nature-laptop-outside-macbook

Cloud computing standardization

In the course of the last years, due to the increasing complexity of IT networking, a variety of processes have changed. For example, a few years ago, software and hardware were increasingly being acquired and used for stand-alone operation, while more and more companies are currently sourcing their resources via the cloud services market. This increases the flexibility and cost efficiency of the use of information and communication technology. By relieving small and medium-sized enterprises (SMEs) through the use of cloud services, it will be easier for them to focus on the core business, which could increase the competitiveness of SMEs. But not only companies rely on it. Private users as well as authorities use cloud-based IT services. Standardization in terms of quality improvement and assurance could play a significant role, especially in such forward-looking topics.

The international standardization committee ISO / IEC JTC 1 / SC 38 "Cloud Computing and Distributed Platforms" performs the corresponding standardization work. Recognizing the potential of this new technology paradigm, consumers of IT technologies and services are demanding standards to assist in their transition to Cloud Computing. The work of SC 38 covers the different aspects of standardization in the areas of Cloud Computing and Distributed Platforms including:

• Foundational concepts and technologies,
• Operational issues, and
• Interactions among Cloud Computing systems and with other distributed systems

Since holding its first meeting in May 2010, SC 38 has developed a variety of important Cloud computing standards. Two of these are for instance the foundational standards ISO/IEC 17788:2014 (Ed. 1) “Information technology -- Cloud computing -- Overview and vocabulary” and ISO/IEC 17789:2014 (Ed. 1) “Information technology -- Cloud computing -- Reference architecture”. Foundational standards that deal with vocabulary and reference architecture are essential for developing standards that go further considering the specific technology. For instance the ISO/IEC 19941 specifies cloud computing interoperability and portability types, the relationship and interactions between these two cross-cutting aspects of cloud computing and common terminology and concepts used to discuss interoperability and portability, particularly relating to cloud services. Furthermore, the ISO/IEC 19086 series deals with the standardization of Service level agreements (SLAs).

These kinds of standards help cloud providers in their daily routine, since cloud providers have to guarantee that their cloud service is in accordance with data protection. By introducing the EU General Data Protection Regulation (GDPR) in May 2018, this matter became especially for European countries more relevant than ever. Certain cloud customers may only rely on the offer of cloud providers, who can demonstrate that compliance with data protection is guaranteed. International Standards reflect the state of the art and therefore are reviewed every five years. During the review, it is decided whether the standard should be confirmed for another five years, revised or withdrawn. Due to this, International Standards are always up to date. Since standards reflect the state of the art, using Cloud Computing standards can increase the quality and trustworthiness of cloud providers. Having Cloud Computing standards is therefore beneficial both for the cloud providers and cloud customers. Since introducing the GDPR this year and the significant Cloud Computing standards being ISO/IEC standards, the thought of CEN/CENELEC starting to develop European Standards (EN) in the field of Cloud Computing could be debated. While International Standards have the higher priority in comparison to European Standards, it could be worth a thought, whether European Cloud Computing standards are needful at this time, since the EU GDPR has been introduced this year. It is probably not unthinkable that there could be talks between ISO and CEN/CENELEC regarding this matter in the future.

The article was written by Samarkhel-Khan Yahya from DIN

You can download the article here

enisa sume

Unicorn at the 5th Network and Information Security (NIS’18) Summer School in Crete

Unicorn was present at the 5th Network and Information Security (NIS’18) on Network and information security in Heraklion Crete. The event was jointly organised by the European Union Agency for Network and Information Security (ENISA) and the Foundation for Research and Technology – Hellas (FORTH). The event was focused on the main challenges of Information Security.
Unicorn was present with our consortium member FORTH and presented our solutions and actions,

You can find more information about event here

RAID

Unicorn in RAID 2018

Unicorn was out yet for another adventure, as we participated in the 21st International Symposium on Research in Attacks, Intrusions, and Defences (RAID 2018) that was held in Heraklion Crete on 10-12 September.
Its aim is to gather researchers and practitioners from academia government, and industry from all over Europe with the goal to discuss research contributions related to computer and information security.
Our consortium partner FORTH participated in the event and presented UNICORN and its actions.

Find more information about the event here

Recent Comments

    Twitter Feeds

    UNICORN project has received funding from the European Union’s Horizon 2020 Research and innovation programme under grant agreement No 731846.

    Contact Info

    1600 Amphitheatre Parkway, Mountain View, CA 94043

    +1 650-253-0000
    prothemes.net@gmail.com

    Daily: 9:00 am - 6:00 pm
    Sunday: Closed

    Copyright 2016 © All Rights Reserved