ISO/IEC TR 15944-14:2020

TECHNICAL ISO/IEC TR
REPORT 15944-14
First edition
2020-11
Information technology — Business
operational view —
Part 14:
Open-edi reference model and cloud
computing architecture
Reference number
©
ISO/IEC 2020
© ISO/IEC 2020
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO/IEC 2020 – All rights reserved

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms .10
5 Brief summary of Open-edi reference model .11
5.1 Open-edi reference model overview .11
5.2 Business operational view .11
5.3 Functional service view .12
6 Brief summary of cloud computing reference architecture .13
6.1 Cloud computing overview.13
6.2 Cloud computing reference architecture (CCRA) .15
7 Semantic models of the Open-edi reference model and the cloud computing
architecture .16
7.1 Open-edi reference model in FBM .16
7.2 Cloud computing architecture in FBM .19
8 Analysis of Open-edi and cloud computing .21
8.1 General discussion .21
8.2 Summary of cloud computing and roles of an agent or a third party and a seller in
executing business transactions .22
Annex A (informative) Consolidated list of terms and definitions with cultural adaptability:
ISO English and ISO French language equivalency .24
Annex B (informative) Consolidated set of key rules in the ISO/IEC 15944 series of
particular relevance to cloud computing architecture .32
Annex C (informative) Mapping key "cloud computing" concepts/definitions into an
eBusiness requirements context .36
Annex D (informative) FBM (fact-based modelling) .42
Annex E (informative) Discussion of definitions of "role" in ISO/IEC 14662 and ISO/IEC 17789 .43
Annex F (informative) List of parts of the ISO/IEC 15944 series .44
Bibliography .45
© ISO/IEC 2020 – All rights reserved iii

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that
are members of ISO or IEC participate in the development of International Standards through
technical committees established by the respective organization to deal with particular fields of
technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other
international organizations, governmental and non-governmental, in liaison with ISO and IEC, also
take part in the work.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for
the different types of document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www .iso .org/ patents) or the IEC
list of patent declarations received (see http:// patents .iec .ch).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso .org/
iso/ foreword .html.
This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 32, Data management and interchange.
A list of all parts in the ISO/IEC 15944 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www .iso .org/ members .html.
iv © ISO/IEC 2020 – All rights reserved

Introduction
0.1  Purpose and overview
Open-edi is defined in ISO/IEC 14662 as "electronic data interchange among multiple autonomous
Persons to accomplish an explicit shared business goal according to Open-edi standards". Cloud computing
is defined in ISO/IEC 17788 as "a paradigm for enabling network access to a scalable and elastic pool of
shareable physical or virtual resources with self-service provisioning and administration on demand". There
are many similarities and commonalities among the Open-edi reference model and cloud computing
reference architecture.
ISO/IEC 15944 is a multipart eBusiness standard which is based on and focuses on the BOV perspective
of the ISO/IEC 14662 Open-edi reference model. This document is intented to serve as a bridge among
standards development involved in Open-edi and cloud computing.
The primary purpose of this document is to identify commonalities between:
a) the ISO/IEC 14662 Open-edi reference model (and related ISO/IEC 15944 series); and,
b) ISO/IEC 17789 (and related standards).
0.2  Link to ISO/IEC 14662 and ISO/IEC 15944 perspectives
1)
0.2.1  ISO/IEC 14662 Open-edi reference model
The ISO/IEC 14662, Open-edi reference model states the conceptual architecture necessary for
carrying out electronic business transactions among autonomous parties. That architecture identifies
and describes the need to have two separate and related views of the business transaction.
The first is the business operational view (BOV). The second is the functional service view (FSV).
Figure 1 (copied from ISO/IEC 14662) illustrates the Open-edi environment.
Figure 1 — Open-edi environment
1)  The Memorandum of Understanding between ISO, IEC, ITU and UN/ECE (2000) concerning standardization in
the field of electronic business is based on this Model. See https:// www .unece .org/ fileadmin/ DAM/ oes/ MOU/
2000/ 24March2000 _IEC _ISO _ITU .pdf.
© ISO/IEC 2020 – All rights reserved v

