1、 ETSI SR 003 382 V2.1.1 (2016-02) Cloud Standards Coordination Phase 2; Cloud Computing Standards and Open Source; Optimizing the relationship between standards and Open Source in Cloud Computing SPECIAL REPORT ETSI ETSI SR 003 382 V2.1.1 (2016-02) 2 Reference DSR/NTECH-00031 Keywords Cloud, Cloud c
2、omputing, Open Source Software ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present docu
3、ment can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In ca
4、se of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the docum
5、ent may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https:/po
6、rtal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modi
7、fied without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2016. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit
8、of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI SR 003 382 V2.1.1 (2016-02) 3 Contents Intellectual Property Rights 6g
9、3Foreword . 6g3Modal verbs terminology 6g3Introduction 6g31 Scope 7g32 References 7g32.1 Normative references . 7g32.2 Informative references 7g33 Definitions and abbreviations . 8g33.1 Definitions 8g33.2 Abbreviations . 9g34 Standards and Open Source 10g34.1 Context . 10g34.2 Objectives . 11g34.3 A
10、pproach 11g34.4 Content of the report. 12g35 Standards and Open Source: definitions, objectives and interaction challenges 12g35.1 Definitions and objectives 12g35.1.0 Introduction. 12g35.1.1 Standards 12g35.1.2 Open Source 13g35.2 Different objectives, different approaches 14g35.3 Main challenges t
11、o an efficient interaction . 15g35.3.1 Technical challenges . 15g35.3.2 Organizational challenges . 16g35.3.3 Intellectual property challenges 17g36 Standards and Open Source: Interaction scenarios 18g36.1 An overall view 18g36.2 The scenarios 18g36.2.1 An Open Source community implements standards
12、. 18g36.2.1.0 Introduction . 18g36.2.1.1 An Open Source community implements existing standards from a Standards Setting Organization 18g36.2.1.2 An Open Source community implements emerging standards from an SSO 18g36.2.2 An SSO develops an Open Source reference implementation 19g36.2.3 An SSO deve
13、lops standards based on the results of an Open Source community 19g36.2.4 A collaboration (“joint project“) is established between a Standard Organization and an Open Source community 20g36.3 Current and future situation 20g37 Better aligning the standards and OSS communities . 20g37.1 Alignment: if
14、 and when needed 20g37.2 Strategies 20g37.3 Solutions . 21g38 Conclusions and Recommendations . 21g39 Areas for further study . 22g3Annex A: Standards Related Organizations Approaches 23g3Annex B: Open Source Communities Approaches . 26g3B.1 Open Source Cloud middleware projects . 26g3ETSI ETSI SR 0
15、03 382 V2.1.1 (2016-02) 4 B.2 Standards usage summary table . 27g3Annex C: Interaction scenarios in practice in Cloud Computing 29g3C.1 Case Studies . 29g3C.2 Sharing specifications: NFV and OPNFV 29g3C.2.1 Introduction 29g3C.2.2 The actors . 29g3C.2.3 Working together: opportunities, issues . 30g3C
16、.3 Open Source and Standards: OpenStack 31g3C.3.1 Introduction 31g3C.3.2 The actors . 31g3C.3.3 Support of standards . 32g3C.4 Distributed Management Task Force (DMTF). 32g3C.4.1 DMTF Standards 32g3C.4.2 DMTF standards and OpenStack 32g3Annex D: Change History . 34g3History 35g3g3ETSI ETSI SR 003 38
17、2 V2.1.1 (2016-02) 5 List of figures/list of tables Table A.1: Strategies of SSOs towards Open Source communities . 23g3Table B.1: Strategies of Open Source organizations towards SSOs . 26g3Table B.2: Open source products adherence to standards 28g3Table C.1: OpenStack services in support of OpenSta
18、ck architecture . 31g3g3g3 ETSI ETSI SR 003 382 V2.1.1 (2016-02) 6 Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-m
19、embers, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursu
20、ant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present docu
21、ment. Foreword This Special Report (SR) has been produced by ETSI Technical Committee Network Technologies (NTECH). The present document is approved by the NTECH Technical Committee and for publication on the Cloud Standards Coordination website (http:/csc.etsi.org). Modal verbs terminology In the p
22、resent document “shall“, “shall not“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverab
23、les except when used in direct citation. Introduction Cloud Computing is increasingly used as the platform for ICT infrastructure provisioning, application/systems development and end user support of a wide range of core services and applications for businesses and organizations. Cloud Computing is
24、drastically changing the way ICT is delivered and used. However, many challenges remain to be tackled. Concerns such as security, vendor lock-in, interoperability and accessibility, service level agreements more oriented towards users are examples of issues that need to be addressed. In February 201
25、5, the Cloud Standards Coordination Phase 2 (CSC-2) was launched by ETSI to address issues left open after the initial Cloud Standards Coordination Phase 1 (CSC-1) work was completed at the end of 2013, with a particular focus on the point of view of the Cloud Computing users (e.g. SMEs, Administrat
26、ions). The present report investigates the relationship and the interactions between standardization and Open Source based software and solutions in Cloud Computing. This question was not addressed in Cloud Standards Coordination Phase 1 (see i.1). In the meantime, Cloud Computing has emerged as one
27、 of the domains of Information and Communication Technology where Open Source development plays a very important role and changes significantly the status quo and, amongst other, the traditional approach to standardization. ETSI ETSI SR 003 382 V2.1.1 (2016-02) 7 1 Scope The present report presents
28、the results of the analysis of the relationship between Standards and Open Source in the context of Cloud Computing. In February 2015, the Cloud Standards Coordination Phase 2 (CSC-2) was launched by ETSI to address issues left open after the Cloud Standards Coordination Phase 1 (CSC-1) work was com
