ETSI delivers its cloud standards roadmap to the European Commission

Share

In my article on how standardization can unleash the Cloud’s potential in Europe (in French), I talked about the European Commission’s new strategy for harnessing the Cloud in Europe. Among the various measures announced, the European Commission asked the European Telecommunications Standards Institute (ETSI) to provide a roadmap for cloud computing standards (especially related to interoperability, portability and data security).

In this post, I will present the results of ETSI’s report. According to the organization, the cloud-standards landscape is complex but not chaotic, and by no means a jungle.

cloud standards: complex but not a jungle, according to ETSI

In September 2012, the European Commission published its new cloud strategy with a set of measures expected to create 2.5 million new jobs in Europe and contribute €160 billion to the European Union’s GDP by 2020. One of the key measures laid out by the Commission to unleash the Cloud’s potential in Europe is to “cut through the jungle of standards.” In this context, ETSI launched a “Cloud Standard Coordination” committee, which published its first report in November 2013. The report was delivered on December 11, 2013 in Brussels at a joint seminar organized by the European Commission and ETSI. Over 100 cloud experts were in attendance.

The final report starts with a definition of the term "party" and the various roles involved in cloud computing, namely the Cloud Service Provider, Cloud Service Customer, Cloud Service Partner and government authority. Focusing on these roles, the report analyzes more than 100 use cases and a host of associated activities.

numerous standards likely within the next 12-18 months

The report combines a list of activities defined through use cases with 150 documents already published by 20 cloud-standards organizations. In these documents, the number of standards and technical specifications currently in effect remains relatively low. However, the report also makes clear that a large number of cloud standards are currently in preparation. These new standards should be released within 12-18 months.

gaps identified in terms of portability and cloud terminology

The report also identified gaps in the following areas:

  1. interoperability and data portability: To avoid vendor lock-in, the report underlines that management interfaces, particularly for IaaS, are maturing. However, management specifications for PaaS and SaaS need more work. There are many proprietary and open-source solutions, but very few standards

  2. data security and privacy: These are important issues for cloud customers. According to the report, security and privacy standards that are useful and reusable are already available. However, the development of new specifications relating to cloud security will first require a common vocabulary.

  3. Service-Level Agreements (SLA): The main standardization requirements for SLA are:
  • creating a common terminology for information security and privacy
  • identifying customer expectations concerning SLA, namely in terms of content, terms, responsibilities, guarantees, service quality, etc
  • establishing an associated set of metrics

Various efforts are ongoing in this area, but the report stresses how important it is for cloud service providers to adopt these SLA.

  1. law and governance: The report views the legal environment for cloud computing as a major obstacle to wider use of this new way to deliver services. In fact, given the global nature of the Cloud and its potential to transcend national borders, a standard is needed to outline an international governance framework in this area.

According to Neelie Kroes, European Commissioner in charge of digital strategy, this report’s publication contributes to the Commission’s goal of creating a single market for cloud computing.

In this context, standards and certification can play a key role in this market’s future development. They will help public and private stakeholders build secure and interoperable cloud infrastructure, while establishing a relationship of trust between cloud suppliers and customers.

Jamil Chawki

In collaboration with Olivier Le Grand

photo credit: © pict rider - Fotolia.com

Jamil Chawki
Since 2008, I have coordinated cloud standardization activities at Orange Labs. I worked for 10 years developing optic and Internet networks at France Telecom, taking part in 2006 in the development of SaaS activities for 2.0 companies. I also managed a telecom operator in Lebanon, where I introduced an online billing service in 2001. I’m currently head of the work group on cloud standardization at UIT-T and ISO IEC JTC1.