ISO/IEC 17789:2014
(Amendment)Information technology — Cloud computing — Reference architecture
Information technology — Cloud computing — Reference architecture
ISO/IEC 17789:2014 specifies the cloud computing reference architecture (CCRA). The reference architecture includes the cloud computing roles, cloud computing activities, and the cloud computing functional components and their relationships.
Technologies de l'information — Informatique en nuage — Architecture de référence
General Information
Standards Content (sample)
INTERNATIONAL ISO/IEC
STANDARD 17789
First edition
2014-10-15
Information technology — Cloud
computing — Reference architecture
Technologies de l'information — Informatique en nuage — Architecture
de référence
Reference number
ISO/IEC 17789:2014(E)
ISO/IEC 2014
---------------------- Page: 1 ----------------------
ISO/IEC 17789:2014(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2014
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any
means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission.
Permission can be requested from either ISO at the address below or ISO’s member body in the country of the requester.
ISO copyright officeCase postale 56 CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO/IEC 2014 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC 17789:2014 (E)
CONTENTS
Page
1 Scope .............................................................................................................................................................. 1
2 Normative references...................................................................................................................................... 1
2.1 Identical Recommendations | International Standards ........................................................................ 1
2.2 Additional references .......................................................................................................................... 1
3 Definitions ...................................................................................................................................................... 1
3.1 Terms defined elsewhere ..................................................................................................................... 1
3.2 Terms defined in this Recommendation | International Standard ........................................................ 1
4 Abbreviations ................................................................................................................................................. 2
5 Conventions .................................................................................................................................................... 2
6 Cloud computing reference architecture goals and objectives........................................................................ 3
7 Reference architecture concepts ..................................................................................................................... 4
7.1 CCRA architectural views ................................................................................................................... 4
7.2 User view of cloud computing ............................................................................................................ 5
7.3 Functional view of cloud computing ................................................................................................... 7
7.4 Relationship between the user view and the functional view .............................................................. 8
7.5 Relationship of the user view and functional view to cross-cutting aspects........................................ 8
7.6 Implementation view of cloud computing ........................................................................................... 9
7.7 Deployment view of cloud computing ................................................................................................ 9
8 User view ........................................................................................................................................................ 9
8.1 Introduction to roles, sub-roles and cloud computing activities .......................................................... 9
8.2 Cloud service customer ....................................................................................................................... 10
8.3 Cloud service provider ........................................................................................................................ 14
8.4 Cloud service partner .......................................................................................................................... 21
8.5 Cross-cutting aspects ........................................................................................................................... 23
9 Functional view .............................................................................................................................................. 29
9.1 Functional architecture ........................................................................................................................ 29
9.2 Functional components ....................................................................................................................... 30
10 Relationship between the user view and the functional view ......................................................................... 38
10.1 General ................................................................................................................................................ 38
10.2 Overview ............................................................................................................................................. 38
Annex A – Further details regarding the user view and functional view ................................................................... 44
A.1 The cloud service customer–cloud service provider relationship ........................................................ 44
A.2 The provider–peer provider (or "inter-cloud") relationship ................................................................ 47
A.3 The cloud service developer–cloud service provider relationship ....................................................... 50
A.4 The cloud service provider–Auditor relationship ................................................................................ 51
Bibliography .............................................................................................................................................................. 53
Rec. ITU-T Y.3502 (08/2014) iii---------------------- Page: 3 ----------------------
ISO/IEC 17789:2014(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are members of
ISO or IEC participate in the development of International Standards through technical committees
established by the respective organization to deal with particular fields of technical activity. ISO and IEC
technical committees collaborate in fields of mutual interest. Other international organizations, governmental
and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information
technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of the joint technical committee is to prepare International Standards. Draft International
Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as
an International Standard requires approval by at least 75 % of the national bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
ISO/IEC 17789 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 38, Distributed application platforms and services (DAPS), in collaboration with ITU-T. The
identical text is published as ITU-T Rec. Y.3502 (08/2014).iv © ISO/IEC 2014 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/IEC 17789:2014 (E)
INTERNATIONAL STANDARD
RECOMMENDATION ITU-T
Information technology – Cloud computing – Reference architecture
1 Scope
This Recommendation | International Standard specifies the cloud computing reference architecture (CCRA). The
reference architecture includes the cloud computing roles, cloud computing activities, and the cloud computing
functional components and their relationships.2 Normative references
The following Recommendations and International Standards contain provisions which, through reference in this text,
constitute provisions of this Recommendation | International Standard. At the time of publication, the editions indicated
were valid. All Recommendations and Standards are subject to revision, and parties to agreements based on this
Recommendation | International Standard are encouraged to investigate the possibility of applying the most recent edition
of the Recommendations and Standards listed below. Members of IEC and ISO maintain registers of currently valid
International Standards. The Telecommunication Standardization Bureau of the ITU maintains a list of currently valid
ITU-T Recommendations.2.1 Identical Recommendations | International Standards
– Recommendation ITU-T Y.3500 (2014) | ISO/IEC 17788:2014, Information technology – Cloud
computing – Overview and vocabulary.2.2 Additional references
– ISO/IEC 29100:2011, Information technology – Security techniques – Privacy framework.
