. The identical text is published as ITU-T Rec. Y.3500 (08/2014). BS ISO/IEC 17788:2014 ISO/IEC 17788:2014 (E) Rec. ITU-T Y.3500 (08/2014) 1 INTERNATIONAL STANDARD RECOMMENDATION ITU-
16、T Information technology Cloud computing Overview and vocabulary 1 Scope This Recommendation | International Standard provides an overview of cloud computing along with a set of terms and definitions. It is a terminology foundation for cloud computing standards. This Recommendation | International S
17、tandard is applicable to all types of organizations (e.g., commercial enterprises, government agencies, not-for-profit organizations). 2 Normative references The following Recommendations and International Standards contain provisions which, through reference in this text, constitute provisions of t
18、his Recommendation | International Standard. At the time of publication, the editions indicated were valid. All Recommendations and Standards are subject to revision, and parties to agreements based on this Recommendation | International Standard are encouraged to investigate the possibility of appl
19、ying the most recent edition of the Recommendations and Standards listed below. Members of IEC and ISO maintain registers of currently valid International Standards. The Telecommunication Standardization Bureau of the ITU maintains a list of currently valid ITU-T Recommendations. 2.1 Identical Recom
20、mendations | International Standards None. 2.2 Paired Recommendations | International Standards None. 2.3 Additional references None. 3 Definitions 3.1 Terms defined elsewhere This Recommendation | International Standard uses the following terms defined elsewhere. The following terms are defined in
21、ISO/IEC 27000: 3.1.1 availability: Property of being accessible and usable upon demand by an authorized entity. 3.1.2 confidentiality: Property that information is not made available or disclosed to unauthorized individuals, entities, or processes 3.1.3 information security: Preservation of confiden
22、tiality (3.1.2), integrity (3.1.4) and availability (3.1.1) of information. NOTE In addition, other properties, such as authenticity, accountability, non-repudiation, and reliability can also be involved. 3.1.4 integrity: Property of accuracy and completeness. The following term is defined in Rec. I
23、TU-T Y .101: 3.1.5 interoperability: The ability of two or more systems or applications to exchange information and to mutually use the information that has been exchanged. The following term is defined in ISO/IEC 27729: 3.1.6 party: Natural person or legal person, whether or not incorporated, or a
24、group of either. BS ISO/IEC 17788:2014 ISO/IEC 17788:2014 (E) 2 Rec. ITU-T Y.3500 (08/2014) The following term is defined in ISO/IEC 20000-1: 3.1.7 service level agreement (SLA): Documented agreement between the service provider and customer that identifies services and service targets. NOTE 1 A ser
25、vice level agreement can also be established between the service provider and a supplier, an internal group or a customer acting as a supplier. NOTE 2 A service level agreement can be included in a contract or another type of documented agreement. 3.2 Terms defined in this Recommendation | Internati
26、onal Standard For the purposes of this Recommendation | International Standard, the following definitions apply: 3.2.1 application capabilities type: Cloud capabilities type (3.2.4) in which the cloud service customer (3.2.11) can use the cloud service providers (3.2.15) applications. 3.2.2 cloud ap
27、plication portability: Ability to migrate an application from one cloud service (3.2.8) to another cloud service (3.2.8). 3.2.3 cloud auditor: Cloud service partner (3.2.14) with the responsibility to conduct an audit of the provision and use of cloud services (3.2.8). 3.2.4 cloud capabilities type:
28、 Classification of the functionality provided by a cloud service (3.2.8) to the cloud service customer (3.2.11), based on resources used. NOTE The cloud capabilities types are application capabilities type (3.2.1), infrastructure capabilities type (3.2.25) and platform capabilities type (3.2.31). 3.
29、2.5 cloud computing: Paradigm for enabling network access to a scalable and elastic pool of shareable physical or virtual resources with self-service provisioning and administration on-demand. NOTE Examples of resources include servers, operating systems, networks, software, applications, and storag
30、e equipment. 3.2.6 cloud data portability: Data portability (3.2.21) from one cloud service (3.2.8) to another cloud service (3.2.8). 3.2.7 cloud deployment model: Way in which cloud computing (3.2.5) can be organized based on the control and sharing of physical or virtual resources. NOTE The cloud
31、deployment models include community cloud (3.2.19), hybrid cloud (3.2.23), private cloud (3.2.32) and public cloud (3.2.33). 3.2.8 cloud service: One or more capabilities offered via cloud computing (3.2.5) invoked using a defined interface. 3.2.9 cloud service broker: Cloud service partner (3.2.14)
32、 that negotiates relationships between cloud service customers (3.2.11) and cloud service providers (3.2.15). 3.2.10 cloud service category: Group of cloud services (3.2.8) that possess some common set of qualities. NOTE A cloud service category can include capabilities from one or more cloud capabi
33、lities types (3.2.4). 3.2.11 cloud service customer: Party (3.1.6) which is in a business relationship for the purpose of using cloud services (3.2.8). NOTE A business relationship does not necessarily imply financial agreements. 3.2.12 cloud service customer data: Class of data objects under the co
34、ntrol, by legal or other reasons, of the cloud service customer (3.2.11) that were input to the cloud service (3.2.8), or resulted from exercising the capabilities of the cloud service (3.2.8) by or on behalf of the cloud service customer (3.2.11) via the published interface of the cloud service (3.