29、pleted at the end of 2013. Cloud Standards Coordination Phase 2 is investigating some specific aspects of the Cloud Computing standardization landscape, in particular from the point of view of the Cloud Computing users (e.g. SMEs, Administrations). It will also generate a new snapshot regarding the
30、state of standards and investigate the interaction and relation between standardization and Open Source based software and solutions. 2 References 2.1 Normative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For
31、specific references, only the cited version applies. For non-specific references, the latest version of the reference document (including any amendments) applies. Referenced documents which are not found to be publicly available in the expected location might be found at https:/docbox.etsi.org/Refer
32、ence/. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following referenced documents are necessary for the application of the present document. Not applicable. 2.2 Informative references References are eit
33、her specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the reference document (including any amendments) applies. NOTE: While any hyperlinks
34、included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following referenced documents are not necessary for the application of the present document but they assist the user with regard to a particular subject area. i.1 Cloud Standards Coord
35、ination, Final Report, November 2013. NOTE: See http:/csc.etsi.org/resources/CSC-Phase-1/CSC-Deliverable-008-Final_Report-V1_0.pdf. i.2 Regulation (EU) No 1025/2012 of the European Parliament and of the Council, on European standardization, 25 October 2012. NOTE: See http:/eur-lex.europa.eu/legal-co
36、ntent/EN/TXT/?uri=CELEX:32012R1025. i.3 Implementing FRAND standards in Open Source: Business as usual or mission impossible?, European Commission, November 2012. NOTE: See http:/ec.europa.eu/DocsRoom/documents/15601. i.4 Open requirements for standards, Open Source Initiative. NOTE: See http:/opens
37、ource.org/osr. ETSI ETSI SR 003 382 V2.1.1 (2016-02) 8 i.5 ETSI SR 002 960 (V1.0.1): “Working in ETSI within an OSS context: Guidance and recommendations, including usage of OSS within ETSI Secretariat, adoption/usage of elements of OSS in the elaboration of ETSI Standards and adoption of ETSI Stand
38、ards within the OSS communities“. i.6 Comparison of free and open-source software licenses, Wikipedia. NOTE: See https:/en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses. i.7 Top 20 Open Source licenses, Black Duck. NOTE: See https:/ i.8 The architecture of Open Source Appli
39、cations, A. Brown Architectural Framework“. i.17 ETSI GS NFV 001: “Network Functions Virtualisation (NFV); Use Cases“. i.18 ISO/IEC 17203: “Information technology - Open Virtualization Format (OVF) specification“. i.19 ISO/IEC 19831: “Cloud Infrastructure Management Interface (CIMI) Model and RESTfu
40、l HTTP-based Protocol - An Interface for Managing Cloud Infrastructure“. i.20 DMTF DSP0243: “Open Virtualization Format Specification“. i.21 DMTF DSP0262: “Cloud Auditing Data Federation (CADF) - Data Format and Interface Definitions Specification“. i.22 DMTF DSP0263: “Cloud Infrastructure Managemen
41、t Interface (CIMI) Model and RESTful HTTP-based Protocol“. i.23 DMTF DSP2038: “Cloud Audit Data Federation - OpenStack Profile (CADF-OpenStack)“. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions apply: Open Source license:
42、copyright license for Open Source software ETSI ETSI SR 003 382 V2.1.1 (2016-02) 9 Open Source Software (OSS): computer software that is available in source code form NOTE: The source code and certain other rights normally reserved for copyright holders are provided under an open-source license that
43、 permits users to study, change, improve and at times also to distribute the software. source code: any collection of computer instructions written using some human-readable computer language, usually as text standard: output from an SSO NOTE: For the sake of simplicity, the meanings of “standard“ a
44、nd “specification“ are not differentiated in the present report, unlike in the other CSC-2 reports. Standards Setting Organization (SSO): any entity whose primary activities are developing, coordinating, promulgating, revising, amending, reissuing, interpreting or otherwise maintaining standards tha
45、t address the interests of a wide base of users outside the standards development organization 3.2 Abbreviations For the purposes of the present document, the following abbreviations apply: 3GPP Third Generation Partnership Project API Application Programming Interface ATIS Alliance for Telecommunic
46、ations Industry Solutions CC Cloud Computing CCSL Cloud Certification Schemes List CDMI Cloud Data Management Interface CIMI Cloud Infrastructure Management Interface CSA Cloud Security Alliance CSC Cloud Standards Coordination CSC-1 Cloud Standards Coordination Phase 1 CSC-2 Cloud Standards Coordin
47、ation Phase 2 CSI Cloud Storage Initiative CSMIC Cloud Services Measurement Initiative Consortium DMTF Distributed Management Task Force EC European Commission ENISA European Union Agency for Network and Information Security EPO European Patent Office FRAND Fair, Reasonable And Non Discriminatory GS
48、 Group Specification HP Here we should take away the reference to HP in Clause B2 Table 2 Eucalyptus (see below) IaaS Infrastructure as a Service ICT Information and Communications Technology IEC International Electrotechnical Commission IETF Internet Engineering Task Force IP Intellectual Property
49、IP Internet ProtocolISG Industry Specification Group (an ETSI structure for open membership projects) ISO International Organization for Standardization IT Information Technology ITU International Telecommunication Union ITU-T ITU Telecommunication Standardization Sector JSON JavaScript Object Notation JTC Joint Technical Committee KVM Kernel-based Virtual Machine NFV Network Function Virtualization NFVI NFV Infrastructure NFVO NFV OrchestratorNIST National Institute of