3 DefinitionsFor the purposes of this Recommendation | International Standard, the terms and definitions in Rec. ITU-T Y.3500 |
ISO/IEC 17788 and the following definitions apply.3.1 Terms defined elsewhere
The following term is defined in ISO/IEC/IEEE 42010:
3.1.1 architecture: Fundamental concepts or properties of a system in its environment embodied in its elements,
relationships and in the principles of its design and evolution.The following term is defined in ISO/IEC 29100:
3.1.2 personally identifiable information (PII): Any information that (a) can be used to identify the PII principal
to whom such information relates, or (b) is or might be directly or indirectly linked to a PII principal.
NOTE – To determine whether a PII principal is identifiable, account should be taken of all the means which can reasonably be
used by the privacy stakeholder holding the data, or by any other party, to identify that natural person.
3.2 Terms defined in this Recommendation | International StandardThis Recommendation | International Standard defines the following terms:
3.2.1 activity: A specified pursuit or set of tasks.
3.2.2 cloud service product: A cloud service, allied to the set of business terms under which the cloud service is
offered.NOTE – Business terms can include pricing, rating and service levels.
3.2.3 functional component: A functional building block needed to engage in an activity (clause 3.2.1), backed by
an implementation.Rec. ITU-T Y.3502 (08/2014) 1
---------------------- Page: 5 ----------------------
ISO/IEC 17789:2014 (E)
3.2.4 peer cloud service: A cloud service of one cloud service provider which is used as part of a cloud service of
one or more other cloud service providers.3.2.5 peer cloud service provider: A cloud service provider who provides one or more cloud services for use by
one or more other cloud service providers as part of their cloud services.3.2.6 product catalogue: A listing of all the cloud service products (clause 3.2.2) which cloud service providers
make available to cloud service customers.3.2.7 role: A set of activities (clause 3.2.1) that serves a common purpose.
3.2.8 service catalogue: A listing of all the cloud services of a particular cloud service provider.
3.2.9 sub-role: A subset of the activities (clause 3.2.1) of a given role (clause 3.2.7).
4 AbbreviationsFor the purposes of this Recommendation | International Standard, the following abbreviations apply:
API Application Programming InterfaceCaaS Communications as a Service
CCRA Cloud Computing Reference Architecture
CPU Central Processing Unit
CS Cloud Service
CSC Cloud Service Customer
CSN Cloud Service partner
CSP Cloud Service Provider
IaaS Infrastructure as a Service
ICT Information and Communication Technology
KPI Key Performance Indicator
MSA Master Service Agreement
NaaS Network as a Service
PaaS Platform as a Service
PII Personally Identifiable Information
QoS Quality of Service
RAM Random Access Memory
SaaS Software as a Service
SLA Service Level Agreement
ToS Terms of Service
T&C Terms and Conditions
VLAN Virtual Local Area Network
VPN Virtual Private Network
VM Virtual Machine
5 Conventions
The following conventions apply:
1) Diagrams are used throughout this Recommendation | International Standard to help illustrate the CCRA.
Figure 5-1 provides the conventions used regarding the content of the diagrams.NOTE – In Figure 5-1, "Aspect" is to be understood as referring to "Cross-cutting aspect".
2 Rec. ITU-T Y.3502 (08/2014)---------------------- Page: 6 ----------------------
ISO/IEC 17789:2014 (E)
Figure 5-1 – Legend to the diagrams used throughout
this Recommendation | International Standard
2) This CCRA uses the term "ICT" and "ICT systems", where the abbreviation ICT stands for "information
and communication technology", as defined in clause 3.1332 of ISO/IEC/IEEE 24765. This term is used
to make it clear that the CCRA covers not only the compute and storage technologies associated with
computer systems, but also the communication networks that link systems together.
