InfoCloud

Welcome to InfoCloud
|
Change Text Size: A A A
繁體
简体
|

Welcome to InfoCloud
|
Change Text Size: A A A
繁體
简体
|

Change Text Size: A A A
繁體
简体

Latest News

15 Dec 2017
Speech by Ms. Joyce Mok, Acting Deputy Government Chief Information Officer, at the "第六屆粵港雲計算大會暨第一屆粵港澳大灣區ICT大會" (Chinese only)
28 Sep 2017
Opening Keynote Address by Ir Allen Yeung, JP, Government Chief Information Officer, at the “CAHK Business Luncheon Series 2017 - FinTech Forum - Topic: Secured Cloud Unified Communications Enabled Financial Services On The Go
24 May 2017
Speech by Ir. Allen Yeung, JP, Government Chief Information Officer, at “Cloud Expo Asia 2017”
24 May 2017
Speech by Ir. Allen Yeung, JP, Government Chief Information Officer, at “Cloud Expo Asia 2017– Information Security Summit
16 Dec 2016
Speech by Ir. Allen Yeung, JP, Government Chief Information Officer, at the “5th Guangdong-Hong Kong Cloud Computing Conference” (Chinese only)
16 Dec 2016
Keynote Speech by Mr. Boer Chan, Chief Systems Manager at the "5th Guangdong-Hong Kong Cloud Computing Conference" (Chinese only)
18 May 2016
Speech by Mr Victor Lam, JP, Acting Government Chief Information Officer at "Cloud Expo Asia"
18 Dec 2015
Opening Speech by Mr. Gary Lai, Assistant Government Chief Information Officer (Industry Facilitation) at “The CCSIG Executive Cloud Forum 2015”
03 Dec 2015
An Overview of ISO/IEC 27000 family of Information Security Management System Standards (PDF) (Updated)
17 Oct 2015
Speech by Ir. Allen Yeung, Government Chief Information Officer, at the "Hong Kong/Mainland Internet Industry Exchange Dinner" (Chinese only)
21 Aug 2015
Speech by Mr. Gary Lai, Assistant Government Chief Information Officer (Industry Facilitation) at the Seminar of "Cloud Computing for SMEs" (Chinese only)
23 Jul 2015
Speech by Ir. Allen Yeung, Government Chief Information Officer, at the "DatacenterDynamics Conference Hong Kong 2015"
10 Jul 2015
Speech by Ir. Allen Yeung, Government Chief Information Officer, at the "Cloud Tech Forum"
30 Nov -0001

Related Sites

Home > Cloud Service Providers > Industry Insights

Web Portal

IEEE Cloud Computing Web Portal

Reference Information

Presentation materials of Workshop on ISO/IEC 27001 Information Security Management System Certification

HK-GD Cloud Industry Conference 2014 (Keynote Speech Presentations)

"雲端連接未來" - Presentation (Traditional Chinese) Video
"Building a Secure and Reliable Cloud Service - The Microsoft Story" - Presentation Video
"构建安全的云计算数据中心" - Presentation (Simplified Chinese) Video
"How to Build a Secure, Reliable and Manageable Cloud Service" - Presentation Video
"Solutions to the Security Issues of Cloud Services" - Presentation (Simplified Chinese) Video

HK-GD Cloud Industry Collaboration Forum 2013 (Keynote Speech Presentations)

"Government Support for Leading the Cloud Computing Development Trend" - Presentation (Simplified Chinese) Video
"Cloud Computing Industry – Trends for Cooperation between Mainland and Hong Kong" - Presentation (Simplified Chinese) Video
"Views on Cloud Computing Development of Guangdong Province" - Presentation (Simplified Chinese) Video
Best Practices for Cloud Service Provision - Video

