Cloud Operations
CategoryCloud Computing Standards
Cloud Computing can become more valuable if automatic creation and management of application layer services can be ported across alternative cloud implementation environments. Operation of cloud data centres requires integrated "smart" monitoring and control of resources.
Standards Overview
Quality of Service with Efficiency
The target objectives for cloud operational excellence are to lower overall operational expenditure and optimize operational procedures to achieve a sustainable and long-term improvement of an enterprise.
The ability to rapidly provision IT services without spending large amounts of resources is one of the major practices that impacts business operations of an enterprise. Organizations must adopt an IT strategy that not only builds internal clouds, but also utilizes external clouds with support for continuous operational optimization, fully-tested operational procedures, and automated change and configuration control.
Cloud operators have to monitor service quality and enable effective mechanisms to perform root cause analysis, store incident information for further analysis, and evolve the service, so that issues can be prevented.
The following publications provide guidance on operating and optimizing Cloud Computing environments:
- ISO/IEC 17826 — Cloud Data Management Interface (CDMI)
- ISO/IEC 19395 — Smart Data Centre Resource Monitoring and Control
- ISO/IEC 24748-1 — Lifecycle Management - Guidelines for Lifecycle Management
- ISO/IEC 24748-2 — Lifecycle Management - Guidelines for the Application of ISO/IEC 15288
- ISO/IEC 24748-3 — Lifecycle Management - Guide to the Application of ISO/IEC 12207
- ISO/IEC 24748-4 — Lifecycle Management - Systems Engineering Planning
- ISO/IEC 24748-5 — Lifecycle Management - Software Development Planning
- ISO/IEC 24748-6 — Lifecycle Management - System Integration Engineering
- ISO/IEC 24748-7 — Lifecycle Management - Application of Systems Engineering on Defense Programs
- ISO/IEC 24748-8 — Lifecycle Management - Technical Reviews and Audits on Defense Programs
- ISO/IEC 24774 — Lifecycle Management - Guidelines for Process Description
- ISO/IEC 15288 — Systems and Software Engineering - System Lifecycle Processes
- ISO/IEC 12207 — Systems and Software Engineering - Software Lifecycle Processes
- ISO/IEC 19770-1 — IT Asset Management (ITAM) - Requirements
- ISO/IEC 19770-2 — ITAM - Software Identification Tag
- ISO/IEC 19770-3 — ITAM - Entitlement Schema
- ISO/IEC 19770-4 — ITAM - Resource Utilization Measurement
- ISO/IEC 19770-5 — ITAM - Overview and Vocabulary
- ISO/IEC 20000-1 — IT Service Management (ITSM) - Requirements
- ISO/IEC 20000-2 — ITSM - Guidance on the Application of ITSM
- ISO/IEC 20000-3 — ITSM - Guidance on Scope Definition and Applicability
- ISO/IEC 20000-5 — ITSM - Exemplar Implementation Plan
- ISO/IEC 20000-6 — ITSM - Requirements for Bodies Providing Audit and Certification
- ISO/IEC 20000-7 — ITSM - Guidance on the Integration and Correlation to ISO/IEC 9001/27001
- ISO/IEC 20000-10 — ITSM - Concepts and Vocabulary
- ISO/IEC 20000-11 — ITSM - Guidance on the Relationship to ITIL
- ISO/IEC 20000-12 — ITSM - Guidance on the Relationship to CMMI-SVC
- ISO/IEC 33001 — Process Assessment - Concepts and Terminology
- ISO/IEC 33002 — Process Assessment - Requirements for Performing Process Assessment
- ISO/IEC 33003 — Process Assessment - Requirements for Process Measurement Frameworks
- ISO/IEC 33004 — Process Assessment - Requirements for Process Reference and Maturity Models
- ISO/IEC 33014 — Process Assessment - Guide for Process Improvement
- ISO/IEC 33020 — Process Assessment - Process Measurement Framework for Capability Assessment
- ISO/IEC 33030 — Process Assessment - An Exemplar Documented Assessment Process