3) References to terms defined in clause 3 and in Rec. ITU-T Y.3500 | ISO/IEC 17788 are shown in bold.
6 Cloud computing reference architecture goals and objectivesCloud computing is a paradigm for enabling network access to a scalable and elastic pool of shareable physical or virtual
resources with self-service provisioning and administration on demand. See Rec. ITU-T Y.3500 | ISO/IEC 17788.
The CCRA presented in this Recommendation | International Standard provides an architectural framework that is
effective for describing the cloud computing roles, sub-roles, cloud computing activities, cross-cutting aspects, as well
as the functional architecture and functional components of cloud computing.The CCRA serves the following goals:
• to describe the community of stakeholders for cloud computing;
• to describe the fundamental characteristics of cloud computing systems;
• to specify basic cloud computing activities and functional components, and describe their relationships
to each other and to the environment;• to identify principles guiding the design and evolution of the CCRA.
The CCRA supports the following important standardization objectives:
• to enable the production of a coherent set of international standards for cloud computing;
• to provide a technology-neutral reference point for defining standards for cloud computing;
• to encourage openness and transparency in the identification of cloud computing benefits and risks.
The CCRA focuses on the requirements of "what" cloud services provide and not on "how to" design cloud-based
solutions and implementations. The CCRA does not represent the system architecture of a specific cloud computing
system, although it could put constraints on a specific system. The CCRA is not tied to any specific vendor products,
services or reference implementation; nor does it define prescriptive solutions that inhibit innovation.
The CCRA is also intended to:• facilitate the understanding of the operational intricacies of cloud computing;
• illustrate and provide understanding of various cloud services and their provisioning and use;
• provide a technical reference to enable the international community to understand, discuss, categorize and
compare cloud services;• be a tool for describing, discussing, and for developing a system-specific architecture using a common
framework of reference;• facilitate the analysis of candidate standards in areas including security, interoperability, portability,
reversibility, reliability and service management, and support analysis of reference implementations.
Rec. ITU-T Y.3502 (08/2014) 3---------------------- Page: 7 ----------------------
ISO/IEC 17789:2014 (E)
7 Reference architecture concepts
This Recommendation | International standard defines a CCRA that can serve as a fundamental reference point for cloud
computing standardization and which provides an overall framework for the basic concepts and principles of a cloud
computing system.This clause provides an overview of the architectural approaches that are used in this Recommendation | International
standard.7.1 CCRA architectural views
Cloud computing systems can be described using a viewpoint approach.
Four distinct viewpoints are used in the CCRA (see Figure 7-1):
• user view;
• functional view;
• implementation view; and
• deployment view.
Figure 7-1 – Transformations between architectural views
Table 7-1 provides a description of each of these views.
Table 7-1 – CCRA views
CCRA view Description of the CCRA view Scope
User view The system context, the parties, the roles, the sub-roles and Within scope
the cloud computing activitiesFunctional view The functions necessary for the support of cloud computing Within scope
activitiesImplementation view The functions necessary for the implementation of a cloud Out of scope
service within service parts and/or infrastructure partsDeployment view How the functions of a cloud service are technically Out of scope
implemented within already existing infrastructure elements orwithin new elements to be introduced in this infrastructure
NOTE – While details of the user view and functional view are addressed within this Recommendation | International Standard,
the implementation and deployment views are related to technology and vendor-specific cloud computing implementations and
actual deployments, and are therefore out of the scope of this Recommendation | International Standard.
Figure 7-2 shows the transition from the user view to the functional view. Details are presented in clause 7.4.
4 Rec. ITU-T Y.3502 (08/2014)---------------------- Page: 8 ----------------------
ISO/IEC 17789:2014 (E)
Party
Aspect
Multi-layer
Role
Functional
Layer
functions
component
Role
Functional
Layer
component
Sub-role Sub-role Functional
component
Functional
Layer
Activity
Activity
component
Activity
Activity
User view Functional view
Y.3502(14)_F7-2
Figure 7-2 – Transition from user view to functional view
7.2 User view of cloud computing
The user view addresses the following cloud computing concepts:
• cloud computing activities;
• roles and sub-roles;
• parties;
• cloud services;
• cloud deployment models;
• cross-cutting aspects.
