1、 I n t e r n a t i o n a l T e l e c o m m u n i c a t i o n U n i o n ITU-T X.1602 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (03/2016) SERIES X: DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY Cloud computing security Cloud computing security design Security requirements for software a
2、s a service application environments Recommendation ITU-T X.1602 ITU-T X-SERIES RECOMMENDATIONS DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY PUBLIC DATA NETWORKS X.1X.199 OPEN SYSTEMS INTERCONNECTION X.200X.299 INTERWORKING BETWEEN NETWORKS X.300X.399 MESSAGE HANDLING SYSTEMS X.400X.499 DI
3、RECTORY X.500X.599 OSI NETWORKING AND SYSTEM ASPECTS X.600X.699 OSI MANAGEMENT X.700X.799 SECURITY X.800X.849 OSI APPLICATIONS X.850X.899 OPEN DISTRIBUTED PROCESSING X.900X.999 INFORMATION AND NETWORK SECURITY General security aspects X.1000X.1029 Network security X.1030X.1049 Security management X.
4、1050X.1069 Telebiometrics X.1080X.1099 SECURE APPLICATIONS AND SERVICES Multicast security X.1100X.1109 Home network security X.1110X.1119 Mobile security X.1120X.1139 Web security X.1140X.1149 Security protocols X.1150X.1159 Peer-to-peer security X.1160X.1169 Networked ID security X.1170X.1179 IPTV
5、 security X.1180X.1199 CYBERSPACE SECURITY Cybersecurity X.1200X.1229 Countering spam X.1230X.1249 Identity management X.1250X.1279 SECURE APPLICATIONS AND SERVICES Emergency communications X.1300X.1309 Ubiquitous sensor network security X.1310X.1339 PKI related Recommendations X.1340X.1349 CYBERSEC
6、URITY INFORMATION EXCHANGE Overview of cybersecurity X.1500X.1519 Vulnerability/state exchange X.1520X.1539 Event/incident/heuristics exchange X.1540X.1549 Exchange of policies X.1550X.1559 Heuristics and information request X.1560X.1569 Identification and discovery X.1570X.1579 Assured exchange X.1
7、580X.1589 CLOUD COMPUTING SECURITY Overview of cloud computing security X.1600X.1601 Cloud computing security design X.1602X.1639 Cloud computing security best practices and guidelines X.1640X.1659 Cloud computing security implementation X.1660X.1679 Other cloud computing security X.1680X.1699 For f
8、urther details, please refer to the list of ITU-T Recommendations. Rec. ITU-T X.1602 (03/2016) i Recommendation ITU-T X.1602 Security requirements for software as a service application environments Summary Recommendation ITU-T X.1602 analyses the maturity levels of software as a service (SaaS) appli
9、cation and proposes security requirements to provide a consistent and secure service execution environment for SaaS applications. These proposed requirements originate from cloud service providers (CSP) and cloud service partners (CSN) as they need a SaaS application environment to meet their demand
10、s on security. The requirements are general and independent of any service or scenario specific model (e.g., web services, or representational state transfer (REST), assumptions or solutions. History Edition Recommendation Approval Study Group Unique ID* 1.0 ITU-T X.1602 2016-03-23 17 11.1002/1000/1
11、2615 Keywords Security requirement, software as a service (SaaS) application environment, SaaS maturity level. * To access the Recommendation, type the URL http:/handle.itu.int/ in the address field of your web browser, followed by the Recommendations unique ID. For example, http:/handle.itu.int/11.
