云资讯业界资料

Desktop Version 繁體简体

Web Portals

Hong Kong Computer Society - Cloud Computing SIG (CCSIG)
IEEE Cloud Computing Web Portal
"GD InfoCloud" Portal (Simplified Chinese)

Reference Information

Presentation materials of Workshop on ISO/IEC 27001 Information Security Management System Certification
Cloud Security Guide for SMEs - European Network and Information Security Agency
Best Practice Guidelines on Regulatory Approaches to Foster Access to Digital Opportunities through Cloud Services – International Telecommunication Union
Cloud Portability and Interoperability Architecture Model and Best Practices Based on Open Group Guide
Cloud Standardization White Paper - China Electronics Standardization Institute (Simplified Chinese)
Guide to Cloud Computing Portability and Interoperability - Open Group

HK-GD Cloud Industry Conference 2014 (Keynote Speech Presentations)

"雲端連接未來" - Presentation (Traditional Chinese) Video
"Building a Secure and Reliable Cloud Service - The Microsoft Story" - Presentation Video
"构建安全的云计算数据中心" - Presentation (Simplified Chinese) Video
"How to Build a Secure, Reliable and Manageable Cloud Service" - Presentation Video
"Solutions to the Security Issues of Cloud Services" - Presentation (Simplified Chinese) Video

HK-GD Cloud Industry Collaboration Forum 2013 (Keynote Speech Presentations)

"Government Support for Leading the Cloud Computing Development Trend" - Presentation (Simplified Chinese) Video
"Cloud Computing Industry – Trends for Cooperation between Mainland and Hong Kong" - Presentation (Simplified Chinese) Video
"Views on Cloud Computing Development of Guangdong Province" - Presentation (Simplified Chinese) Video
Best Practices for Cloud Service Provision - Video

