New standards for cloud computing

The International Organisation for Standardisation (ISO) has released two new standards for cloud computing, in order to bring order to chaos.

There are two standards which have been released by ISO on October 15th; the ISO/IEC 17788, a 16 page overview,Cloud computing – Overview and vocabulary, provides definitions of common cloud computing terms, including those for cloud service categories such as Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). It also specifies the terminology for cloud deployment models such as “public” and “private” cloud. More technical in nature,, and the ISO/IEC 17789, Cloud computig – Reference architecture, contains diagrams and descriptions of how the various aspects of cloud computing relate to one another..

National Institute of Standards and Technology (NIST), defines cloud computing as "a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources...that can be rapidly provisioned and released with minimal management effort or service provider interaction."

As opposed to the NIST ruling which only proffers platform as a service, software as a service and infrastructure as a service, the ISO ruling has seven distinct cloud service categories, including network as a service (NaaS) and data storage as a service (DSaaS). Similarly, ISO expands on NIST’s 2011 definition on cloud deployment models, adding community cloud to public, private and hybrid.

We are expecting at the end of 2015 some complimentary guidelines, for the hot issue of cloud security, as described on ISO/IEC CD 27017 Code of practice for information security controls based on ISO/IEC 27002 for cloud computing services. Until then, drop a comment as to what you consider a security challenge for cloud services.