Cloud Related Organisations

Organisation	Scope	Cloud Deliverables
Institute of Electrical and Electronic Engineers Standards Association (IEEE-SA)	IEEE has launched its new Cloud Computing Initiative to stimulate the innovation and dissemination of Cloud Computing technologies and applications, with the introduction of two new standards development projects, Draft IEEE P2301, Guide for Cloud Portability and Interoperability Profiles, and Draft IEEE P2302, Standard for Inter-cloud Interoperability and Federation.	IEEE P2301 Guide for Cloud Portability and Interoperability Profiles (CPIP) IEEE P2302 Standard for Intercloud Interoperability and Federation (SIIF)
Internet Engineering Task Force (IETF)	The technical work of the IETF is done in its working groups, which are organised into several areas (e.g., routing, transport, security, etc.), and managed by Area Directors (ADs). Respective standards for cloud are currently handled under the existing areas of the working groups (e.g. security, applications, operations and management, etc.).	A framework for controlling Multitenant Isolation, Connectivity and Reachability in a Hybrid Cloud Environment Accessing Cloud Services Cloud Data Management Interface (CDMI) Media Types Cloud Networking: Framework and VPN Applicability Cloud Reference Framework Cloud Service Broker Simple Cloud Identity Management: Core Schema 1.0 Simple Cloud Identity Management: Protocol 1.0 Syslog Extension for Cloud Using Syslog Structured Data
ISO/IEC JTC 1/SC 27	The development of standards for the protection of information and 637 ICT. This includes generic methods, techniques and guidelines to address both security and privacy aspects, such as management of information and ICT security; security processes, controls and services; cryptographic and other security mechanisms for protecting the accountability, availability, integrity and confidentiality of information; Security aspects of identity management, biometrics and privacy; Conformance assessment, accreditation and auditing requirements in the area of information security.	Report on Study Period “Cloud Computing security and privacy” ISO/IEC 27001 Information technology — Security techniques — Information security management systems — Requirements ISO/IEC 27002 Information technology — Security techniques — Code of practice for information security controls ISO/IEC 27005 Information technology — Security techniques — Information security risk management ISO/IEC 27017 Information technology -- Security techniques -- Code of practice for information security controls based on ISO/IEC 27002 for cloud services ISO/IEC 27018 Information technology -- Security techniques -- Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors ISO/IEC WD 27036-4 Information technology -- Information security for supplier relationships -- Part 4: Guidelines for security of Cloud services ISO/IEC 27040 Information technology -- Security techniques -- Storage security ISO/IEC 29100 Information technology — Security techniques — Privacy framework ISO/IEC 29101 Information technology -- Security techniques -- Privacy architecture framework ISO/IEC 24760 Information technology — Security techniques — A framework for identity management ISO/IEC CD 29146 Information technology — Security techniques — A framework for access management
ISO/IEC JTC 1/SC 38	Standardization for Interoperable Distributed Application Platforms and Services including: Web Services, Service Oriented Architecture (SOA), and Cloud Computing	ISO/IEC 16680:2012 Information technology - The Open Group Service Integration Maturity Model (OSIMM) ISO/IEC 17203:2011 Information technology - Open Virtualisation Format (OVF) specification ISO/IEC 17788 Information technology -- Cloud computing -- Overview and Vocabulary ISO/IEC 17789 Information Technology -- Cloud Computing -- Reference Architecture ISO/IEC 17826: 2012 Cloud Data Management Interface (CDMI) specification ISO/IEC 19086 Information technology -- Cloud computing -- Service Level Agreement (SLA) Framework and Terminology ISO/IEC 29361:2008 Information technology - Web Services Interoperability - WS-I Basic Profile Version 1.1 ISO/IEC 29362:2008 Information technology - Web Services Interoperability - WS-I Attachments Profile Version 1.0 ISO/IEC 29363:2008 Information technology - Web Services Interoperability - WS-I Simple SOAP Binding Profile Version 1.0
ITU-T Focus Group on Cloud Computing	The Focus Group analyses the standardisation needs from the telecommunication viewpoint for Cloud Computing. It is focusing on transport via telecommunications networks, security aspects of telecommunications, service requirements, etc.	Benefits of Cloud Computing from telecommunication/ICT perspective Cloud Computing Framework for End to End Resource Management Cloud Computing Infrastructure Requirements Cloud Computing Reference Architecture Cloud Computing Security Cloud Computing: Ecosystem, Use Cases and General Requirements Cloud Resource Management Gap Analysis Framework of Inter-cloud for Network and Infrastructure Functional Requirements and Reference Architecture Guidelines of Operational Security for Cloud Computing High Level Requirements and Capabilities for Cloud Enabled Service Environment Information technology - Security techniques - Code of Practice for Information Security Controls for Cloud Computing Services Based on ISO/IEC 27002 Infrastructure & Network Enabled Cloud Introduction to the Cloud Ecosystem : Definitions, Taxonomies, Use Cases, High Level Requirements and Capabilities Overview of SDOs involved in Cloud Computing Resource Control and Management for Virtual Networks for Cloud Services (VNCs) Security Framework for Cloud Computing Security Functional Requirements for Software as a Service (Saas) Application Environment
World Wide Web Consortium (W3C)	A Cloud Computing Community Group has recently been established under the W3C to examine and create specifications related to distributed computation and storage, with an XML network transport layer and possible mapping to Resource Description Framework (RDF).	Use Cases and Requirements