Discussion Forums

Cloud Related Organisations

Organisation	Scope	Cloud Deliverables
Institute of Electrical and Electronic Engineers Standards Association (IEEE-SA)	IEEE has launched its new Cloud Computing Initiative to stimulate the innovation and dissemination of Cloud Computing technologies and applications, with the introduction of two new standards development projects, Draft IEEE P2301, Guide for Cloud Portability and Interoperability Profiles, and Draft IEEE P2302, Standard for Inter-cloud Interoperability and Federation.	IEEE P2301 Guide for Cloud Portability and Interoperability Profiles (CPIP) IEEE P2302 Standard for Intercloud Interoperability and Federation (SIIF)
Internet Engineering Task Force (IETF)	The technical work of the IETF is done in its working groups, which are organised into several areas (e.g., routing, transport, security, etc.), and managed by Area Directors (ADs). Respective standards for cloud are currently handled under the existing areas of the working groups (e.g. security, applications, operations and management, etc.).	A framework for controlling Multitenant Isolation, Connectivity and Reachability in a Hybrid Cloud Environment Accessing Cloud Services Cloud Data Management Interface (CDMI) Media Types Cloud Networking: Framework and VPN Applicability Cloud Reference Framework Cloud Service Broker Simple Cloud Identity Management: Core Schema 1.0 Simple Cloud Identity Management: Protocol 1.0 Syslog Extension for Cloud Using Syslog Structured Data
ISO/IEC JTC 1/SC 7	JTC 1/SC7 has the following mandate, or terms of reference: standardisation of processes, supporting tools and supporting technologies for the engineering of software products and systems. There are two broad groupings of work within SC7: software engineering, and IT business processes. Working group 21 software asset management (with the 19770 series of standards) and WG25 (Service Management) which focus on topics of particular relevance to Cloud Computing. Another relevant working group is WG19 (Open Distributed Processing and Modeling Languages).	ISO/IEC 20000-1 ISO/IEC 20000-7 ISO/IEC 19770- 1:2006 Software asset management processes ISO/IEC 19770-2:2009 Software identification tag ISO/IEC 19770-3 Software entitlement tag ISO/IEC 19770-7 ISO/IEC 19793 Open Distributed Processing — Use of UML for ODP system specifications
ISO/IEC JTC 1/SC 27	The development of standards for the protection of information and 637 ICT. This includes generic methods, techniques and guidelines to address both security and privacy aspects, such as management of information and ICT security; security processes, controls and services; cryptographic and other security mechanisms for protecting the accountability, availability, integrity and confidentiality of information; Security aspects of identity management, biometrics and privacy; Conformance assessment, accreditation and auditing requirements in the area of information security.	Report on Study Period “Cloud Computing security and privacy” ISO/IEC 27001 Information technology — Security techniques — Information security management systems — Requirements ISO/IEC 27002 Information technology — Security techniques — Code of practice for information security controls ISO/IEC 27005 Information technology — Security techniques — Information security risk management ISO/IEC 27017 Information technology -- Security techniques -- Code of practice for information security controls based on ISO/IEC 27002 for cloud services ISO/IEC 27018 Information technology -- Security techniques -- Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors ISO/IEC WD 27036-4 Information technology -- Information security for supplier relationships -- Part 4: Guidelines for security of Cloud services ISO/IEC 27040 Information technology -- Security techniques -- Storage security ISO/IEC 29100 Information technology — Security techniques — Privacy framework ISO/IEC 29101 Information technology -- Security techniques -- Privacy architecture framework ISO/IEC 24760 Information technology — Security techniques — A framework for identity management ISO/IEC CD 29146 Information technology — Security techniques — A framework for access management
ISO/IEC JTC 1/SC 38	Standardization for Interoperable Distributed Application Platforms and Services including: Web Services, Service Oriented Architecture (SOA), and Cloud Computing	ISO/IEC 16680:2012 Information technology - The Open Group Service Integration Maturity Model (OSIMM) ISO/IEC 17203:2011 Information technology - Open Virtualisation Format (OVF) specification ISO/IEC 17788 Information technology -- Cloud computing -- Overview and Vocabulary ISO/IEC 17789 Information Technology -- Cloud Computing -- Reference Architecture ISO/IEC 17826: 2012 Cloud Data Management Interface (CDMI) specification ISO/IEC 19086 Information technology -- Cloud computing -- Service Level Agreement (SLA) Framework and Terminology ISO/IEC 29361:2008 Information technology - Web Services Interoperability - WS-I Basic Profile Version 1.1 ISO/IEC 29362:2008 Information technology - Web Services Interoperability - WS-I Attachments Profile Version 1.0 ISO/IEC 29363:2008 Information technology - Web Services Interoperability - WS-I Simple SOAP Binding Profile Version 1.0
ITU-T Focus Group on Cloud Computing	The Focus Group analyses the standardisation needs from the telecommunication viewpoint for Cloud Computing. It is focusing on transport via telecommunications networks, security aspects of telecommunications, service requirements, etc.	Benefits of Cloud Computing from telecommunication/ICT perspective Cloud Computing Framework for End to End Resource Management Cloud Computing Infrastructure Requirements Cloud Computing Reference Architecture Cloud Computing Security Cloud Computing: Ecosystem, Use Cases and General Requirements Cloud Resource Management Gap Analysis Framework of Inter-cloud for Network and Infrastructure Functional Requirements and Reference Architecture Guidelines of Operational Security for Cloud Computing High Level Requirements and Capabilities for Cloud Enabled Service Environment Information technology - Security techniques - Code of Practice for Information Security Controls for Cloud Computing Services Based on ISO/IEC 27002 Infrastructure & Network Enabled Cloud Introduction to the Cloud Ecosystem : Definitions, Taxonomies, Use Cases, High Level Requirements and Capabilities Overview of SDOs involved in Cloud Computing Resource Control and Management for Virtual Networks for Cloud Services (VNCs) Security Framework for Cloud Computing Security Functional Requirements for Software as a Service (Saas) Application Environment
World Wide Web Consortium (W3C)	A Cloud Computing Community Group has recently been established under the W3C to examine and create specifications related to distributed computation and storage, with an XML network transport layer and possible mapping to Resource Description Framework (RDF).	Use Cases and Requirements