0.2.2  ISO/IEC 15944-1
ISO/IEC 15944-1 states the requirements of the BOV aspects of Open-edi in support of electronic
business transactions. They are required to be taken into account in the development of business
semantic descriptive techniques for modelling e-business transactions and components thereof as re-
useable business objects. They include:
— commercial frameworks and associated requirements;
— legal frameworks and associated requirements;
— public policy requirements particularly which apply to individuals, i.e., are rights of individuals,
which are of a generic nature such as consumer protection, privacy protection, and accessibility
(see further in ISO/IEC 15944-5:2008, 6.3);
— requirements arising from the need to support cultural adaptability. This includes meeting
localization and multilingual requirements, (e.g., as may be required by a particular jurisdictional
domain or desired to provide a good, service and/or right in a particular market). One needs the
ability to distinguish, the specification of scenarios, scenario components, and their semantics, in
the context of making commitments, between:
a) the use of unique, unambiguous and linguistically neutral identifiers (often as composite
identifiers) at the information technology interface level among the IT systems of participation
parties on the one hand; and, on the other,
b) their multiple human interface equivalent (HIE) expressions in a presentation form appropriate
to the Persons involved in the making of the resulting commitments.
Figure 2 (copied from ISO/IEC 15944-1) shows an integrated view of these business operational
requirements.
vi © ISO/IEC 2020 – All rights reserved

Figure 2 — Integrated view of business operational requirements
In electronic business transactions, whether undertaken on a for profit or not-for-profit basis,
the key element is commitment exchange among Persons made through their decision-making
applications (DMAs) of their information technology systems (IT systems) accessibility (see further
© ISO/IEC 2020 – All rights reserved vii

in ISO/IEC 14662:2010, 5.2) acting on behalf of Persons. Persons are the only entities able to make
commitments.
The business operational view (BOV) was therefore defined as:
"perspective of business transactions limited to those aspects regarding the making of business
decisions and commitments among Persons which are needed for the description of a business
transaction".
[ISO/IEC 14662:2010, 3.3]
There are three categories of Person as a role player in Open-edi, namely:
1) the Person as individual,
2) the Person as organization, and
2)
3) the Person as public administration .
There are also three basic (or primitive) roles of Persons in business transactions, namely: buyer, seller,
and regulator. When modelling business transactions, jurisdictional domains prescribe their external
constraints in the role of regulator and execute them as public administration.
0.3 Importance of and role of terms and definitions
The ISO/IEC 15944 series sets out the processes for achieving a common understanding of the business
operational view (BOV) from commercial, legal, ICT, public policy and cross-sectoral perspectives. It is
therefore important to check and confirm that a common understanding in any one of these domains is
also unambiguously understood as identical in the others.
This subclause is included in each part of the ISO/IEC 15944 series to emphasize that harmonized
concepts and definitions (and assigned terms) in its Parts are essential to the continuity of the overall
standard.
In order to minimize ambiguity in the definitions and their associated terms, each definition and its
associated term has been made available in at least one language other than English in the document
in which it is introduced. In this context, it is noted that ISO/IEC 15944-7 already also contains human
3)
interface equivalents (HIEs) in ISO Chinese, ISO French, and ISO Russian .
0.4  Based on rules and guidelines
Open-edi is based on rules which are predefined and mutually agreed to. They are precise criteria
and agreed upon requirements of business transactions representing common business operational
practices and functional requirements.
These rules also serve as a common set of understanding bridging the varied perspectives of the
commercial framework, the legal framework, the information technology framework, standardizers,
consumers, etc.
This document does not introduce any new rules or guidelines in addition to those that are already
found in the ISO/IEC 15944 series.
0.5  Use of Person, organization, individual and party in the context of business transaction and
commitment exchange
2)  While public administration is one of the three distinct sub-types of Person, most of the rules in ISO/IEC 15944-1
applicable to organization also apply to public administration. In addition, an unincorporated seller is also deemed
to function as an organization. Consequently, the use of organization throughout this document also covers public
administration. Where it is necessary to bring forward rules, constraints, properties, etc., which apply specifically to
public administration, this is stated explicitly.
3)  The designation ISO before a natural language refers to the use of that natural language in ISO standards.
viii © ISO/IEC 2020 – All rights reserved

