Analysing the maturation of standards in European cloud computing
In September 2012, the European Union released its “Unleashing the Potential of Cloud Computing in Europe” document, aiming for a yearly 160bn Euro (£127.6bn) boost to the European GDP by 2020 and a gain of 2.5m by the rollout of cloud.
A full 15 months later, the response by the European Telecommunications Standards Institute (ETSI) was published. The ‘Cloud Standards Coordination’ report, requested by the European Commission, aimed to analyse Commission VP Neelie Kroes’ opinion there was a “jungle of technical standards.”
ETSI asserted that cloud standardisation was “much more focused tha[n] anticipated” and added the landscape was “complex but not chaotic.”
The executive summary outlined the state of play in the key areas. Important gaps in standards had been identified, with new standards encouraged, whilst the legal environment for cloud computing remains “highly challenging.”
ETSI believes cloud standardisation will mature in the next 18 months.
“Though several cloud computing standards have seen successful adoption in small-scale and research projects, cloud computing-specific standards [have] not seen widespread adoption by cloud providers to date,” the report states.
“Adoption may be encouraged if mechanisms are found for domain-specific stakeholders to agree on shared vocabularies and formal definitions that are machine readable,” it adds.
Digging deeper into the report, ETSI pushed for true interoperability in cloud computing, although accepting it is a “significant challenge” for now.
“A truly interoperable cloud will encourage potential cloud customers to on-board, safe in the knowledge that they can change providers, or use multiple providers, without significant challenges or effort,” the report explains, adding: “This will expand the size of markets in which cloud providers operate.”
It was a similar story with regard to SLAs, which the researchers argue is one of the quicker-maturing aspects of cloud. Despite this, the report reiterates four key features of a good SLA; an agreement which is well-defined, has appropriate and discernible limits, correlates to business value and can be compared to other metrics.
The researchers argue: “It is important that each service level target uses such consistent terminology and also has commonly understood metrics, so that the cloud service customer can understand what is being claimed for the cloud service and relate the claims to their own requirements.”
Vendor lock-in, once the scourge of companies moving to the cloud, is no longer the threat it once was, yet there’s still a long path to go for full interoperability.
Not surprisingly security remains a top-of-mind issue, yet the report clarifies this by arguing the bigger issue is one of “building trust and confidence in cloud computing services.”
Whether this comes after the NSA PRISM scandal, where the reputation of US cloud vendors in particular took a hit, is not mentioned. However the more specific worry is the lack of responsibility taken by vendors and customers regarding data. When something goes wrong, it’s easier to blame the other guy.
The report briefly notes the threat of natural disasters against cloud computing in a laissez-faire manner, naturally given there’s not a lot which can be done about it. Yet one thing which can be assessed is the role of standards.
“Current international security standards, such as the ISO/IEC 27000 series, are already widely used by global cloud providers, and increasingly used by smaller providers,” the researchers write.
“New standards and certification schemes, including cloud-specific ones, are also being developed and brought into use, with the explicit intent of encouraging and further illuminating good practice by providers, in a form that is comprehensible to current and potential future cloud customers,” it adds.
All in all, the report concludes there has been progress since 2012, in what is a “very dynamic industry segment.” The report advises: “Cloud standards need to be flexible enough to allow each provider’s unique selling points to be advertised and consumed”, while adding that cloud interoperability was being actively developed yet lacking definition.
It’s difficult to put into context plans which have 2020 as its launch date – but it’s only six years away. Even though it took 15 months for ETSI to deliver its response – which you can read in full here – progress has been made in interoperability, SLAs and security.
The institute infers that another progress report, or “snapshot” should hit the stands in 12-18 months - in other words, around the same time that the researchers expect cloud standardisation to seriously mature. Watch this space.
- » UK cloud computing usage continues to rise, CIF finds
- » More than half of data stored is inactive, report finds
- » The lowdown on the UK government’s new Cyber Essentials Scheme
- » How to win big when cloud computing is pervasive
- » Why physical security is essential to combating the ever present and growing threat to data centres