Organisation	Scope	Cloud Deliverables
APEC Telecommunications and Information Working Group (TEL)	One of their Key Areas for Action for 2010-2015 is on the development of innovative technologies and services to share information and promote cooperation among economies to facilitate the introduction of advanced and emerging technologies and services such as cloud computing and grid computing.
China Electronics Standardization Institute (CESI)	CESI, founded in 1963, is a governmental standardization institute in the field of electronics and IT industry under the Ministry of Industry and Information Technology (MIIT) China. Currently, CESI has two working groups involved in the field of Cloud Computing standards, including SOA-WG and ITSS-WG. On 19, Nov. 2010, a worldwide conference was held to analyze standard requirements and promote communications between government, industry, SDOs, academia and customers.	Cloud Computing Standardization Study Operation Requirements for Cloud Computing services
ETSI Technical Committee (TC) CLOUD	The goal of TC CLOUD is to address issues associated with the convergence between IT (Information Technology) and Telecommunications. The focus is on scenarios where connectivity goes beyond the local network.	ETSI TR 102 997 V1.1.1: Initial analysis of standardization requirements for Cloud services; DTR/CLOUD- 0010: Use Cases for Cloud Service Scenarios; ETSI TR 103 126 V1.1.1: Cloud private-sector user recommendations; ETSI TR 103 125 V1.1.1: SLAs for Cloud services
European Committee for Standardization (CEN)	CEN is a major provider of European Standards and technical specifications including cloud standards.
European Network and Information Security Agency (ENISA)	The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA focuses on network and information security, giving advice and recommendations and acting as a switchboard for information on good practices, primarily in Europe. The agency facilitates contacts between European institutions, the Member States of the European Union, and private business and industry actors.	Cloud Computing, Benefits, risks and recommendations for information security Security & Resilience in Governmental Clouds Cloud Computing Information Assurance Framework
Japan Cloud Consortium (JCC)	The “Japan Cloud Consortium” was established to promote dissemination and development incl. standardization activity of Cloud Computing in Japan in an industry-academia-government collaboration consisting of various industries, organisations, and businesses in uniting to display their combined force. The purpose of this Consortium is to carry out the activities of making suggestions on the cross sectional sharing of information and on identifying and resolving any new issues with various measures against cloud services by the relevant enterprises and organisations. The Ministry of Internal Affairs and Communications (MIC) and the Minister of Economy, Trade and Industry (METI) are also participating in the Consortium as observers.
KCSA (Korea Cloud Service Association)	KCSA is a non-profit organisation to realization of Green IT and reinforcing national competition power by sharing information, development of application services based on Cloud and promoting Cloud services based on next-generation internet in Korea. The KCSA has 4 activities as followings: Create of the needs and promotion of the services on Cloud Computing in Korea; Make the environment for the service activation; Promote and enhance the awareness of the services ; Support members and reinforce the network.
National Institute of Standards and Technology (NIST)	Founded in 1901 and now part of the U.S. Department of Commerce, NIST is one of the nation's oldest physical science laboratories. The institute's official mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.	Cloud Computing Use Cases Cloud Guidelines on Security and Privacy Issues in Public Cloud Computing Interagency Report 7904 - Trusted Geolocation in the Cloud: Proof of Concept Implementation NIST Cloud Computing Reference Architecture NIST Cloud Computing Security Reference Architecture NIST Cloud Computing Standards Roadmap NIST Cloud Computing Synopsis and Recommendations The NIST definition of cloud computing US Government Cloud Computing Technology US Government Cloud Computing Technology Roadmap

