[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: Proposed Charter for Public Administration Cloud Requirements (PACR) TC
Just to confirm that no comments were received during the member comment
review period of the PACR Charter.
Regards
John
PACR TC Convenor
-----Original Message-----
From: Chet Ensign [mailto:chet.ensign@oasis-open.org]
Sent: 17 December 2012 15:27
To: members@lists.oasis-open.org; oasis-charter-discuss@lists.oasis-open.org
Cc: adil.soussinachit@minfin.fed.be; johnaborras@yahoo.co.uk;
peter@peterbrown.com; neil.mcevoy@iFOSSF.org; Colin.Wallis@dia.govt.nz
Subject: Proposed Charter for Public Administration Cloud Requirements
(PACR) TC
To OASIS Members:
A draft TC charter has been submitted to establish the OASIS Public
Administration Cloud Requirements (PACR) TC name. In accordance with the
OASIS TC Process Policy section 2.2:
(https://www.oasis-open.org/policies-guidelines/tc-process#formation) the
proposed charter is hereby submitted for comment. The comment period shall
remain open until 11:59 pm ET on 31 December 2012.
A previous version of the charter was submitted for comments on 25 September
2012. The charter was taken back for review following the comment period.
The previous call for comment can be found at
https://lists.oasis-open.org/archives/tc-announce/201209/msg00008.html
OASIS maintains a mailing list for the purpose of submitting comments on
proposed charters. Any OASIS member may post to this list by sending email
to: oasis-charter-discuss@lists.oasis-open.org. All messages will be
publicly archived at:
http://lists.oasis-open.org/archives/oasis-charter-discuss/. Members who
wish to receive emails must join the group by selecting "join group" on the
group home page:
http://www.oasis-open.org/apps/org/workgroup/oasis-charter-discuss/.
Employees of organizational members do not require primary representative
approval to subscribe to the oasis-charter-discuss e-mail.
A telephone conference will be held among the Convener, the OASIS TC
Administrator, and those proposers who wish to attend within four days of
the close of the comment period. The announcement and call-in information
will be noted on the OASIS Charter Discuss Group Calendar.
We encourage member comment and ask that you note the name of the proposed
TC (PACR) in the subject line of your email message.
---
(1) TC CHARTER
(1)(a) Name
OASIS Public Administration Cloud Requirements (PACR) Technical Committee
(1)(b) Statement of Purpose
Governments are evaluating the use of, and increasingly converting many of
their information and communication technology ("ICT") systems to cloud and
other remote distributed computing services and installations. The nature of
these relatively novel systems requires some re-examination of the public
policy and government responsibility requirements generally applied to ICT
functions on which public administrations rely, including their:
- Safety, reliability, stability and minimal risk;
- Legislative conformance;
- Regulatory compliance;
- Degree of control and auditability by or on behalf of the
responsible public administration;
- Reliance on and vulnerability to single sources, vendors, formats,
applications or computing protocols;
- Usability and extensibility of data and data functions by
anticipatable stakeholders;
- Portability of data;
- Portability and composability of data functions across multiple
systems and clouds operating in concert;
- More agile enhancement and maintenance and multi-site resilience;
- Cost effectiveness; and
- Skills needs.
The increased speed, functionality, reach and efficiencies sought and
availability from cloud computing methods in some cases puts unique stresses
on the foregoing conventional ICT requirements, and may also give rise to
special needs not encountered or well defined in segregated, stand-alone
computing installations.
Some work has been done (as cited below) in creating typologies of cloud
computing service function levels, and towards models of services; and
several recently-formed coalitions have proposed requirements lists at one
or another level of cloud activity, some of which are beginning to form a
web of partially overlapping and disjointed mass of specifications and
candidate standards.
However, there is little help available to governments to integrate those
lists into common, readily-understood rules that inform procurement,
auditable assurance and conformance testing and acquisition criteria; and
little or no openly available, vendor-neutral information mapping of such
requirements to the rather large but loosely-organized body of existing ICT
standards.
The foregoing state of affairs can lead to haphazard, constantly-changing
criteria; serious difficulties in comparing or evaluating possible cloud
services; accidental data architectures (or none at all); and a failure to
take advantage of easily-used but hard-to-define bodies of existing
openly-available work. The Public Cloud (PACR) TC will draw together a
common set of attributes and operational requirements that are relevant to
public administrations, at each of the major service levels of cloud
systems, and show the relationships (where applicable) to existing open
standards and published governmental works that supply methods of
measurement and definition.