Throughout this document:
— the use of Person with a capital "P" represents Person as a defined term, i.e., as the entity within an
Open-edi Party that carries the legal responsibility for making commitment(s);
— individual, organization, and public administration are defined terms representing the three
common sub-types of Person; and,
— the use of the words person(s) and party (ies) without a capital "P" indicates their use in a generic
context independent of Person, as a defined concept in ISO/IEC 14662 and the ISO/IEC 15944 series.
NOTE A party to a business transaction has the properties and behaviours of a Person.
0.6  Organization and description of this document
This document identifies the key concepts of open-edi reference model and cloud computing reference
architecture relevant to each other by transforming them into concept models.
Following Clauses 0,1, 2, 3 and 4, which have a common approach and similar content in the
ISO/IEC 15944 series, Clause 5 summarizes the Open-edi reference model together with the business
operational view and functional service view.
Clause 6 summarizes the cloud computing reference architecture with user view and functional view.
Clause 7 provides concept models of both open-edi reference model and cloud computing reference
architecture with ORM2 notations.
Clause 8 analyses and discusses the relationship between the two models and gives a summary of cloud
computing and roles of an agent acting on behalf of a seller, and that of a"third party acting on behalf of
a seller in executing business transaction with a buyer.
Annex A is a consolidated list of the definitions and their associated terms introduced in this document
in ISO English and ISO French. (For the complete set of ISO French (and ISO Russian and ISO Chinese)
equivalents of the entries in Clause 3, see ISO/IEC 15944-7.) As stated in the main body of this document,
the issue of semantics and their importance of identifying the correct interpretation across official
aspects is critical.
Annex B identifies rules stated in the other parts of the ISO/IEC 15944 series that are applicable to this
document.
Annex C provides a mapping of key relevant cloud computing concepts and their definitions into an
eBusiness context.
Annex D gives a brief introduction to fact-based modelling.
Annex E discusses definitions of role in ISO/IEC 14662 and ISO/IEC 17789.
Annex F lists titles of all parts of the ISO/IEC 15944 series.
© ISO/IEC 2020 – All rights reserved ix

TECHNICAL REPORT ISO/IEC TR 15944-14:2020(E)
Information technology — Business operational view —
Part 14:
Open-edi reference model and cloud computing
architecture
1 Scope
This document:
— examines the basic concepts that have been developed for both cloud computing and Open-edi;
— identifies key Open-edi concepts relevant to cloud computing;
— identifies key cloud computing concepts relevant to Open-edi;
— compares Open-edi model and cloud computing architecture and identifies mappings (similarities
in whole or in part) between them using formal semantic modelling techniques.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
3.1
agent
Person (3.39) acting for another Person in a clearly specified capacity in the context of a business
transaction (3.4)
Note 1 to entry: Excluded here are agents as "automatons" (or robots, bobots, etc.) In ISO/IEC 14662, "automatons"
are recognized and provided for but as part of the Functional Service View (FSV) where they are defined as an
"Information Processing Domain (IPD)".
[SOURCE: ISO/IEC 15944-1:2011, 3.1]
3.2
business
series of processes, each having a clearly understood purpose, involving more than Person (3.39),
realised through the exchange of information and directed towards some mutually agreed upon goal,
extending over a period of time
[SOURCE: ISO/IEC 14662:2010, 3.2]
© ISO/IEC 2020 – All rights reserved 1