12、1002/1000/11830-en. ii Rec. ITU- T X.1602 (03/2016) FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications, information and communication technologies (ICTs). The ITU Telecommunication Standardization Sector (ITU-T) is a p
13、ermanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standardization Assembly (WTSA), which meets every four years, esta
14、blishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSA Resolution 1. In some areas of information technology which fall within ITU-Ts purview, the necessary st
15、andards are prepared on a collaborative basis with ISO and IEC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. Compliance with this Recommendation is voluntary. However, the R
16、ecommendation may contain certain mandatory provisions (to ensure, e.g., interoperability or applicability) and compliance with the Recommendation is achieved when all of these mandatory provisions are met. The words “shall“ or some other obligatory language such as “must“ and the negative equivalen
17、ts are used to express requirements. The use of such words does not suggest that compliance with the Recommendation is required of any party. INTELLECTUAL PROPERTY RIGHTSITU draws attention to the possibility that the practice or implementation of this Recommendation may involve the use of a claimed
18、 Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the Recommendation development process. As of the date of approval of this Recommendation, ITU had not
19、received notice of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementers are cautioned that this may not represent the latest information and are therefore strongly urged to consult the TSB patent database at http:/www.itu.int/ITU-
20、T/ipr/. ITU 2016 All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written permission of ITU. Rec. ITU-T X.1602 (03/2016) iii Table of Contents Page 1 Scope . 1 2 References . 1 3 Definitions 1 3.1 Terms defined elsewhere 1 3.2 Terms defin
21、ed in this Recommendation . 1 4 Abbreviations and acronyms 2 5 Conventions 2 6 Overview . 2 7 Maturity levels of SaaS application 3 7.1 Level 1: Custom SaaS application 3 7.2 Level 2: Configurable SaaS application . 4 7.3 Level 3: Multi-tenant SaaS application 5 7.4 Level 4: Scalable SaaS applicatio
22、n . 6 8 Security requirements for SaaS application environment 7 8.1 Common security requirements 8 8.2 Security requirements of CSP 11 8.3 Security requirements of CSN 12 Bibliography. 13 Rec. ITU-T X.1602 (03/2016) 1 Recommendation ITU-T X.1602 Security requirements for software as a service appli
23、cation environments 1 Scope This Recommendation focuses mainly on the security requirements of software as a service (SaaS) application environments based on the SaaS application maturity level. The target audiences of this Recommendation are cloud service providers (CSPs) and cloud service partners
24、 (CSNs) such as application developers. 2 References None. 3 Definitions 3.1 Terms defined elsewhere This Recommendation uses the following terms defined elsewhere: 3.1.1 cloud service b-ITU-T Y.3500: One or more capabilities offered via cloud computing invoked using a defined interface. 3.1.2 cloud
25、 service category b-ITU-T Y.3500: Group of cloud services that possess some common set of qualities. 3.1.3 cloud service customer b-ITU-T Y.3500: Party which is in a business relationship for the purpose of using cloud services. 3.1.4 cloud service partner b-ITU-T Y.3500: Party which is engaged in s
26、upport of, or auxiliary to, activities of either the cloud service provider or the cloud service customer, or both. 3.1.5 cloud service provider b-ITU-T Y.3500: Party which makes cloud services available. 3.1.6 cloud service user b-ITU-T Y.3500: Natural person, or entity acting on their behalf, asso
27、ciated with a cloud service customer that uses cloud services. 3.1.7 desktop as a service b-ITU-T Y.3500: The capabilities provided to the cloud service customer are the ability to build, configure, manage, store, execute, and deliver users desktop functions remotely. 3.1.8 infrastructure as a servi
28、ce (IaaS) b-ITU-T Y.3500: Cloud service category in which the cloud capabilities type provided to the cloud service customer is an infrastructure capabilities type. 3.1.9 software as a service (SaaS) b-ITU-T Y.3500: Cloud service category in which the cloud capabilities type provided to the cloud se
29、rvice customer is an application capabilities type. 3.2 Terms defined in this Recommendation None. 4 Abbreviations and acronyms This Recommendation uses the following abbreviations and acronyms: ASP Application Service Provider CaaS Communications as a Service 2 Rec. ITU-T X.1602 (03/2016) CRM Custo
30、mer Relationship Management CSC Cloud Service Customer CSN Cloud Service Partner CSP Cloud Service Provider DaaS Desktop as a Service IaaS Infrastructure as a Service IAM Identity and Access Management IdM Identity Management OLAP OnLine Analytical Processing OS Operating System PaaS Platform as a S
31、ervice PKI Public Key Infrastructure REST Representational State Transfer SaaS Software as a Service SAP Service Access Point SLA Service Level Agreement 5 Conventions None. 6 Overview A software as a service (SaaS) application environment is a service-oriented multi-tenant development, deployment a
32、nd execution environment in which software and its associated data are hosted centrally and are typically accessed on-demand by users using a client, e.g., a web browser, over the Internet. While this Recommendation is primarily concerned with SaaS, some of the concepts in this Recommendation may al