(1)(c )Scope of the TC's work
The committee will develop a set of common required functional elements, and
measurable criteria or qualities that should be present in cloud computing
services or installations employed by public administration entities,
whether purchased, hired or self-created and self-installed.
In this context, "should be present" refers to aspects of a cloud service or
installation that are likely to be necessary to reflect public sector risk
profiles in order to satisfy the public policy aspects, governmental
reliability and stability requirements, responsibility to citizens and
constituent stakeholders, and broad, platform-neutral accessibility that
generally are expected and desirable from useful, long-term government ICT
resources. In essence the work will form a 'profile' of government
requirements, drawn from and informed by existing works.
Out of Scope: The TC's deliverables will not recommend or require the use of
specific tools, products, technologies, software systems or branded
commercial or non-commercial services. However, the TC may demonstrate
implementation by publishing 'profiles of the PACR profile' based on
specific protocols, and may identify which tools are used in connection
therewith where needed to permit replication of results.
(1)(d) Deliverables
Within 18 months of the TC's first meeting it will look to deliver a
measurable and auditable implementation/conformance profile for government
i.e. the features that governments want to see in cloud offerings to
government. The profile will include as a minimum the following:
1 A base set of required attributes, expressed as architecture-neutral
functional features, that generally should be sought in any cloud or remote
computing infrastructure employed by or on behalf of governments (including
computer networking, network management, data storage and shared repository,
multi-site resilience, abstracted hosting environment, service or device
management and virtualization management).
2 A base set of required attributes, expressed as architecture-neutral
functional features, that generally should be sought in any cloud or remote
computing platform services employed by or on behalf of governments
(including common transactional, eventing, notification and messaging
operations such as middleware and enterprise service buses, and interaction
patterns and protocols among autonomous physical or virtual machines).
3 A base set of required attributes, expressed as architecture-neutral
functional features, that generally should be sought in any cloud or remote
computing data application services employed by or on behalf of governments
(including application program interfaces (APIs) and end-user software
applications).
Thereafter the TC will look to deliver:
4 If deemed useful and feasible, identification of existing ICT
standards and openly-available, vendor-neutral specifications that are
available to implement and measure the requirements of the profile.
5 If deemed useful and feasible, gap analysis identification of those
requirements where additional openly-available methods are needed for
implementation and measurement.
6 If deemed useful and feasible a government Cloud Reference Model
that would include amongst other aspects a common taxonomy of government
services and a shared information model.
The deliverables shall:
a. Be vendor-neutral and product-agnostic. (The TC may elect to point
to or provide proof-of-concept instances of specific protocol uses, but will
strive for catholicity and multiple examples, and facilitate ease of
implementation regardless of protocol choices.)
b. Wherever feasible, specify and explain methodologies for
compatibility with legacy system integration and incremental adoption.
(1)(e) IPR Mode
The committee will operate under the Non-Assertion Mode of the OASIS IPR
Policy.
(1)(f) Anticipated audience
- Government units and other entities responsible for data and
computing resources employed in public administration, particularly those
who have migrated or are evaluating migrating to cloud computing
architectures.
- Market participants, who consume, rely on and transact with those
resources.
- Regulators and policymakers with an interest in the procurement,
control, interoperability, auditability, certification and accreditation of
cloud resources.
- Providers of cloud computing services, devices and advisory
assistance who support the evaluation, initialization, migration,
maintenance and monitoring of cloud computing services and installations.
- Data integrators for the products & services used by the foregoing.
- Providers of certification and accreditation services.
(1)(g) Language
The TC will conduct its business in English but will strive to translate its
deliverables in a number of non-English languages. The TC may elect to form
subcommittees that produce localized documentation of the TC's work in
additional languages.
