OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

oasis-charter-discuss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Proposed Charter for Public Administration Cloud Requirements (PACR) TC


To OASIS Members:

A draft TC charter has been submitted to establish the OASIS Public Administration Cloud Requirements (PACR) TC name. In accordance with the OASIS TC Process Policy section 2.2: (https://www.oasis-open.org/policies-guidelines/tc-process#formation) the proposed charter is hereby submitted for comment. The comment period shall remain open until 11:59 pm ET on 31 December 2012.

A previous version of the charter was submitted for comments on 25 September 2012. The charter was taken back for review following the comment period. The previous call for comment can be found at https://lists.oasis-open.org/archives/tc-announce/201209/msg00008.html 

OASIS maintains a mailing list for the purpose of submitting comments on proposed charters. Any OASIS member may post to this list by sending email to: oasis-charter-discuss@lists.oasis-open.org. All messages will be publicly archived at: http://lists.oasis-open.org/archives/oasis-charter-discuss/. Members who wish to receive emails must join the group by selecting "join group" on the group home page: http://www.oasis-open.org/apps/org/workgroup/oasis-charter-discuss/. Employees of organizational members do not require primary representative approval to subscribe to the oasis-charter-discuss e-mail.

A telephone conference will be held among the Convener, the OASIS TC Administrator, and those proposers who wish to attend within four days of the close of the comment period. The announcement and call-in information will be noted on the OASIS Charter Discuss Group Calendar.

We encourage member comment and ask that you note the name of the proposed TC (PACR) in the subject line of your email message.

---

(1) TC CHARTER 

(1)(a) Name
OASIS Public Administration Cloud Requirements (PACR) Technical Committee 

(1)(b) Statement of Purpose

Governments are evaluating the use of, and increasingly converting many of their information and communication technology ("ICT") systems to cloud and other remote distributed computing services and installations. The nature of these relatively novel systems requires some re-examination of the public policy and government responsibility requirements generally applied to ICT functions on which public administrations rely, including their:

-       Safety, reliability, stability and minimal risk;
-       Legislative conformance;
-       Regulatory compliance;
-       Degree of control and auditability by or on behalf of the responsible public administration;
-       Reliance on and vulnerability to single sources, vendors, formats, applications or computing protocols;
-       Usability and extensibility of data and data functions by anticipatable stakeholders;
-       Portability of data;
-       Portability and composability of data functions across multiple systems and clouds operating in concert;
-       More agile enhancement and maintenance and multi-site resilience;
-       Cost effectiveness; and
-       Skills needs.

The increased speed, functionality, reach and efficiencies sought and availability from cloud computing methods in some cases puts unique stresses on the foregoing conventional ICT requirements, and may also give rise to special needs not encountered or well defined in segregated, stand-alone computing installations.

Some work has been done (as cited below) in creating typologies of cloud computing service function levels, and towards models of services; and several recently-formed coalitions have proposed requirements lists at one or another level of cloud activity, some of which are beginning to form a web of partially overlapping and disjointed mass of specifications and candidate standards.
However, there is little help available to governments to integrate those lists into common, readily-understood rules that inform procurement, auditable assurance and conformance testing and acquisition criteria; and little or no openly available, vendor-neutral information mapping of such requirements to the rather large but loosely-organized body of existing ICT standards.

The foregoing state of affairs can lead to haphazard, constantly-changing criteria; serious difficulties in comparing or evaluating possible cloud services; accidental data architectures (or none at all); and a failure to take advantage of easily-used but hard-to-define bodies of existing openly-available work. The Public Cloud (PACR) TC will draw together a common set of attributes and operational requirements that are relevant to public administrations, at each of the major service levels of cloud systems,  and show the relationships (where applicable) to existing open standards and published governmental works that supply methods of measurement and definition.

(1)(c )Scope of the TC's work

The committee will develop a set of common required functional elements, and measurable criteria or qualities that should be present in cloud computing services or installations employed by public administration entities, whether purchased, hired or self-created and self-installed.

In this context, "should be present" refers to aspects of a cloud service or installation that are likely to be necessary to reflect public sector risk profiles in order to satisfy the public policy aspects, governmental reliability and stability requirements, responsibility to citizens and constituent stakeholders, and broad, platform-neutral accessibility that generally are expected and desirable from useful, long-term government ICT resources.  In essence the work will form a ‘profile’ of government requirements, drawn from and informed by existing works.

Out of Scope: The TC's deliverables will not recommend or require the use of specific tools, products, technologies, software systems or branded commercial or non-commercial services. However, the TC may demonstrate implementation by publishing ‘profiles of the PACR profile’ based on specific protocols, and may identify which tools are used in connection therewith where needed to permit replication of results.

(1)(d) Deliverables

Within 18 months of the TC’s first meeting it will look to deliver a measurable and auditable implementation/conformance profile for government i.e. the features that governments want to see in cloud offerings to government.  The profile will include as a minimum the following:

1       A base set of required attributes, expressed as architecture-neutral functional features, that generally should be sought in any cloud or remote computing infrastructure employed by or on behalf of governments (including computer networking, network management, data storage and shared repository, multi-site resilience, abstracted hosting environment, service or device management and virtualization management).

2       A base set of required attributes, expressed as architecture-neutral functional features, that generally should be sought in any cloud or remote computing platform services employed by or on behalf of governments (including common transactional, eventing, notification and messaging operations such as middleware and enterprise service buses, and interaction patterns and protocols among autonomous physical or virtual machines).