33、so be applicable to other cloud service categories that also include the application capabilities type, for example communications as a service (CaaS). Figure 1 depicts a conceptual model of a SaaS application environment. The underlying capabilities from infrastructure as a service (IaaS), platform
34、 as a service (PaaS) and desktop as a service (DaaS) will be encapsulated into services and provide consistent secure access using exported service access point (SAP). In this Recommendation, IaaS could provide computing services, storage services and network services; PaaS could provide platform se
35、rvice, and DaaS could provide desktop service for a SaaS application environment. All these services constitute the basic building blocks of an application development. Rec. ITU-T X.1602 (03/2016) 3 The environment also provides some necessary service management functions including service registrat
36、ion, service configuration, service orchestration, service dependency checking, service access control, service isolation, service monitoring and other service control functions. Figure 1 Conceptual model for the SaaS application environment 7 Maturity levels of SaaS application In the industry, the
37、 maturity of SaaS is classified into four levels which could be shortly named as custom level, configurable level, multi-tenant level, and scalable level. Each level covers characteristics of the previous one and provides extended characteristics. The diagram that represents the characteristics of t
38、he different SaaS maturity models is shown in Table 1. Table 1 Diagram of SaaS application maturity level Different maturity levels of the SaaS application have different security requirements to SaaS application environments, and the requirements will be illustrated from the viewpoint of CSPs and C
39、SNs in clause 8. 7.1 Level 1: Custom SaaS application Custom SaaS application is similar to the traditional application service provider (ASP) model of software delivery. Each customer has its own customized solution for SaaS application and runs its individual application instance on the cloud serv
40、er. As illustrated in Figure 2, the custom application instance comprises the whole execution environment including the operating system (OS), the data management system and the middleware that are specific to each tenant, and the SaaS environment provider has to maintain multiple instances. This mo
41、del is difficult to scale in order to satisfy the increasing requirement demands of customers, and it can be costly to operate. 4 Rec. ITU-T X.1602 (03/2016) Figure 2 Architecture of custom SaaS application The typical client-server model applications can be easily transformed into custom SaaS appli
42、cations by moving servers to the cloud with relatively little modification. The applications suitable for this scenario are usually developed with special requirements from the enterprise or organization. Top consideration will be given to security in the system itself, thus the usual way is to grou
43、p a set of physical machines into a private zone and to deploy a data management system (which provides abstracted methods of persistence and operations for different kinds of data) and associated software on it. The system is solely for internal usage with strict access control. The template of app
44、lication instance is the same for all customers, and it provides limited configuration ability. However, the instance for each customer is totally independent of any other instance. 7.2 Level 2: Configurable SaaS application For some commonly used applications that are not customized, such as self-s
45、ervice website building system, SaaS application providers offer common templates for these applications and several sets of run-time environment for the instances of these applications. Based on the same template, customers are able to create multiple separated instances of the application by confi
46、guring the applications appearance and behaviour, which are deployed and executed on individual virtual or physical machines to meet their customized requirements. Application instances are isolated from each other. The architecture is shown in Figure 3. Rec. ITU-T X.1602 (03/2016) 5 Figure 3 Archit
47、ecture of configurable SaaS application The configurable SaaS application has the following characteristics: 1) Application in the initial deployment is a copy of a standard product, and tenants configure the application to suit their own requirements. However, the configuration options of the produ
48、ct are limited. 2) For SaaS application providers, any modifications to the product codes can be easily applied to all tenants immediately. However, only a little update or optimization to the product codes are suitable for each instance because the forward compatibility problem incurred by the upda
49、te or optimization may occur. 3) Tenants store data in their own virtual machines or physical machines, which are isolated from each other. As a result, the SaaS environment provider has to provide sufficient resources such as storage to support a potentially large number of application instances running concurrently. With the development and improvement of software technology, the application will be provided with enough configuration options to meet the users customized requirements, and the configura