3.3
business operational view
BOV
perspective of business transactions (3.4) limited to those aspects regarding the making of business
(3.2) decisions and commitments (3.16) among Persons (3.39), which are needed for the description of a
business transaction
[SOURCE: ISO/IEC 14662:2010, 3.3]
3.4
business transaction
predefined set of activities and/or processes of Persons (3.39) which is initiated by a Person to
accomplish an explicitly shared business (3.2) goal and terminated upon recognition of one of the agreed
conclusions by all the involved Persons although some of the recognition might be implicit
[SOURCE: ISO/IEC 14662:2010, 3.4]
3.5
buyer
Person (3.39) who aims to get possession of a good, service, and/or right through providing an
acceptable equivalent value, usually in money, to the Person providing such a good, service, and/or right
[SOURCE: ISO/IEC 15944-1:2011, 3.8]
3.6
cloud computing
paradigm for enabling network access to a scalable and elastic pool of shareable physical or virtual
resources with self-service provisioning and administration on-demand
Note 1 to entry: Examples of resources include servers, operating systems, networks, software, applications, and
storage equipment.
[SOURCE: ISO/IEC 17788:2014, 3.2.5]
3.7
cloud service
one or more capabilities offered via cloud computing (3.6) invoked using a defined interface
[SOURCE: ISO/IEC 17788:2014, 3.2.8]
3.8
cloud service broker
cloud service partner (3.12) that negotiates relationships between cloud service customers (3.9) and
cloud service providers (3.13)
[SOURCE: ISO/IEC 17788:2014, 3.2.9]
3.9
cloud service customer
party (3.38) which is in a business relationship for the purpose of using cloud services (3.7)
Note 1 to entry: A business relationship does not necessarily imply financial agreements.
[SOURCE: ISO/IEC 17788:2014, 3.2.11]
3.10
cloud service customer data
class of data objects under the control (3.49), by legal or other reasons, of the cloud service customer
(3.9) that were input to the cloud services (3.7), or resulted from exercising the capabilities of the cloud
services by or on behalf of the cloud service customer via the published interface of the cloud services
Note 1 to entry: An example of legal controls is copyright.
2 © ISO/IEC 2020 – All rights reserved

Note 2 to entry: It may be that the cloud service contains or operates on data that is not cloud service customer
data; this might be data made available by the cloud service providers, or obtained from another source, or it
might be publicly available data. However, any output data produced by the actions of the cloud service customer
using the capabilities of the cloud service on this data is likely to be cloud service customer data, following
the general principles of copyright, unless there are specific provisions in the cloud service agreement to the
contrary.
[SOURCE: ISO/IEC 17788:2014, 3.2.12]
3.11
cloud service derived data
class of data objects under cloud service provider (3.13) control that are derived as a result of interaction
with the cloud services (3.7) by the cloud service customer (3.9)
Note 1 to entry: Cloud service derived data includes log data containing records of who used the service, at what
times, which functions, types of data involved and so on. It can also include information about the numbers of
authorized users and their identities. It can also include any configuration or customization data, where the
cloud service has such configuration and customization capabilities.
[SOURCE: ISO/IEC 17788:2014, 3.2.13]
3.12
cloud service partner
party (3.38) which is engaged in support of, or auxiliary to, activities of either the cloud service provider
(3.13) or the cloud service customer (3.9), or both
[SOURCE: ISO/IEC 17788:2014, 3.2.14]
3.13
cloud service provider
party (3.38) which makes cloud services (3.7) available
[SOURCE: ISO/IEC 17788:2014, 3.2.15]
3.14
cloud service provider data
class of data objects, specific to the operation of the cloud services (3.7), under the control of (3.50) the
cloud service provider (3.13)
Note 1 to entry: Cloud service provider data includes but is not limited to resource configuration and utilization
information, cloud service specific virtual machine, storage and network resource allocations, overall data centre
configuration and utilization, physical and virtual resource failure rates, operational costs and so on.
[SOURCE: ISO/IEC 17788:2014, 3.2.16]
3.15
cloud service user
natural person, or entity acting on their behalf, associated with a cloud service customer (3.9) that uses
cloud services (3.7)
Note 1 to entry: Examples of such entities include devices and applications.
[SOURCE: ISO/IEC 17788:2014, 3.2.17]
3.16
commitment
making or accepting of a right, obligation, liability or responsibility by a Person (3.39) that is capable of
enforcement in the jurisdictional domain in which the commitment is made
[SOURCE: ISO/IEC 14662:2010, 3.5]
© ISO/IEC 2020 – All rights reserved 3