Organisation	Scope	Cloud Deliverables
Asia Cloud Computing Association (ACCA)	ACCA is a not-for-profit and vendor-neutral organisation aims to address imminent issues related to cloud computing, including privacy and security concerns, compliance and regulatory mandates, licensing models, service levels, and other market risks.	Cloud Readiness Index; Cloud Assessment Tool
Asia Pacific Cloud Alliance (APCA)	The APCA (founded in 2012) aims to facilitate partnerships among telecommunications carriers and ICT services providers in Asia Pacific. It will develop cloud interoperability standards around security and privacy, quality of service and service level agreement, as well as mitigate service provider lock-in.
Cloud Industry Forum (CIF)	The Cloud Industry Forum focuses on building trust between suppliers and consumers of Cloud services for doing business in the Cloud. A major part of this scope is a certifiable Code of Practice covering transparency, capability, and accountability of participating service providers. The outcome requires the provision of key organisational, commercial and operational information in a consistent format that will assist end users in determining how they adopt Cloud services and from whom.	Cloud Industry Forum Code of Practice; White papers on trends in end user adoption of Cloud Services across the UK; An introduction and guide to buying Cloud Services
Cloud Security Alliance (CSA)	To promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing.	Cloud Controls Matrix (CCM) Open Certification Framework Security as a Service (SecaaS) Implementation Guidance Security Guidance for Critical Areas of Focus in Cloud Computing Top Threats to Cloud Computing Trusted Cloud Initiative (TCI) Reference Architecture Model
Cloud Services Forum (CSF)	Alliance for Telecommunications Industry Solutions ATIS's Cloud Services Forum (CSF) focuses on the operators' provision of cloud, and the development of a framework to build large-scale, high quality network and application services. CSF develops cloud-based standard interfaces, to core network functions, further enhancing the value of provider networks.	CDN-I Use Case Specifications report Content Distribution Network Interconnection (CDN-I) Release 2 Cloud Framework for Telepresence Service
Distributed Management Task Force (DMTF)	Using the recommendations developed by DMTF's Open Cloud Standards Incubator, the Cloud management workgroup (CMWG) is focused on standardizing interactions between Cloud environments by developing specifications that deliver architectural semantics and implementation details to achieve interoperable Cloud management between service providers and their consumers and developers.	Open Virtualisation Format (OVF) Cloud Infrastructure Management Interface (CIMI) Cloud Infrastructure Management Interface – CIM (CIMI-CIM) Cloud Infrastructure Management Interface (CIMI) Primer CIMI Model and REST Interface over HTTP Specification Interoperable Clouds Architecture for Managing Clouds Use Cases and Interactions for Managing Clouds
Object Management Group (OMG)	OMG's focus is always on modeling, and the first specific cloud-related specification efforts have only just begun, focusing on modeling deployment of applications & services on clouds for portability, interoperability & reuse. The following table doesn’t take into account the ETSI work on Grid computing.OMG has formed the Cloud Standards Customer Council, an end user advocacy group dedicated to accelerating cloud's successful adoption, and drilling down into the standards, security and interoperability issues surrounding the transition to the cloud.The Council will provide cloud users with the opportunity to drive client requirements into standards development organisations and deliver materials such as best practices and use cases to assist other enterprises.	The Practical Guide to Cloud Computing Cloud Computing Use Cases
Open Cloud Consortium (OCC)	OCC is managed by the Center for Computational Science Research, Inc., which is an Illinois based not-for-profit corporation. It manages and operates cloud computing infrastructure to support scientific, environmental, medical and health care research.	The Open Science Data Cloud (OSDC) The OCC-Y Cluster Project Matsu The OCC Virtual Network Testbed The OCC Open Cloud Testbed
Open Cloud Initiative (OCI)	The Open Cloud Initiative (OCI) is a California public benefit corporation (non-profit) run by a group of likeminded individuals to advocate open cloud computing. Initiated in March 2009 in response to confusion over the meaning of the term "Open Cloud", the organisation was formalised as a legal entity and officially launched at OSCON in July 2011.	Open Cloud Principles (OCP)
