35.210 - Cloud computing
ICS 35.210 Details
Cloud computing
Informatique en nuage
Računalništvo v oblaku
General Information
This Technical Specification (TS) provides a set of cybersecurity requirements for cloud services.
This TS is applicable to organizations providing cloud services and their subservice organizations
- Technical specification180 pagesEnglish languagesale 10% offe-Library read for1 day
This Technical Specification (TS) provides a set of cybersecurity requirements for cloud services.
This TS is applicable to organizations providing cloud services and their subservice organizations
- Technical specification180 pagesEnglish languagesale 10% offe-Library read for1 day
This document specifies foundational concepts for multiple cloud services including multi-cloud, hybrid cloud, inter-cloud and federated cloud.
- Standard25 pagesEnglish languagesale 15% off
This document specifies a taxonomy related to digital platforms, by providing definitions and supporting information that disambiguates different uses of the term platform as it applies to digital services (such as cloud computing and other distributed computing systems).
- Technical specification32 pagesEnglish languagesale 15% off
This document specifies concepts used in the field of cloud computing. These concepts expand upon the cloud computing vocabulary defined in ISO/IEC 22123-1 and provide a foundation for other documents that are associated with cloud computing. This document also provides detailed descriptions on the application of these concepts in cloud computing.
- Standard35 pagesEnglish languagesale 15% off
This document specifies the cloud computing reference architecture (CCRA).
- Standard59 pagesEnglish languagesale 15% off
This document defines terms used in the field of cloud computing.
- Standard18 pagesEnglish languagesale 15% off
- Standard4 pagesEnglish languagesale 15% off
This document specifies the interface to access cloud storage and to manage the data stored therein. This International Standard applies to developers who are implementing or using cloud storage.
- Standard342 pagesEnglish languagesale 15% off
This document provides guidance on the application of the taxonomy and use statements from ISO/IEC 19944-1 in real world scenarios, and how to develop extensions to the data taxonomy, data processing and use categories and data use statements.
- Standard23 pagesEnglish languagesale 15% off
This document surveys aspects of the audit of cloud services including: 1) role and responsibilities of parties conducting audit and description of the interactions between the CSC, CSP, and CSN; 2) approaches for conducting audits of cloud services to facilitate confidence in delivering and using cloud services; 3) examples of available frameworks and standards which can be used for audit schemes, for certification, and for authorization. This document builds upon the cloud auditor role as defined in ISO/IEC 17789 and ISO/IEC 22123. This document is applicable to all types and sizes of organizations that need to plan and conduct internal or external audits, and that use, provide and support cloud services. This document is not intended to describe certification or to identify controls that are published elsewhere.
- Technical report50 pagesEnglish languagesale 15% off
This document establishes a set of building blocks, i.e. concepts, terms, and definitions, including Data Level Objectives (DLOs) and Data Qualitative Objectives (DQOs), that can be used to create Data Sharing Agreements (DSAs). This document is applicable to DSAs where the data is intended to be processed using one or more cloud services or other distributed platforms.
- Standard26 pagesEnglish languagesale 15% off
This Recommendation | International Standard gives guidelines for information security controls applicable to the
provision and use of cloud services by providing:
– additional implementation guidance for relevant controls specified in ISO/IEC 27002;
– additional controls with implementation guidance that specifically relate to cloud services.
This Recommendation | International Standard provides controls and implementation guidance for both cloud service
providers and cloud service customers.
- Standard44 pagesEnglish languagesale 10% offe-Library read for1 day
This document presents a model for cloud records management and outlines the risks and issues that are considered by records managers before adopting cloud services for records management. The model for cloud records management includes a stakeholder model, processes, metadata, architecture, and use cases. Risks and issues are classified into those originating from cloud services internally and those originating from cloud services externally. Internal risks are associated with cloud services, systems and stakeholders. External risks and issues can occur in the social and legal context in which cloud services operate.
The target audience of this document includes:
— records, information, knowledge, and governance professionals;
— cloud service architects;
— archivists using cloud services for managing records;
— developers of cloud-deployed records management software;
— ICT staff; and
— providers of cloud-based records management services.
- Technical report30 pagesEnglish languagesale 10% offe-Library read for1 day
- Technical report24 pagesEnglish languagesale 15% off
- Technical report24 pagesEnglish languagesale 15% off
This document — extends the existing cloud computing vocabulary and reference architecture in ISO/IEC 17788 and ISO/IEC 17789 to describe an ecosystem involving devices using cloud services, — describes the various types of data flowing within the devices and cloud computing ecosystem, — describes the impact of connected devices on the data that flow within the cloud computing ecosystem, — describes flows of data between cloud services, cloud service customers and cloud service users, — provides foundational concepts, including a data taxonomy, and — identifies the categories of data that flow across the cloud service customer devices and cloud services. This document is applicable primarily to cloud service providers, cloud service customers and cloud service users, but also to any person or organisation involved in legal, policy, technical or other implications of data flows between devices and cloud services.