3.17
constraint
rule (3.45), explicitly stated, that prescribes, limits, governs or specifies any aspect of a business
transaction (3.4)
Note 1 to entry: Constraints are specified as rules forming part of components of Open-edi scenarios, i.e., as
scenario attributes, roles, and/or information bundles.
Note 2 to entry: For constraints to be registered for implementation in Open-edi they must have unique and
unambiguous identifiers.
Note 3 to entry: A constraint may be agreed to among parties (condition of contract) and is therefore considered
an "internal constraint". Or a constraint may be imposed on parties (e.g., laws, regulations, etc.), and is therefore
considered an "external constraint".
[SOURCE: ISO/IEC 15944-1:2011, 3.11]
3.18
data portability
ability to easily transfer data from one system to another without being required to re-enter data
Note 1 to entry: It is the ease of moving the data that is the essence here. This might be achieved by the source
system supplying the data in exactly the format that is accepted by the target system. But even if the formats
do not match, the transformation between them may be simple and straightforward to achieve with commonly
available tools. On the other hand, a process of printing out the data and rekeying it for the target system could
not be described as "easy".
[SOURCE: ISO/IEC 17788:2014, 3.2.21]
3.19
decision-making application
DMA
model of that part of an Open-edi system (3.35) which makes decisions corresponding to the role(s)
(3.44) that the Open-edi party (3.31) plays as well as the originating, receiving and managing data
values contained in the instantiated Information Bundles (3.25), and which is not required to be visible
to the other Open-edi party(ies)
[SOURCE: ISO/IEC 14662:2010, 3.6]
3.20
decision-making application interface
DMA interface
set of requirements that permit a decision-making application (3.19) to interact with the Open-edi
Support Infrastructure (3.34)
[SOURCE: ISO/IEC 14662:2010, 3.7]
3.21
electronic data interchange
EDI
automated exchange of any predefined and structured data for business (3.2) purposes among
information systems of two or more Persons (3.39)
Note 1 to entry: This definition includes all categories of electronic business transactions.
[SOURCE: ISO/IEC 14662:2010, 3.8]
4 © ISO/IEC 2020 – All rights reserved

3.22
external constraint
constraint (3.17) which takes precedence over internal constraints in a business transaction (3.4), i.e. is
external to those agreed upon by the parties to a business transaction
Note 1 to entry: Normally, external constraints are created by law, regulation, orders, treaties, conventions or
similar instruments.
Note 2 to entry: Other sources of external constraints are those of a sectorial nature, those which pertain
to a particular jurisdictional domain or mutually agreed common business conventions (e.g., INCOTERMS,
exchanges, etc.).
Note 3 to entry: External constraints can apply to the nature of the good, service and/or right provided in a
business transaction.
Note 4 to entry: External constraints can demand that a party to a business transaction meet specific
requirements of a particular role.
EXAMPLE 1 Only a qualified medical doctor may issue a prescription for a controlled drug.
EXAMPLE 2 Only an accredited share dealer may place transactions on the New York Stock Exchange.
EXAMPLE 3 Hazardous wastes may only be conveyed by a licensed enterprise.
Note 5 to entry: Where the Information Bundles (IBs), including their Semantic Components (SCs) of a business
transaction are also to form the whole of a business transaction (e.g., for legal or audit purposes), all constraints
must be recorded.
EXAMPLE 4 There may be a legal or audit requirement to maintain the complete set of recorded information
pertaining to a business transaction, i.e., as the information bundles exchanged, as a "record".
Note 6 to entry: A minimum external constraint applicable to a business transaction often requires one to
differentiate whether the Person that is a party to a business transaction is an "individual", "organization", or
"public administration". For example, privacy rights apply only to a Person as an "individual".
[SOURCE: ISO/IEC 15944-1:2011, 3.23]
3.23
functional services view
FSV
perspective of business transactions (3.4) limited to those information technology interoperability
aspects of information technology systems (3.27) needed to support the execution of Open-edi
transactions (3.36)
[SOURCE: ISO/IEC 14662:2010, 3.10]
3.24
individual
Person (3.39) who is a human being, i.e., a natural person, who acts as a distinct indivisible entity or is
considered as such
[SOURCE: ISO/IEC 15944-1:2011, 3.28]
3.25
information bundle
IB
formal description of the semantics of the recorded information (3.41) to be exchanged by Open-edi
parties (3.31) playing roles (3.44) in an Open-edi scenario (3.32)
[SOURCE: ISO/IEC 14662:2010, 3.11]
© ISO/IEC 2020 – All rights reserved 5