Organisation	Scope	Cloud Deliverables
APEC Telecommunications and Information Working Group (TEL)	One of their Key Areas for Action for 2010-2015 is on the development of innovative technologies and services to share information and promote cooperation among economies to facilitate the introduction of advanced and emerging technologies and services such as cloud computing and grid computing.
China Electronics Standardization Institute (CESI)	CESI, founded in 1963, is a governmental standardization institute in the field of electronics and IT industry under the Ministry of Industry and Information Technology (MIIT) China. Currently, CESI has two working groups involved in the field of Cloud Computing standards, including SOA-WG and ITSS-WG. On 19, Nov. 2010, a worldwide conference was held to analyze standard requirements and promote communications between government, industry, SDOs, academia and customers.	Cloud Computing Standardization Study Operation Requirements for Cloud Computing services
European Committee for Standardization (CEN)	CEN is a major provider of European Standards and technical specifications including cloud standards.
National Institute of Standards and Technology (NIST)	Founded in 1901 and now part of the U.S. Department of Commerce, NIST is one of the nation's oldest physical science laboratories. The institute's official mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.	Cloud Computing Use Cases Cloud Guidelines on Security and Privacy Issues in Public Cloud Computing Interagency Report 7904 - Trusted Geolocation in the Cloud: Proof of Concept Implementation NIST Cloud Computing Reference Architecture NIST Cloud Computing Security Reference Architecture NIST Cloud Computing Standards Roadmap NIST Cloud Computing Synopsis and Recommendations The NIST definition of cloud computing US Government Cloud Computing Technology US Government Cloud Computing Technology Roadmap