- Standard65 pagesEnglish languagesale 15% off
- Standard65 pagesEnglish languagesale 15% off
The scope of this document is to describe guidance for using the ISO/IEC 19086-2 metric model, illustrated with examples.
- Technical report34 pagesEnglish languagesale 15% off
- Technical report34 pagesEnglish languagesale 15% off
This document establishes commonly accepted control objectives, controls and guidelines for
implementing measures to protect Personally Identifiable Information (PII) in line with the privacy
principles in ISO/IEC 29100 for the public cloud computing environment.
In particular, this document specifies guidelines based on ISO/IEC 27002, taking into consideration
the regulatory requirements for the protection of PII which can be applicable within the context of the
information security risk environment(s) of a provider of public cloud services.
This document is applicable to all types and sizes of organizations, including public and private
companies, government entities and not-for-profit organizations, which provide information processing
services as PII processors via cloud computing under contract to other organizations.
The guidelines in this document can also be relevant to organizations acting as PII controllers. However,
PII controllers can be subject to additional PII protection legislation, regulations and obligations, not
applying to PII processors. This document is not intended to cover such additional obligations.
- Standard35 pagesEnglish languagesale 10% offe-Library read for1 day
- Standard35 pagesEnglish languagesale 10% offe-Library read for1 day
This document provides an overview of and guidance on interactions between cloud service partners (CSNs), specifically cloud service brokers, cloud service developers and cloud auditors, and other cloud service roles. In addition, this document describes how cloud service agreements (CSAs) and cloud service level agreements (cloud SLAs) can be used to address those interactions, including the following: — definition of terms and concepts, and provision of an overview for interactions between CSNs and CSCs and CSPs; — description of types of CSN interactions; — description of interactions between CSNs and CSCs; — description of interactions between CSNs and CSPs; — description of elements of CSAs and Cloud SLAs for CSN interactions, both with CSPs and with CSCs.
- Technical report34 pagesEnglish languagesale 15% off
- Technical report34 pagesEnglish languagesale 15% off
- Technical report34 pagesEnglish languagesale 15% off
This document describes a sample set of cloud service metering elements and billing modes.
- Technical report7 pagesEnglish languagesale 15% off
- Technical report7 pagesEnglish languagesale 15% off
This document examines the concept of edge computing, its relationship to cloud computing and IoT, and the technologies that are key to the implementation of edge computing. This document explores the following topics with respect to edge computing: — concept of edge computing systems; — architectural foundation of edge computing; — edge computing terminology; — software classifications in edge computing, e.g. firmware, services, applications; — supporting technologies, e.g. containers, serverless computing, microservices; — networking for edge systems, including virtual networks; — data, e.g. data flow, data storage, data processing; — management, of software, of data and of networks, resources, quality of service; — virtual placement of software and data, and metadata; — security and privacy; — real time; — mobile edge computing, mobile devices.
- Technical report44 pagesEnglish languagesale 15% off
- Technical report44 pagesEnglish languagesale 15% off
This document provides a description of a set of common technologies and techniques used in conjunction with cloud computing. These include: — virtual machines (VMs) and hypervisors; — containers and container management systems (CMSs); — serverless computing; — microservices architecture; — automation; — platform as a service systems and architecture; — storage services; — security, scalability and networking as applied to the above cloud computing technologies.
- Technical specification54 pagesEnglish languagesale 15% off
- Technical specification54 pagesEnglish languagesale 15% off
This document: — describes a framework for the structured expression of data-related policies and practices in the cloud computing environment, based on the data taxonomy in ISO/IEC 19944; — provides guidelines on application of the taxonomy for handling of data based on data subcategory and classification; — covers expression of data-related policies and practices including, but not limited to data geolocation, cross border flow of data, data access and data portability, data use, data management, and data governance; — describes how the framework can be used in codes of conduct for practices regarding data at rest and in transit, including cross border data transfer, as well as remote access to data; — provides use cases for data handling challenges, i.e. control, access and location of data according to ISO/IEC 19944 data categories. This document is applicable primarily to cloud service providers, cloud service customers (CSCs) and cloud service users, but also to any person or organization involved in legal, policy, technical or other implications of taxonomy-based data management in cloud services.