3.26
information processing domain
IPD
information technology system (3.27) which includes at least either a decision-making application (3.19)
and/or one of the components of an Open-edi support infrastructure (3.34)(or both), and acts/executes
on behalf of an Open-edi party (3.31)(either directly or under a delegated authority)
[SOURCE: ISO/IEC 14662:2010, 3.12]
3.27
information technology system
IT system
set of one or more computers, associated software, peripherals, terminals, human operations, physical
processes, information transfer means, that form an autonomous whole, capable of performing
information processing and/or information transfer
[SOURCE: ISO/IEC 14662:2010, 3.13]
3.28
interoperability
the ability of two or more systems or applications to exchange information and to mutually use the
information that has been exchanged
[SOURCE: ISO/IEC 17788:2014, 3.1.5]
3.29
jurisdictional domain
jurisdiction, recognized in law as a distinct legal and/or regulatory framework, which is a source of
external constraints (3.22) on Persons (3.39), their behaviour and the making of commitments (3.16)
among Persons including any aspect of a business transaction (3.4)
Note 1 to entry: The pivot jurisdictional domain is a United Nations (UN) recognized member state. From a legal
and sovereignty perspective they are considered "peer" entities. Each UN member state, (a.k.a. country) may
have sub-administrative divisions as recognized jurisdictional domains, (e.g., provinces, territories, cantons,
länder, etc.), as decided by that UN member state.
Note 2 to entry: Jurisdictional domains can combine to form new jurisdictional domains, (e.g., through bilateral,
multilateral and/or international treaties).
EXAMPLE The European Union (EU), NAFTA, WTO, WCO, ICAO, WHO, Red Cross, the ISO, the IEC, the ITU, etc.
Note 3 to entry: Several levels and categories of jurisdictional domains may exist within a jurisdictional domain.
Note 4 to entry: A jurisdictional domain may impact aspects of the commitment(s) made as part of a business
transaction including those pertaining to the making, selling, transfer of goods, services and/or rights (and
resulting liabilities) and associated information. This is independent of whether such an interchange of
commitments is conducted on a for-profit or not-for-profit basis and/or includes monetary values.
Note 5 to entry: Laws, regulations, directives, etc., issued by a jurisdictional domain and are considered as parts
of that jurisdictional domain and are the primary sources of external constraints on business transactions.
[SOURCE: ISO/IEC ISO/IEC 15944-5:2008, 3.67, modified – Note 2 to entry and the EXAMPLE have been
separated.]
3.30
Open-edi
electronic data interchange (3.21) among multiple autonomous Persons (3.39) to accomplish an explicit
shared business (3.2) goal according to Open-edi standards (3.33)
[SOURCE: ISO/IEC 14662:2010, 3.14]
6 © ISO/IEC 2020 – All rights reserved

3.31
Open-edi party
OeP
Person (3.39) that participates in Open-edi (3.30)
Note 1 to entry: Often referred to generically in this and other eBusiness standards (e.g. parts of the ISO/IEC 15944
multipart "eBusiness" standard) as "party" or "parties" for any entity modelled as a Person as playing a role in
Open-edi scenarios.
[SOURCE: ISO/IEC 14662:2010, 3.17]
3.32
Open-edi scenario
OeS
formal specification of a class of business transactions (3.4) having the same business (3.2) goal
[SOURCE: ISO/IEC 14662:2010, 3.18]
3.33
Open-edi standard
standard that complies with the Open-edi reference model
[SOURCE: ISO/IEC 14662:2010, 3.19]
3.34
Open-edi support infrastructure
OeSI
model of the set of functional capabilities for Open-edi systems (3.35) which, when taken together
with the decision-making applications (3.19), allows Open-edi parties (3.31) to participate in Open-edi
transactions (3.36)
[SOURCE: ISO/IEC 14662:2010, 3.20]
3.35
Open-edi system
information technology system (3.27) which enables an Open-edi party (3.31) to participate in Open-edi
transactions (3.36)
[SOURCE: ISO/IEC 14662:2010, 3.22]
3.36
Open-edi transaction
business transaction (3.4) that is in compliance with an Open-edi scenario (3.32)
[SOURCE: ISO/IEC 14662:2010, 3.23]
3.37
organization
unique framework of authority within which a person or persons act, or are designated to act, towards
some purpose
Note 1 to entry: The kinds of organizations covered by this document include the following examples:
EXAMPLE 1 An organization incorporated under law.
EXAMPLE 2 An unincorporated organization or activity providing goods and/or services, including:
1) partnerships;
2) social or other non-profit organizations or similar bodies in which ownership or control is vested in a group
of individuals;
3) sole proprietorships;
© ISO/IEC 2020 – All rights reserved 7