Figure 7-3 illustrates the entities that are defined for the user view.
Party
Aspect
Role
Role
Sub-role Sub-role
Activity
Activity
Activity
Activity
Y.3502(14)_F7-3
Figure 7-3 – User view entities
7.2.1 Cloud computing activities
A cloud computing activity is defined as a specified pursuit or set of tasks.
Cloud computing activities need to have a purpose and deliver one or more outcomes.
Activities in a cloud computing system are conducted using functional components (see clause 7.3.1).
Cloud computing activities are identified and described in more detail in clause 8.
Rec. ITU-T Y.3502 (08/2014) 5---------------------- Page: 9 ----------------------
ISO/IEC 17789:2014 (E)
7.2.2 Roles and sub-roles
A role is a set of cloud computing activities that serve a common purpose.
In the CCRA, three roles have been defined:
• cloud service customer (CSC): A party which is in a business relationship for the purpose of using cloud
services.• cloud service provider (CSP): A party which makes cloud services available.
• cloud service partner (CSN): A party which is engaged in support of, or auxiliary to, activities of either
the cloud service provider or the cloud service customer, or both.A sub-role is a subset of the cloud computing activities for a given role.
Different sub-roles can share the cloud computing activities associated with a given role.
Descriptions of the cloud computing roles and sub-roles are provided in clause 8.
7.2.3 PartiesA party is a natural person or legal person, whether or not incorporated, or a group of either. Parties in a cloud computing
system are its stakeholders.A party can assume more than one role at any given point in time and can engage in a specific subset of activities of that
role. Examples of parties include, but are not limited to, large corporations, small and medium sized enterprises,
government departments, academic institutions and private citizens.7.2.4 Cloud services
Cloud services are the essential elements of cloud computing. Cloud services are covered in Rec. ITU-T Y.3500 |
ISO/IEC 17788. This clause provides a summary.Cloud services can be described in terms of the cloud capabilities types which they offer, based on the resources
provided by the cloud service. There are three cloud capabilities types:• application capabilities type;
• platform capabilities type;
• infrastructure capabilities type.
Cloud capabilities types and cloud service categories are covered in Rec. ITU-T Y.3500 | ISO/IEC 17788.
Cloud services are also grouped into categories, where each category is a group of cloud services that possess a common
set of qualities. The services in these categories can include capabilities from one or more of the cloud capabilities types
above.Representative cloud service categories include:
• Infrastructure as a service (IaaS);
• Platform as a service (PaaS);
• Software as a service (SaaS);
• Network as a service (NaaS).
Other cloud service categories are described in Rec. ITU-T Y.3500 | ISO/IEC 17788.
7.2.5 Cloud deployment modelsCloud deployment models are covered in Rec. ITU-T Y.3500 | ISO/IEC 17788. This clause provides a summary.
Cloud deployment models are a way in which cloud computing can be organized based on the control and sharing of
physical or virtual resources.The cloud deployment models include:
• public cloud;
• private cloud;
• community cloud;
• hybrid cloud.
6 Rec. ITU-T Y.3502 (08/2014)
---------------------- Page: 10 ----------------------
ISO/IEC 17789:2014 (E)
7.2.6 Cross-cutting aspects
Cross-cutting aspects are behaviours or capabilities which need to be coordinated across roles and implemented
consistently in a cloud computing system.Cross-cutting aspects can be shared and can impact multiple roles, cloud computing activities and functional
components.Cross-cutting aspects apply to multiple individual roles or functional components.
An example of a cross-cutting aspect is security.A description of the cross-cutting aspects is provided in clause 8.5.
7.3 Functional view of cloud computing
The functional view is a technology-neutral view of the functions necessary to form a cloud computing system. The
functional view describes the distribution of functions necessary for the support of cloud computing activities.
The functional architecture also defines the dependencies between functions.The functional view addresses the following cloud computing concepts:
• functional components;
• functional layers; and
• multi-layer functions.
Figure 7-4 illustrates the concepts of functions, layers and functional components.
Multi-layerFunctional
Layer
functions
component
Functional
Layer
component
Functional
component
Functional
Layer
component
Y.3502(14)_F7-4
Figure 7-4 – Functional layering
The cloud computing functional architecture is described in clause 9.1.
7.3.1 Functional components
A functional component is a functional building block needed to engage in an activity, backed by an implementation.
The capabilities of a cloud computing system are fully defined by the set of implemented functional components.
