ISO/IEC 22123-1:2021

INTERNATIONAL ISO/IEC
STANDARD 22123-1
First edition
2021-02
Information technology — Cloud
computing —
Part 1:
Vocabulary
Technologies de l'information — Informatique en nuage —
Partie 1: Vocabulaire
Reference number
ISO/IEC 22123-1:2021(E)
©
ISO/IEC 2021

---------------------- Page: 1 ----------------------
ISO/IEC 22123-1:2021(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2021
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO/IEC 2021 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC 22123-1:2021(E)

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
3.1 General . 1
3.2 Terms related to cloud computing foundation . 1
3.3 Terms related to cloud deployment models . 1
3.4 Terms related to cloud computing roles and activities . 2
3.5 Terms related to key cloud computing characteristics . 3
3.6 Terms related to cloud capabilities types and cloud service categories . 4
3.7 Terms related to interoperability . 5
3.8 Terms related to cloud service agreements . 6
3.9 Terms related to portability . 7
3.10 Terms related to cloud data . 8
3.11 Terms related to security and privacy .10
3.12 Terms related to inter-cloud .11
3.13 Terms related to virtualization .11
3.14 Miscellaneous terms.12
Bibliography .15
© ISO/IEC 2021 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO/IEC 22123-1:2021(E)

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www .iso .org/ patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso .org/
iso/ foreword .html.
This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 38, Cloud computing and distributed platforms.
A list of all parts in the ISO/IEC 22123 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www .iso .org/ members .html.
iv © ISO/IEC 2021 – All rights reserved

---------------------- Page: 4 ----------------------
ISO/IEC 22123-1:2021(E)

Introduction
This document is the definitive reference for cloud computing, providing a consolidated cloud computing
vocabulary consisting of terms, terminology and definitions.
© ISO/IEC 2021 – All rights reserved v

---------------------- Page: 5 ----------------------
INTERNATIONAL STANDARD ISO/IEC 22123-1:2021(E)
Information technology — Cloud computing —
Part 1:
Vocabulary
1 Scope
This document provides terms and definitions for vocabulary used in the field of cloud computing.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
3.1 General
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
3.2 Terms related to cloud computing foundation
3.2.1
cloud computing
paradigm for enabling network access to a scalable and elastic pool of shareable physical or virtual
resources with self-service provisioning and administration on-demand
Note 1 to entry: Examples of resources include servers, operating systems, networks, software, applications, and
storage equipment.
3.2.2
cloud service
one or more capabilities offered via cloud computing (3.2.1) invoked using a defined interface
3.3 Terms related to cloud deployment models
3.3.1
cloud deployment model
way in which cloud computing (3.2.1) can be organized based on the control and sharing of physical or
virtual resources
Note 1 to entry: The cloud deployment models include community cloud (3.3.2), hybrid cloud (3.3.3), private cloud
(3.3.4) and public cloud (3.3.5).
© ISO/IEC 2021 – All rights reserved 1

---------------------- Page: 6 ----------------------
ISO/IEC 22123-1:2021(E)

3.3.2
community cloud
cloud deployment model (3.3.1) where cloud services (3.2.2) exclusively support and are shared by a
specific collection of cloud service customers (3.4.2) who have shared requirements and a relationship
with one another, and where resources are controlled by at least one member of this collection
3.3.3
hybrid cloud
cloud deployment model (3.3.1) using at least two different cloud deployment models (3.3.1)
3.3.4
private cloud
cloud deployment model (3.3.1) where cloud services (3.2.2) are used exclusively by a single cloud service
customer (3.4.2) and resources are controlled by that cloud service customer (3.4.2)
3.3.5
public cloud
cloud deployment model (3.3.1) where cloud services (3.2.2) are potentially available to any cloud service
customer (3.4.2) and resources are controlled by the cloud service provider (3.4.3)
3.4 Terms related to cloud computing roles and activities
3.4.1
party
natural person or legal person, whether or not incorporated, or a group of either that can assume one or
more roles (3.4.11)
3.4.2
cloud service customer
CSC
party (3.4.1) which is in a business relationship for the purpose of using cloud services (3.2.2)
Note 1 to entry: A business relationship does not necessarily imply financial agreements.
3.4.3
cloud service provider
CSP
party (3.4.1) which makes cloud services (3.2.2) available
3.4.4
cloud service user
CSU
natural person, or entity acting on their behalf, associated with a cloud service customer (3.4.2) that
uses cloud services (3.2.2)
Note 1 to entry: Examples of such entities include devices (3.14.4) and applications.
3.4.5
cloud service partner
CSN
party (3.4.1) which is engaged in support of, or auxiliary to, activities (3.4.8) of either the cloud service
provider (3.4.3) or the cloud service customer (3.4.2), or both
3.4.6
cloud auditor
cloud service partner (3.4.5) with the responsibility to conduct an audit (3.14.10) of the provision and
use of cloud services (3.2.2)
2 © ISO/IEC 2021 – All rights reserved