Open Data Center Alliance (ODCA)	The Open Data Center Alliance is a consortium of over 250 members working to ‘provide unified, prioritised customer requirements for open, interoperable cloud solutions’. It was formed in Q3 2010 and published its first tranche of 8 Open Data Center Usage Models in June 2011, describing key customer requirements in areas of Secure Federation, Automation, Common Management and Policy, and Transparency.	Usage Models: Security Monitoring; Security Provider Assurance; IO Control; VM Interoperability; Regulatory Framework; Carbon Footprint; Service Catalog; Standard Units of Measurement for IaaS; Cloud Based Identity Governance and Auditing; Infrastructure as a Service (IaaS) Privileged UserAccess; Cloud Based Identity Provisioning
Open Grid Forum (OGF)	The Open Cloud Computing Interface comprises a set of open community-led specifications delivered through the Open Grid Forum. OCCI is a Protocol and API for all kinds of Management tasks. OCCI was originally initiated to create a remote management API for IaaS model based Services, allowing for the development of interoperable tools for common tasks including deployment, autonomic scaling and monitoring. It has since evolved into a flexible API with a strong focus on integration, portability, interoperability and innovation while still offering a high degree of extensibility.	GFD.183: Open Cloud Computing Interface - Core GFD.184: OCCI - Infrastructure GFD.185: OCCI – RESTful HTTP Rendering
Open Group	The Open Group Cloud Work Group exists to create a common understanding among buyers and suppliers of how enterprises of all sizes and scales of operation can include Cloud Computing technology in a safe and secure way in their architectures to realize its significant cost, scalability and agility benefits. It includes some of the industry’s leading Cloud service providers and end-user organisations, collaborating on standard models and frameworks aimed at eliminating vendor lock-in for enterprises looking to benefit from Cloud products and services.	Building Return On Investment from Cloud Computing Strengthening Your Business Case for Using Cloud Cloud Buyers Decision Tree Cloud Computing Explained white paper An Architectural View of Security for Cloud Cloud Computing Reference Architecture (CCRA) Service Oriented Cloud Computing Infrastructure (SOCCI) Framework Security For Cloud and SOA Reference Architecture Open Group Cloud Security position paper
Organization for the Advancement of Structured Information Standards (OASIS)	OASIS is a not-for-profit consortium that drives the development, convergence and adoption of open standards for the global information society. It produces standards for security, e-business, web services, and application-specific markets as well as facilitates standardization efforts in the public sector. OASIS Technical Committees do work on a wide variety of technologies which will be critical for and widely used in the Cloud Space, e.g. web services, WS-I profiles, security and identity, provisioning, modeling, etc. Much of that work had as its orientation SOA based and enabling technologies, much of which will be directly applicable to the Cloud. In the absence of specific guidance from the SGCC, the criteria used here to determine which Technical Committee's work should be listed in the table is whether the TC's charter work targets Cloud-specific requirements. At this time the OASIS Identity in the Cloud TC is the only one which meets those criteria.	Cloud Application Management for Platforms (CAMP) Identity in the Cloud Use Cases Symptoms Automation Framework (SAF) Topology and Orchestration Specification for Cloud Applications (TOSCA)
OSGi Alliance	The OSGi Alliance is a standards development organisation which has been developing modularity and service-oriented specifications for the JavaTM platform since 1998. The OSGi Cloud Working Group has been focusing on extending the OSGi Framework to address Cloud Computing use-cases.	RFP 133 – Cloud Computing
Storage Networking Industry Association (SNIA)	SNIA's Cloud Technical Working Group (Cloud TWG) focuses standardizing interactions between Cloud-based storage services and clients by developing specifications that deliver architectural semantics and implementation details to application developers. RESTful HTTP-based protocols are used to enable Cloud service providers to offer interoperable Cloud storage management and access to their consumers and developers. The following table doesn’t take into account the ETSI work on Grid computing.	Cloud Data Management Interface (CDMI) Cloud Storage for Cloud Computing
Trusted Computing Group (TCG)	The Trusted Computing Group (TCG) is an international industry standards group. The TCG develops specifications amongst it members. Upon completion, the TCG publishes the specifications for use and implementation by the industry.	Trusted Multi-Tenant Infrastructure (TMI) Use Cases Trusted Multi-tenant Infrastructure (TMI) Reference Framework