- Standard37 pagesEnglish languagesale 15% off
- Standard37 pagesEnglish languagesale 15% off
This document specifies a framework for a distributed real-time Access system. It includes: 1) an ID triggered modular system architecture, the functions of the modules, the semantics of messages those modules exchange, and elements of messages; 2) the system behaviour from the time it receives an access request until the time it sends the result along with the sequence; 3) performance measurement mechanisms using a time stamping function that can be employed for the evaluation of the system.
- Standard27 pagesEnglish languagesale 15% off
- Standard27 pagesEnglish languagesale 15% off
This document specifies security and protection of personally identifiable information components, SLOs and SQOs for cloud service level agreements (cloud SLA) including requirements and guidance. This document is for the benefit and use of both CSPs and CSCs.
- Standard20 pagesEnglish languagesale 15% off
- Standard20 pagesEnglish languagesale 15% off
This document provides guidance on the use of international standards as a tool in the development of those policies that govern or regulate cloud service providers (CSPs) and cloud services, and those policies and practices that govern the use of cloud services in organisations. This includes material that explains cloud computing concepts and the role of cloud computing international standards in formulating policies and practices. The document makes references to various international standards. Where possible, these standards are ISO/IEC standards. Where a suitable ISO/IEC standard is not available, references are made to documents published by other WTO-registered standards bodies. As explained in the WTO Agreement on Technical Barriers to Trade (TBT), standards play a vital role in supporting technical regulations and conformity assessment, however this document does not cover matters of trade.
- Technical report34 pagesEnglish languagesale 15% off
- Technical report34 pagesEnglish languagesale 15% off
This document describes a framework of trust for the processing of multi-sourced data that includes data use obligations and controls, data provenance, chain of custody, security and immutable proof of compliance as elements of the framework.
- Technical report15 pagesEnglish languagesale 15% off
- Technical report15 pagesEnglish languagesale 15% off
This document establishes common terminology, defines a model for specifying metrics for cloud SLAs, and includes applications of the model with examples. This document establishes a common terminology and approach for specifying metrics. This document is for the benefit of and use for both cloud service providers (CSPs) and cloud service customers (CSCs). This document is intended to complement ISO/IEC 19086-1, ISO/IEC 19086-3 and ISO/IEC 19086-4. This document does not mandate the use of a specific set of metrics for cloud SLAs.
- Standard39 pagesEnglish languagesale 15% off
- Standard39 pagesEnglish languagesale 15% off
IEC PAS 63178:2018(E) provides the requirements of all relevant manufacturing resources integrated to the cloud manufacturing service platform, including integration of hard manufacturing resources, soft manufacturing resources and manufacturing capabilities.
This document is used for the integration of the relevant resources to the smart manufacturing service platform.
- Technical specification17 pagesEnglish languagesale 15% off
ISO/IEC 19941:2017 specifies cloud computing interoperability and portability types, the relationship and interactions between these two cross-cutting aspects of cloud computing and common terminology and concepts used to discuss interoperability and portability, particularly relating to cloud services. ISO/IEC 19941:2017 is related to other standards, namely, ISO/IEC 17788, ISO/IEC 17789, ISO/IEC 19086‑1, ISO/IEC 19944, and in particular, references the cross-cutting aspects and components identified in ISO/IEC 17788 and ISO/IEC 17789 respectively. The goal of this document is to ensure that all parties involved in cloud computing, particularly CSCs, CSPs and cloud service partners (CSNs) acting as cloud service developers, have a common understanding of interoperability and portability for their specific needs. This common understanding helps to achieve interoperability and portability in cloud computing by establishing common terminology and concepts.
- Standard65 pagesEnglish languagesale 15% off
ISO/IEC 19086-3:2017 specifies the core conformance requirements for service level agreements (SLAs) for cloud services based on ISO/IEC 19086‑1 and guidance on the core conformance requirements. This document is for the benefit of and use by both cloud service providers and cloud service customers. ISO/IEC 19086-3:2017 does not provide a standard structure that would be used for cloud SLAs.
- Standard15 pagesEnglish languagesale 15% off
ISO/IEC 19086-1:2016 seeks to establish a set of common cloud SLA building blocks (concepts, terms, definitions, contexts) that can be used to create cloud Service Level Agreements (SLAs). This document specifies a) an overview of cloud SLAs, b) identification of the relationship between the cloud service agreement and the cloud SLA, c) concepts that can be used to build cloud SLAs, and d) terms commonly used in cloud SLAs. ISO/IEC 19086-1:2016 is for the benefit and use of both cloud service providers and cloud service customers. The aim is to avoid confusion and facilitate a common understanding between cloud service providers and cloud service customers. Cloud service agreements and their associated cloud SLAs vary between cloud service providers, and in some cases different cloud service customers can negotiate different contract terms with the same cloud service provider for the same cloud service. This document aims to assist cloud service customers when they compare cloud services from different cloud service providers. ISO/IEC 19086-1:2016 does not provide a standard structure that can be used for a cloud SLA or a standard set of cloud service level objectives (SLOs) and cloud service qualitative objectives (SQOs) that will apply to all cloud services or all cloud service providers. This approach provides flexibility for cloud service providers in tailoring their cloud SLAs to the particular characteristics of the offered cloud services. ISO/IEC 19086-1:2016 does not supersede any legal requirement.