4) governmental bodies.
EXAMPLE 3 Groupings of the above types of organizations where there is a need to identify these in
information interchange.
[SOURCE: ISO/IEC 15944-1:2011, 3.44]
3.38
party
natural person or legal person, whether or not incorporated, or a group of either
[SOURCE: ISO/IEC 17788:2014, 3.1.6]
3.39
Person
entity, i.e. a natural or legal person, recognized by law as having legal rights and duties, able to make
commitment(s) (3.16), assume and fulfil resulting obligation(s), and able to be held accountable for its
action(s)
Note 1 to entry: Synonyms for "legal person" include "artificial person", "body corporate", etc., depending on the
terminology used in competent jurisdictions.
Note 2 to entry: Person is capitalized to indicate that it is being utilized as formally defined in the standards and
to differentiate it from its day-to-day use.
Note 3 to entry: Minimum and common external constraints applicable to a business transaction often require
one to differentiate among three common sub-types of Person, namely " individual", "organization", and "public
administration".
[SOURCE: ISO/IEC 14662:2010, 3.24]
3.40
public administration
entity, i.e., a Person (3.39), which is an organization (3.37) and has the added attribute of being
authorized to act on behalf of a regulator (3.42)
[SOURCE: ISO/IEC 15944-1:2011, 3.54]
3.41
recorded information
any information that is recorded on or in a medium irrespective of form, recording medium or
technology used, and in a manner allowing for storage and retrieval
Note 1 to entry: This is a generic definition and is independent of any ontology (e.g., those of "facts" versus "data"
versus "information" versus "intelligence" versus "knowledge", etc.).
Note 2 to entry: Through the use of the term "information", all attributes of this term are inherited in this
definition.
Note 3 to entry: This definition covers: i) any form of recorded information, means of recording, and any
medium on which information can be recorded; and ii) all types of recorded information including all data types,
instructions or software, databases, etc.
[SOURCE: ISO/IEC 15944-1:2011, 3.56]
3.42
regulator
Person (3.39) who has authority to prescribe external constraints (3.22) which serve as principles,
policies or rules (3.45) governing or prescribing the behaviour of Persons involved in a business
transaction (3.4) as well as the provisioning of goods, services, and/or rights interchanged
[SOURCE: ISO/IEC 15944-1:2011, 3.59]
8 © ISO/IEC 2020 – All rights reserved