- ISO/IEC 33052 — Process Assessment - Process Reference Model for Information Security Management
- ISO/IEC 33063 — Process Assessment - Process Assessment Model for Software Testing
- ISO/IEC 33071 — Process Assessment - An Integrated Process Capability Assessment Model
- ISO/IEC 33072 — Process Assessment - Process Capability Assessment Model for Information Security
- ISO/IEC 33073 — Process Assessment - Process Capability Assessment Model for Quality Management
- COBIT 5: Framework
- COBIT 5: Implementation
- COBIT 5: Enabling Processes
- COBIT 5: Enabling Information
- COBIT 5: Information Security
- COBIT 5: Audit and Assurance
- COBIT 5: Risk Management
- COBIT 5: Process Assessment Model
- COBIT 5: Assessor Guide
- COBIT 5: Self-Assessment Guide
- COBIT 5: CMMI Practices Pathway Tool
- COBIT 5: DMM Practices Pathway Tool
- DMTF DSP0264 — Cloud Infrastructure Management Interface (CIMI)
- DMTF DSP0263 — CIMI Model and RESTful HTTP-based Protocol
- DMTF DSP2027 — CIMI Primer
- DMTF DSP2041 — CIMI Extensions
- DMTF DSP2042 — CIMI Use Cases
- DMTF DSP2038 — Cloud Auditing Data Federation (CADF) - OpenStack Profile
- DMTF DSP0262 — CADF - Data Format and Interface Definitions Specification
- DMTF DSP0004 — Common Information Model (CIM) - Metamodel
- DMTF DSP0221 — CIM - Managed Object Format Specification
- DMTF DSP0105 — CIM - Compliance Specification
- DMTF DSP0219 — CIM - UML Profile
- DMTF DSP1067 — Software Identification Tag Profile
- DMTF DSP-IS0301 — Software Identification and Entitlement Usage Metrics
- OGF GFD.221 — OCCI - Core
- OGF GFD.224 — OCCI - Infrastructure
- OGF GFD.162 — OCCI - Use Cases and Requirements for a Cloud API
- OGF GFD.222 — OCCI - Compute Resource Templates Profile
- OGF GFD.228 — OCCI - Service Level Agreements
- OGF GFD.227 — OCCI - Platform
- OGF GFD.223 — OCCI - HTTP Protocol
- OGF GFD.185 — OCCI - RESTful HTTP Rendering
- OGF GFD.226 — OCCI - JSON Rendering
- OGF GFD.229 — OCCI - Text Rendering
- osb-spec — OSB: Open Service Broker API
- tuf-spec — TUF: The Update Framework
- SOC 2: Trust Services Criteria
- SOC 2: Reporting on an Examination of Controls
- SOC 2: Description Criteria for an Examination of Controls
- SOC 2: Codification of Statements on Standards for Attestation Engagements
- CPE: Introduction to SOC for Service Organizations Reporting
- CPE: Walkthrough of the Trust Services Criteria
- CPE: SOC for Service Organizations Reporting Overview
- CPE: SOC for Service Organizations Deep Dive
- TIA-942 — Telecommunications Infrastructure Standard for Data Centres
manage
Cloud-based IT resources need to be provisioned, configured, maintained and monitored.
To maintain highly available services despite expected component failures and service end-of-life milestones, a cloud incorporates new hardware components and release automation tools.
The underlying network, compute and storage resources are shared and auto-provisioned to support a responsive, reliable and stable system infrastructure.
Cloud environments enable automated ways to measure allocation and consumption of cloud services, and optimize their usage by leveraging metering capability.
Cloud solutions that use shared and public networks should expect unreliable service due to fluctuating performance, variable latency and network failures.
Cloud service providers need to offer system APIs to control application build, deployment, administration, monitoring and patching activities.
Cloud operators configure a marketplace of services and service plans, and offer a self-service interface to users.
A level of interoperability among self-service interfaces needs to be achieved, in order to enable independent vendors to create tools and services that interact with any conforming cloud.