---------------------- Page: 7 ----------------------
ISO/IEC 22123-1:2021(E)

3.4.7
cloud service broker
cloud service partner (3.4.5) that negotiates relationships between cloud service customers (3.4.2) and
cloud service providers (3.4.3)
3.4.8
activity
specified pursuit or set of tasks
3.4.9
peer cloud service provider
secondary cloud service provider
cloud service provider (3.4.3) who provides one or more cloud services (3.2.2) for use by one or more
other cloud service providers (3.4.3) as part of their cloud services (3.2.2)
3.4.10
functional component
functional building block needed to engage in an activity (3.4.8), backed by an implementation
3.4.11
role
set of activities (3.4.8) that serves a common purpose
3.4.12
sub-role
subset of the activities (3.4.8) of a given role (3.4.11)
3.4.13
device platform cloud service
cloud service (3.2.2) offered by the device platform provider (3.14.13) to support the device platform
(3.14.5)
Note 1 to entry: An application marketplace (3.14.6) can be an example of device platform (3.14.5) cloud service
(3.2.2).
3.4.14
cloud service developer
cloud service partner (3.4.5) with the responsibility for designing, developing, testing and maintaining
the implementation of a cloud service (3.2.2)
3.5 Terms related to key cloud computing characteristics
3.5.1
measured service
metered delivery of cloud services (3.2.2) such that usage can be monitored, controlled, reported and billed
3.5.2
tenant
one or more cloud service users (3.4.4) sharing access to a set of physical and virtual resources
3.5.3
multi-tenancy
allocation of physical or virtual resources such that multiple tenants (3.5.2) and their computations and
data are isolated from and inaccessible to one another
3.5.4
on-demand self-service
feature where a cloud service customer (3.4.2) can provision computing capabilities, as needed,
automatically or with minimal interaction with the cloud service provider (3.4.3)
© ISO/IEC 2021 – All rights reserved 3

---------------------- Page: 8 ----------------------
ISO/IEC 22123-1:2021(E)

3.5.5
resource pooling
aggregation of a cloud service provider’s (3.4.3) physical or virtual resources to serve one or more cloud
service customers (3.4.2)
3.6 Terms related to cloud capabilities types and cloud service categories
3.6.1
cloud capabilities type
classification of the functionality provided by a cloud service (3.2.2) to the cloud service customer (3.4.2),
based on resources used
Note 1 to entry: The cloud capabilities types are application capabilities type (3.6.2), infrastructure capabilities
type (3.6.3) and platform capabilities type (3.6.4).
3.6.2
application capabilities type
cloud capabilities type (3.6.1) in which the cloud service customer (3.4.2) can use the cloud service
provider’s (3.4.3) applications
3.6.3
infrastructure capabilities type
cloud capabilities type (3.6.1) in which the cloud service customer (3.4.2) can provision and use
processing, storage or networking resources
3.6.4
platform capabilities type
cloud capabilities type (3.6.1) in which the cloud service customer (3.4.2) can deploy, manage and run
customer-created or customer-acquired applications using one or more programming languages and
one or more execution environments supported by the cloud service provider (3.4.3)
3.6.5
cloud service category
group of cloud services (3.2.2) that possess some common set of qualities
Note 1 to entry: A cloud service category can include capabilities from one or more cloud capabilities types (3.6.1).
3.6.6
communications as a service
CaaS
cloud service category (3.6.5) in which the capability provided to the cloud service customer (3.4.2) is
real time interaction and collaboration
Note 1 to entry: CaaS can provide both application capabilities type (3.6.2) and platform capabilities type (3.6.4).
3.6.7
compute as a service
CompaaS
cloud service category (3.6.5) in which the capabilities provided to the cloud service customer (3.4.2) are
the provision and use of processing resources needed to deploy and run software
Note 1 to entry: To run some software, capabilities other than processing resources may be needed.
3.6.8
data storage as a service
DSaaS
cloud service category (3.6.5) in which the capability provided to the cloud service customer (3.4.2) is the
provision and use of data storage and related capabilities
Note 1 to entry: DSaaS can provide any of the three cloud capabilities types (3.6.1).
4 © ISO/IEC 2021 – All rights reserved