3.43
reversibility
process for cloud service customer (3.9) to retrieve their cloud service customer data (3.10) and
application artefacts and for the cloud service provider (3.13) to delete all cloud service customer data as
well as contractually specified cloud service derived data (3.11) after an agreed period
[SOURCE: ISO/IEC 17788:2014, 3.2.35]
3.44
role
specification which models an external intended behaviour (as allowed within a scenario) of an Open-
edi Party (3.31)
[SOURCE: ISO/IEC 14662:2010, 3.25]
3.45
rule
statement governing conduct, procedure, conditions and relations
Note 1 to entry: Rules specify conditions that must be complied with. These may include relations among objects
and their attributes.
Note 2 to entry: Rules are of a mandatory or conditional nature.
Note 3 to entry: In Open-edi, rules formally specify the commitment(s) and role(s) of the parties involved, and
the expected behaviour(s) of the parties involved as seen by other parties involved in (electronic) business
transactions. Such rules are applied to: a) content of the information flows in the form of precise and computer-
processable meaning, i.e. the semantics of data; and (b) the order and behaviour of the information flows
themselves.
Note 4 to entry: Rules must be clear and explicit enough to be understood by all parties to a business transaction.
Rules also must be capable of being able to be specified using a formal description technique(s) (FDTs).
EXAMPLE A current and widely used FDT is "unified modelling language (UML)".
Note 5 to entry: Specification of rules in an Open-edi business transaction should be compliant with the
requirements of ISO/IEC 15944-3.
[SOURCE: ISO/IEC 15944-2:2015, 3.101]
3.46
seller
Person (3.39) who aims to hand over voluntarily or in response to a demand, a good, service, and/or
right to another Person (3.39) and in return receives an acceptable equivalent value, usually in money,
for the good, service, and/or right provided
[SOURCE: ISO/IEC 15944-1:2011, 3.62]
3.47
semantic component
SC
unit of recorded information (3.41) unambiguously defined in the context of the business (3.2) goal of the
business transaction (3.4)
Note 1 to entry: A SC may be atomic or composed of other SCs.
[SOURCE: ISO/IEC 14662:2010, 3.27]
© ISO/IEC 2020 – All rights reserved 9

3.48
service level agreement
SLA
documented agreement between the service provider and customer that identifies services and
service targets
Note 1 to entry: A service level agreement can also be established between the service provider and a supplier, an
internal group or a customer acting as a supplier.
Note 2 to entry: A service level agreement can be included in a contract or another type of documented agreement.
[SOURCE: ISO/IEC 17788:2014, 3.1.7]
3.49
third party
Person (3.39) besides the two primarily concerned in a business transaction (3.4) who is agent (3.1) of
neither and who fulfils a specified role (3.44) or function as mutually agreed to by the two primary
Persons or as a result of external constraints (3.22)
Note 1 to entry: It is understood that more than two Persons can at times be primary parties in a business
transaction.
[SOURCE: ISO/IEC 15944-1:2011, 3.65]
3.50
under the control of
set of requirements on an organization (3.37), especially those of external constraint (3.22) nature, i.e.,
privacy protection and related information law requirements, requiring full and complete information
life cycle management (ILCM) of personal information as set(s) of recorded information (3.41) (SRIs)
related to the agreed upon goal of the instantiated business transaction (3.4), including state changes
to the content of the SRIs with respect to their creation/collection, recording processing, organization,
storage, use, retrieval, disclosure, retrieval, aggregation, dissemination, disposition (including
expungement), electronic data interchange (EDI) (3.21), etc., and in particular that of any and all state
changes in the decision-making application (DMAs) (3.19) of the organization and any of its agents (3.1)
and/or third parties (3.48) (as well as any other parties) to the business transaction
Note 1 to entry: The fact that a Person responsible for the control of a SRI(s), especially SPI(s), delegates or
contracts out physical custody of the SRI(s) to an agents or third party does not take away from the responsibility
of that Person for ensuring ILCM management aspects in support of privacy protection requirements remain
fully supported and executed.
Note 2 to entry: If and where a disposition or expungement of SPIs pertaining to a business transaction involves
the transfer of the related SPIs to another organization the applicable ILCM requirements of a privacy protection
nature continue to apply to the organization to which the SPIs are being transferred to.
[SOURCE: ISO/IEC 15944-12:2020, 3.142]
4 Abbreviated terms
CCRA cloud computing reference architecture
FBM Fact-based modelling
HIE human interface equivalent
ICT information communications technology
ILCM information life cycle management
10 © ISO/IEC 2020 – All rights reserved

ORM object-role modelling
SPI set of personal information
SRI set of recorded information
5 Brief summary of Open-edi reference model
5.1 Open-edi reference model overview
Open-edi is defined as electronic data interchange (EDI) among multiple autonomous Persons to
accomplish an explicit shared business goal" according to Open-edi standards.The characteristics by
which Open-edi is recognized and defined are:
— actions based on following predefined rules;
— commitment of the parties involved;
— communications among parties are automated;
— parties control and maintain their s
...