Organisation	Scope	Cloud Deliverables
Asia Cloud Computing Association (ACCA)	ACCA is a not-for-profit and vendor-neutral organisation aims to address imminent issues related to cloud computing, including privacy and security concerns, compliance and regulatory mandates, licensing models, service levels, and other market risks.	Cloud Readiness Index; Cloud Assessment Tool
Cloud Industry Forum (CIF)	The Cloud Industry Forum focuses on building trust between suppliers and consumers of Cloud services for doing business in the Cloud. A major part of this scope is a certifiable Code of Practice covering transparency, capability, and accountability of participating service providers. The outcome requires the provision of key organisational, commercial and operational information in a consistent format that will assist end users in determining how they adopt Cloud services and from whom.	Cloud Industry Forum Code of Practice; White papers on trends in end user adoption of Cloud Services across the UK; An introduction and guide to buying Cloud Services
Cloud Security Alliance (CSA)	To promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing.	Cloud Controls Matrix (CCM) Open Certification Framework Security as a Service (SecaaS) Implementation Guidance Security Guidance for Critical Areas of Focus in Cloud Computing Top Threats to Cloud Computing Trusted Cloud Initiative (TCI) Reference Architecture Model
Distributed Management Task Force (DMTF)	Using the recommendations developed by DMTF's Open Cloud Standards Incubator, the Cloud management workgroup (CMWG) is focused on standardizing interactions between Cloud environments by developing specifications that deliver architectural semantics and implementation details to achieve interoperable Cloud management between service providers and their consumers and developers.	Open Virtualisation Format (OVF) Cloud Infrastructure Management Interface (CIMI) Cloud Infrastructure Management Interface – CIM (CIMI-CIM) Cloud Infrastructure Management Interface (CIMI) Primer CIMI Model and REST Interface over HTTP Specification Interoperable Clouds Architecture for Managing Clouds Use Cases and Interactions for Managing Clouds
Object Management Group (OMG)	OMG's focus is always on modeling, and the first specific cloud-related specification efforts have only just begun, focusing on modeling deployment of applications & services on clouds for portability, interoperability & reuse. The following table doesn’t take into account the ETSI work on Grid computing.OMG has formed the Cloud Standards Customer Council, an end user advocacy group dedicated to accelerating cloud's successful adoption, and drilling down into the standards, security and interoperability issues surrounding the transition to the cloud.The Council will provide cloud users with the opportunity to drive client requirements into standards development organisations and deliver materials such as best practices and use cases to assist other enterprises.	The Practical Guide to Cloud Computing Cloud Computing Use Cases
Open Grid Forum (OGF)	The Open Cloud Computing Interface comprises a set of open community-led specifications delivered through the Open Grid Forum. OCCI is a Protocol and API for all kinds of Management tasks. OCCI was originally initiated to create a remote management API for IaaS model based Services, allowing for the development of interoperable tools for common tasks including deployment, autonomic scaling and monitoring. It has since evolved into a flexible API with a strong focus on integration, portability, interoperability and innovation while still offering a high degree of extensibility.	GFD.183: Open Cloud Computing Interface - Core GFD.184: OCCI - Infrastructure GFD.185: OCCI – RESTful HTTP Rendering
Open Group	The Open Group Cloud Work Group exists to create a common understanding among buyers and suppliers of how enterprises of all sizes and scales of operation can include Cloud Computing technology in a safe and secure way in their architectures to realize its significant cost, scalability and agility benefits. It includes some of the industry’s leading Cloud service providers and end-user organisations, collaborating on standard models and frameworks aimed at eliminating vendor lock-in for enterprises looking to benefit from Cloud products and services.	Building Return On Investment from Cloud Computing Strengthening Your Business Case for Using Cloud Cloud Buyers Decision Tree Cloud Computing Explained white paper An Architectural View of Security for Cloud Cloud Computing Reference Architecture (CCRA) Service Oriented Cloud Computing Infrastructure (SOCCI) Framework Security For Cloud and SOA Reference Architecture Open Group Cloud Security position paper
Organization for the Advancement of Structured Information Standards (OASIS)	OASIS is a not-for-profit consortium that drives the development, convergence and adoption of open standards for the global information society. It produces standards for security, e-business, web services, and application-specific markets as well as facilitates standardization efforts in the public sector. OASIS Technical Committees do work on a wide variety of technologies which will be critical for and widely used in the Cloud Space, e.g. web services, WS-I profiles, security and identity, provisioning, modeling, etc. Much of that work had as its orientation SOA based and enabling technologies, much of which will be directly applicable to the Cloud. In the absence of specific guidance from the SGCC, the criteria used here to determine which Technical Committee's work should be listed in the table is whether the TC's charter work targets Cloud-specific requirements. At this time the OASIS Identity in the Cloud TC is the only one which meets those criteria.	Cloud Application Management for Platforms (CAMP) Identity in the Cloud Use Cases Symptoms Automation Framework (SAF) Topology and Orchestration Specification for Cloud Applications (TOSCA)
Storage Networking Industry Association (SNIA)	SNIA's Cloud Technical Working Group (Cloud TWG) focuses standardizing interactions between Cloud-based storage services and clients by developing specifications that deliver architectural semantics and implementation details to application developers. RESTful HTTP-based protocols are used to enable Cloud service providers to offer interoperable Cloud storage management and access to their consumers and developers. The following table doesn’t take into account the ETSI work on Grid computing.	Cloud Data Management Interface (CDMI) Cloud Storage for Cloud Computing
Trusted Computing Group (TCG)	The Trusted Computing Group (TCG) is an international industry standards group. The TCG develops specifications amongst it members. Upon completion, the TCG publishes the specifications for use and implementation by the industry.	Trusted Multi-Tenant Infrastructure (TMI) Use Cases Trusted Multi-tenant Infrastructure (TMI) Reference Framework