35、2.8). NOTE 1 An example of legal controls is copyright. NOTE 2 It may be that the cloud service (3.2.8) contains or operates on data that is not cloud service customer data; this might be data made available by the cloud service providers (3.2.15), or obtained from another source, or it might be pub
36、licly available data. However, any output data produced by the actions of the cloud service customer (3.2.11) using the capabilities of the cloud service (3.2.8) on this data is likely to be cloud service customer data (3.2.12), following the general principles of copyright, unless there are specifi
37、c provisions in the cloud service (3.2.8) agreement to the contrary. 3.2.13 cloud service derived data: Class of data objects under cloud service provider (3.2.15) control that are derived as a result of interaction with the cloud service (3.2.8) by the cloud service customer (3.2.11). NOTE Cloud se
38、rvice derived data includes log data containing records of who used the service, at what times, which functions, types of data involved and so on. It can also include information about the numbers of authorized users and their identities. It can also include any configuration or customization data,
39、where the cloud service (3.2.8) has such configuration and customization capabilities. BS ISO/IEC 17788:2014 ISO/IEC 17788:2014 (E) Rec. ITU-T Y.3500 (08/2014) 3 3.2.14 cloud service partner: Party (3.1.6) which is engaged in support of, or auxiliary to, activities of either the cloud service provid
40、er (3.2.15) or the cloud service customer (3.2.11), or both. 3.2.15 cloud service provider: Party (3.1.6) which makes cloud services (3.2.8) available. 3.2.16 cloud service provider data: Class of data objects, specific to the operation of the cloud service (3.2.8), under the control of the cloud se
41、rvice provider (3.2.15). NOTE Cloud service provider data includes but is not limited to resource configuration and utilization information, cloud service (3.2.8) specific virtual machine, storage and network resource allocations, overall data centre configuration and utilization, physical and virtu
42、al resource failure rates, operational costs and so on. 3.2.17 cloud service user: Natural person, or entity acting on their behalf, associated with a cloud service customer (3.2.11) that uses cloud services (3.2.8). NOTE Examples of such entities include devices and applications. 3.2.18 Communicati
43、ons as a Service (CaaS): Cloud service category (3.2.10) in which the capability provided to the cloud service customer (3.2.11) is real time interaction and collaboration. NOTE CaaS can provide both application capabilities type (3.2.1) and platform capabilities type (3.2.31). 3.2.19 community clou
44、d: Cloud deployment model (3.2.7) where cloud services (3.2.8) exclusively support and are shared by a specific collection of cloud service customers (3.2.11) who have shared requirements and a relationship with one another, and where resources are controlled by at least one member of this collectio
45、n. 3.2.20 Compute as a Service (CompaaS): Cloud service category (3.2.10) in which the capabilities provided to the cloud service customer (3.2.11) are the provision and use of processing resources needed to deploy and run software. NOTE To run some software, capabilities other than processing resou
46、rces may be needed. 3.2.21 data portability: Ability to easily transfer data from one system to another without being required to re-enter data. NOTE It is the ease of moving the data that is the essence here. This might be achieved by the source system supplying the data in exactly the format that
47、is accepted by the target system. But even if the formats do not match, the transformation between them may be simple and straightforward to achieve with commonly available tools. On the other hand, a process of printing out the data and rekeying it for the target system could not be described as “e
48、asy“. 3.2.22 Data Storage as a Service (DSaaS): Cloud service category (3.2.10) in which the capability provided to the cloud service customer (3.2.11) is the provision and use of data storage and related capabilities. NOTE DSaaS can provide any of the three cloud capabilities types (3.2.4). 3.2.23
49、hybrid cloud: Cloud deployment model (3.2.7) using at least two different cloud deployment models (3.2.7). 3.2.24 Infrastructure as a Service (IaaS): Cloud service category (3.2.10) in which the cloud capabilities type (3.2.4) provided to the cloud service customer (3.2.11) is an infrastructure capabilities type (3.2.25). NOTE The cloud service customer (3.2.11) does not manage or control the underlying physical and virtual resources, but does have control over operating systems, storage, and deployed applications th