---------------------- Page: 9 ----------------------
ISO/IEC 22123-1:2021(E)

3.6.9
infrastructure as a service
IaaS
cloud service category (3.6.5) in which the cloud capabilities type (3.6.1) provided to the cloud service
customer (3.4.2) is an infrastructure capabilities type (3.6.3)
Note 1 to entry: The cloud service customer (3.4.2) does not manage or control the underlying physical and
virtual resources, but does have control over operating systems, storage, and deployed applications that use the
physical and virtual resources. The cloud service customer (3.4.2) may also have limited ability to control certain
networking components (e.g., host firewalls).
3.6.10
network as a service
NaaS
cloud service category (3.6.5) in which the capability provided to the cloud service customer (3.4.2) is
transport connectivity and related network capabilities
Note 1 to entry: NaaS can provide any of the three cloud capabilities types (3.6.1).
3.6.11
platform as a service
PaaS
cloud service category (3.6.5) in which the cloud capabilities type (3.6.1) provided to the cloud service
customer (3.4.2) is a platform capabilities type (3.6.4)
3.6.12
software as a service
SaaS
cloud service category (3.6.5) in which the cloud capabilities type (3.6.1) provided to the cloud service
customer (3.4.2) is an application capabilities type (3.6.2)
3.7 Terms related to interoperability
3.7.1
interoperability
ability of two or more systems or applications to exchange information and to mutually use the
information that has been exchanged
3.7.2
cloud interoperability
ability of a CSC’s (3.4.2) system to interact with a cloud service (3.2.2), or the ability for one cloud service
(3.2.2) to interact with other cloud services (3.2.2), by exchanging information according to a prescribed
method to obtain predictable results
Note 1 to entry: cloud service (3.2.2) to cloud service (3.2.2) interactions occur through a CSP (3.4.3): inter-cloud
provider relationship
3.7.3
transport interoperability
interoperability (3.7.1) where information exchange uses an established communication infrastructure
between the participating systems
3.7.4
syntactic interoperability
interoperability (3.7.1) such that the formats of the exchanged information can be understood by the
participating systems
3.7.5
semantic data interoperability
interoperability (3.7.1) so that the meaning of the data model within the context of a subject area is
understood by the participating systems
© ISO/IEC 2021 – All rights reserved 5

---------------------- Page: 10 ----------------------
ISO/IEC 22123-1:2021(E)

3.7.6
behavioural interoperability
interoperability (3.7.1) so that the actual result of the exchange achieves the expected outcome
3.7.7
policy interoperability
interoperability (3.7.1) while complying with the legal, organizational, and policy frameworks applicable
to the participating systems
3.8 Terms related to cloud service agreements
3.8.1
service level agreement
SLA
documented agreement between the service provider and customer that identifies services and
service targets
Note 1 to entry: A service level agreement can also be established between the service provider and a supplier, an
internal group or a customer acting as a supplier.
Note 2 to entry: A service level agreement can be included in a contract or another type of documented agreement.
3.8.2
cloud service product
cloud service (3.2.2), allied to the set of business terms under which the cloud service (3.2.2) is offered
Note 1 to entry: Business terms can include pricing, rating, and service levels.
3.8.3
product catalogue
listing of all the cloud service products (3.8.2) which cloud service providers (3.4.3) make available to
cloud service customers (3.4.2)
3.8.4
service catalogue
listing of all the cloud services (3.2.2) of a particular cloud service provider (3.4.3)
3.8.5
cloud service qualitative objective
SQO
commitment a cloud service provider (3.4.3) makes for a specific, qualitative characteristic of a cloud
service (3.2.2), where the value follows the nominal scale or ordinal scale
Note 1 to entry: A cloud service qualitative objective may be expressed as an enumerated list.
Note 2 to entry: Qualitative characteristics typical
...