- Standard34 pagesEnglish languagesale 15% off
- Standard34 pagesEnglish languagesale 15% off
ISO/IEC 18384-3:2016 defines a formal ontology for service-oriented architecture (SOA), an architectural style that supports service orientation. The terms defined in this ontology are key terms from the vocabulary in ISO/IEC 18384-1.
- Standard74 pagesEnglish languagesale 15% off
- Standard74 pagesEnglish languagesale 15% off
ISO/IEC 18384-2:2016 describes a Reference Architecture for SOA Solutions which applies to functional design, performance, development, deployment and management of SOA Solutions. It includes a domain-independent framework, addressing functional requirements and non-functional requirements, as well as capabilities and best practices to support those requirements.
- Standard191 pagesEnglish languagesale 15% off
- Standard191 pagesEnglish languagesale 15% off
ISO/IEC 18384-1:2016 establishes vocabulary, guidelines, and general technical principles underlying service oriented architecture (SOA), including principles relating to functional design, performance, development, deployment, and management.
- Standard51 pagesEnglish languagesale 15% off
ISO/IEC TR 30102:2012 describes the general technical principles underlying Service Oriented Architecture (SOA), including principles relating to functional design, performance, development, deployment and management. It provides a vocabulary containing definitions of terms relevant to SOA. It includes a domain-independent technical framework, addressing functional requirements and non-functional requirements.
- Technical report73 pagesEnglish languagesale 15% off
This document provides concepts related to the intersection of digital sovereignty, organizational autonomy, and digital platforms. It provides a framework enabling organizations to: — understand the relevant digital sovereignty and autonomy matters; — identify the relevant attributes for the organization's potential digital platform and the choices necessary to address the issues; — balance the range of available options to achieve the desired organizational autonomy. This document is applicable to all organizations and policy makers involved in organizational autonomy and digital sovereignty in cloud services and distributed platforms.
- Draft16 pagesEnglish languagesale 15% off
- Draft16 pagesEnglish languagesale 15% off
This document provides terms and definitions for vocabulary used in the field of cloud computing.
- Standard15 pagesEnglish languagesale 15% off
- Standard15 pagesEnglish languagesale 15% off
ISO/IEC 19944:2017 - extends the existing cloud computing vocabulary and reference architecture in ISO/IEC 17788 and ISO/IEC 17789 to describe an ecosystem involving devices using cloud services, - describes the various types of data flowing within the devices and cloud computing ecosystem, - describes the impact of connected devices on the data that flow within the cloud computing ecosystem, - describes flows of data between cloud services, cloud service customers and cloud service users, - provides foundational concepts, including a data taxonomy, and - identifies the categories of data that flow across the cloud service customer devices and cloud services. ISO/IEC 19944:2017 is applicable primarily to cloud service providers, cloud service customers and cloud service users, but also to any person or organization involved in legal, policy, technical or other implications of data flows between devices and cloud services.
- Standard42 pagesEnglish languagesale 15% off
This CDMI International Standard is intended for application developers who are implementing or using cloud storage. It documents how to access cloud storage and to manage the data stored there.
- Standard259 pagesEnglish languagesale 15% off
- Standard259 pagesEnglish languagesale 15% off
ISO/IEC 20933:2016 specifies: 1) an ID triggered modular access system, the functions of the modules and the messages they exchange, and the sequence of messages, i.e. transitions of the transaction; 2) the system responsibility from receiving an access request until sending the result. i.e. a complete transaction; 3) the responsibilities of the modules, including time stamping and responding to the requests they received; and 4) the sequence and semantics of the messages and their elements.
- Standard14 pagesEnglish languagesale 15% off
- Standard14 pagesEnglish languagesale 15% off
- Standard14 pagesEnglish languagesale 15% off
ISO/IEC 17789:2014 specifies the cloud computing reference architecture (CCRA). The reference architecture includes the cloud computing roles, cloud computing activities, and the cloud computing functional components and their relationships.
- Standard53 pagesEnglish languagesale 15% off
ISO/IEC 17826:2012 specifies the interface to access cloud storage and to manage the data stored therein. It is applicable to developers who are implementing or using cloud storage.
- Standard224 pagesEnglish languagesale 15% off