(2) Additional Non-normative Information
(2)(a) Similar or applicable work
The proposers are unaware of any currently published work that covers the
entire scope described here. Some elements of the PACR project may be
informed by or related to the following:
- OASIS Topology and Orchestration Specification for Cloud
Applications (TOSCA) Technical Committee
- OASIS Identity in the Cloud Technical Committee, and particularly
its ID-Cloud Gap Analysis Data Collection (cataloguing distributed identity
service use cases)
- OASIS Transformational Government Framework Technical Committee, and
particularly its TGF Pattern Language Core Patterns (cataloguing, among
other things, policy goals for ICT egov operations in a controlled
vocabulary)
- ISO/IEC JTC1/SC38 (Distributed application platforms and services)
Working Group 3 on Cloud Computing, and particularly its Use case Analysis
Methodology and Principle of Cloud Service Delivery
- The European Interoperability Framework, v2, European Commission
(2010)
- ODCA Open Data Center Usage Models v1 (June 2011):
- Security Monitoring
- Security Provider Assurance
- IO Control (for QoS coordination across networks)
- VM Interoperability
- Common Management & Policy Regulatory Framework
- Guide industry in requirements and compliance management best
practices
- Cloud Service Catalogue
- Standard Units of Measurement for IaaS
- SOA Reference Model v1.0, OASIS Standard (2006)
- SOA Governance Framework v1, The Open Group (2009)
- OASIS Test Assertions Guidelines (TAG) Technical Committee
- Cloud Audit ("A6") Project, Cloud Security Alliance
- DMTF Common Information Model ("CIM") v2.30.0 (2011)
- DMTF Open Virtualization Format ("OVF") v1.1.0 (2010)
- OASIS Privacy Management Reference Model (PMRM) Technical Committee
- TM Forum Digital Services Initiative
- TM Forum Shared Information Framework (SID)
- OMG Cloud Working Group - Cloud Acquisition RFI (2012)
- Kantara Initiative CloudIDsec WG
(2)(b) Date & time of first meeting
The first meeting of the PACR TC will be a teleconference to be held on
Thursday 28th February 2013, 18.00 to 19.00 Central European Time. This
teleconference will be sponsored by iFOSSF.
(2)(c ) Ongoing meeting schedule
It is anticipated that the PACR TC will meet via teleconference every month
for 60 minutes at a time determined by the TC members during the TC's first
meeting. It is anticipated that the PACR TC will meet face-to-face every 12
months at a time and location to be determined by the TC members. TC
members will determine the actual pace of face-to-face and teleconference
meetings. One of the proposers, as listed below, will sponsor the
teleconferences unless other TC members offer to donate their own
facilities.
(2)(d) Participants
The names, electronic mail addresses, and membership affiliations of at
least Minimum Membership who support this proposal:
Adil Soussi Nachit, adil.soussinachit@minfin.fed.be, Belgian SPF Finances
John Borras, johnaborras@yahoo.co.uk, Individual Peter Brown,
peter@peterfbrown.com, Individual Neil McEvoy, neil.mcevoy@iFOSSF.org,
iFOSSF Colin Wallis, Colin.Wallis@dia.govt.nz , New Zealand Government
(2)(e) Statements of Support
Arnaud Martens, arnaud.martens@minfin.fed.be, Belgian SPF Finances: "As
primary representative for Belgian SPF Finances I confirm our support for
this charter and endorse our proposer listed above. We support the charter
of the proposed new "Public Administration Cloud Requirements" TC as an
added-value initiative to deliver a map of requirements to help public
organizations going into the cloud computing."
Neil McEvoy, neil.mcevoy@ifossfoundation.org, iFOSSF: "As primary
representative for the iFOSS Foundation I confirm our support for this
charter and endorse our proposer listed above. We are pleased to support
the work of this new TC which is looking to fill a very important gap in the
standards for deploying Cloud services."
Colin Wallis, Colin.Wallis@dia.govt.nz, DIA, New Zealand Government: "As
primary representative for DIA in the New Zealand Government I confirm our
support for this charter and endorse our proposer listed above. The
Department participated in the Discussion Group leading up to this proposal.
In consideration of those discussions, the Department concurs that
governments' requirements are sufficiently differentiated from corporate
enterprises to warrant the establishment of this Technical Committee."
Convener
The convener is John Borras.
Member Section Affiliation
The TC intends to request affiliation with the OASIS eGov Member Section.
/chet
----------------
Chet Ensign
Director of Standards Development and TC Administration
OASIS: Advancing open standards for the information society
http://www.oasis-open.org
Primary: +1 973-996-2298
Mobile: +1 201-341-1393
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]