Functional components are further described in clause 9.2.7.3.2 Functional layers
A layer is a set of functional components that provide similar capabilities or serve a common purpose.
The functional architecture is partially layered (i.e., has layers and a set of multi-layer functions).
There are four distinct layers defined in the CCRA:• user layer, which includes functional components that support the cloud computing activities of cloud
service customers and cloud service partners;• access layer, which includes functional components that facilitate function distribution and
interconnection;• service layer, which includes functional components that provide the cloud services themselves plus
related administration and business capabilities, and the orchestration capabilities necessary to realize
them;Rec. ITU-T Y.3502 (08/2014) 7
---------------------- Page: 11 ----------------------
ISO/IEC 17789:2014 (E)
• resource layer, which includes the functional components that represent the resources needed to
implement the cloud computing system.Note that not all layers or functional components are necessarily instantiated in a specific cloud computing system.
7.3.3 Multi-layer functionsThe multi-layer functions include functional components that provide capabilities that are used across multiple
functional layers.Multi-layer functions are grouped into subsets.
The following subsets of multi-layer functions are defined:
• development support;
• integration;
• security systems;
• operational support systems;
• business support systems.
Functional components of the multi-layer functions are described in clause 9.2.5.
7.4 Relationship between the user view and the functional viewFigure 7-5 illustrates how the user view provides the set of cloud computing activities that are represented within the
functional view (and realized using the technologies of the implementation view).
Role Multi-layerFunctional
Layer
functions
component
Activity
Functional
Layer
component
Functional
Activity
component
Functional
Layer
component
User view Functional view
Y.3502(14)_F7-5
Figure 7-5 – From user view to functional view
Further details on the relationship between the user view and functional view can be found in clause 10.
7.5 Relationship of the user view and functional view to cross-cutting aspectsCross-cutting aspects, as their name implies, apply across both the user view and across the functional view of cloud
computing.Cross-cutting aspects apply to roles and sub-roles in the user view and they directly or indirectly affect the activities
which those roles perform.Cross-cutting aspects also apply to the functional components within the functional view, which are used when
performing the activities described in the user view.Cross-cutting aspects of cloud computing described in clause 8.5 include:
• auditability;
• availability;
• governance;
• interoperability;
• maintenance and versioning;
8 Rec. ITU-T Y.3502 (08/2014)
---------------------- Page: 12 ----------------------
ISO/IEC 17789:2014 (E)
• performance;
• portability;
• protection of personally identifiable information;
• regulatory;
• resiliency;
• reversibility;
• security;
• service levels and service level agreement.
7.6 Implementation view of cloud computing
While details of the user view and functional view are addressed within this Recommendation | International Standard,
the implementation view is out of the scope of this Recommendation | International Standard.
7.7 Deployment view of cloud computingWhile details of the user view and functional view are addressed within this Recommendation | International Standard,
the deployment view is out of the scope of this Recommendation | International Standard.
8 User view8.1 Introduction to roles, sub-roles and cloud computing activities
Given that distributed services and their delivery are at the core of cloud computing, all cloud computing related
activities can be categorized into three main groups: activities that use services, activities that provide services and
activities that support services.This clause contains descriptions of some of the common roles and sub-roles associated with cloud computing.
It is important to note that a party can play more than one role at any given point in time. When playing a role, the party
can restrict itself to playing one or more sub-roles. Sub-roles are a subset of the cloud computing activities of a given
role.As shown in Figure 8-1, the roles of cloud computing are:
• cloud service customer (clause 8.2);
• cloud service provider (clause 8.3);
• cloud service partner (clause 8.4).
Figure 8-1 – Cloud computing roles
Figure 8-2 shows the roles of cloud computing, with their associated sub-roles. Each of the sub-roles shown in the
figure is described in more detail in the following clauses.Rec. ITU-T Y.3502 (08/2014) 9
---------------------- Page: 13 ----------------------
ISO/IEC 17789:2014 (E)
Figure 8-2 – Roles and sub-roles
8.2 Cloud service customer
8.2.1 Role
A cloud service customer (CSC) has a business relationship with a cloud service provider for the purpose of using
cloud services. A cloud service customer can also have a business relationship with a cloud service partner for a variety
of purposes.A cloud service customer's activities are included beneath the sub-roles described in clauses 8.2.1.1 to 8.2.1.4.
8.2.1.1 CSC:cloud service userThe CSC:cloud service user i
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.