3       A base set of required attributes, expressed as architecture-neutral functional features, that generally should be sought in any cloud or remote computing data application services employed by or on behalf of governments (including application program interfaces (APIs) and end-user software applications).

Thereafter the TC will look to deliver:

4       If deemed useful and feasible, identification of existing ICT standards and openly-available, vendor-neutral specifications that are available to implement and measure the requirements of the profile.

5       If deemed useful and feasible, gap analysis identification of those requirements where additional openly-available methods are needed for implementation and measurement.

6       If deemed useful and feasible a government Cloud Reference Model that would include amongst other aspects a common taxonomy of government services and a shared information model.

The deliverables shall:

a.      Be vendor-neutral and product-agnostic. (The TC may elect to point to or provide proof-of-concept instances of specific protocol uses, but will strive for catholicity and multiple examples, and facilitate ease of implementation regardless of protocol choices.)

b.      Wherever feasible, specify and explain methodologies for compatibility with legacy system integration and incremental adoption.

(1)(e) IPR Mode

The committee will operate under the Non-Assertion Mode of the OASIS IPR Policy.

(1)(f) Anticipated audience

-       Government units and other entities responsible for data and computing resources employed in public administration, particularly those who have migrated or are evaluating migrating to cloud computing architectures.
-       Market participants, who consume, rely on and transact with those resources.
-       Regulators and policymakers with an interest in the procurement, control, interoperability, auditability, certification and accreditation of cloud resources.
-       Providers of cloud computing services, devices and advisory assistance who support the evaluation, initialization, migration, maintenance and monitoring of cloud computing services and installations.
-       Data integrators for the products & services used by the foregoing.
-       Providers of certification and accreditation services.

(1)(g) Language

The TC will conduct its business in English but will strive to translate its deliverables in a number of non-English languages. The TC may elect to form subcommittees that produce localized documentation of the TC's work in additional languages.

(2) Additional Non-normative Information

(2)(a) Similar or applicable work

The proposers are unaware of any currently published work that covers the entire scope described here. Some elements of the PACR project may be informed by or related to the following:

-       OASIS Topology and Orchestration Specification for Cloud Applications (TOSCA) Technical Committee
-       OASIS Identity in the Cloud Technical Committee, and particularly its ID-Cloud Gap Analysis Data Collection (cataloguing distributed identity service use cases)
-       OASIS Transformational Government Framework Technical Committee, and particularly its TGF Pattern Language Core Patterns (cataloguing, among other things, policy goals for ICT egov operations in a controlled vocabulary)
-       ISO/IEC JTC1/SC38 (Distributed application platforms and services) Working Group 3 on Cloud Computing, and particularly its Use case Analysis Methodology and Principle of Cloud Service Delivery
-       The European Interoperability Framework, v2, European Commission (2010)
-       ODCA Open Data Center Usage Models v1 (June 2011):
-       Security Monitoring
-       Security Provider Assurance
-       IO Control (for QoS coordination across networks)
-       VM Interoperability
-       Common Management & Policy Regulatory Framework
-       Guide industry in requirements and compliance management best practices
-       Cloud Service Catalogue
-       Standard Units of Measurement for IaaS
-       SOA Reference Model v1.0, OASIS Standard (2006)
-       SOA Governance Framework v1, The Open Group (2009)
-       OASIS Test Assertions Guidelines (TAG) Technical Committee
-       Cloud Audit ("A6") Project, Cloud Security Alliance
-       DMTF Common Information Model ("CIM") v2.30.0 (2011)
-       DMTF Open Virtualization Format ("OVF") v1.1.0 (2010)
-       OASIS Privacy Management Reference Model (PMRM) Technical Committee
-       TM Forum Digital Services Initiative
-       TM Forum Shared Information Framework (SID)
-       OMG Cloud Working Group – Cloud Acquisition RFI (2012)
-       Kantara Initiative CloudIDsec  WG

(2)(b) Date & time of first meeting

The first meeting of the PACR TC will be a teleconference to be held on Thursday 28th February 2013, 18.00 to 19.00 Central European Time. This teleconference will be sponsored by iFOSSF.

(2)(c ) Ongoing meeting schedule

It is anticipated that the PACR TC will meet via teleconference every month for 60 minutes at a time determined by the TC members during the TC's first meeting. It is anticipated that the PACR TC will meet face-to-face every 12 months at a time and location to be determined by the TC members.  TC members will determine the actual pace of face-to-face and teleconference meetings. One of the proposers, as listed below, will sponsor the teleconferences unless other TC members offer to donate their own facilities.

(2)(d) Participants

The names, electronic mail addresses, and membership affiliations of at least Minimum Membership who support this proposal:

Adil Soussi Nachit, adil.soussinachit@minfin.fed.be, Belgian SPF Finances
John Borras, johnaborras@yahoo.co.uk, Individual
Peter Brown, peter@peterfbrown.com, Individual
Neil McEvoy, neil.mcevoy@iFOSSF.org, iFOSSF
Colin Wallis, Colin.Wallis@dia.govt.nz , New Zealand Government

(2)(e) Statements of Support

Arnaud Martens, arnaud.martens@minfin.fed.be,  Belgian SPF Finances:   “As primary representative for Belgian SPF Finances I confirm our support for this charter and endorse our proposer listed above.  We support the charter of the proposed new “Public Administration Cloud Requirements” TC as an added-value initiative to deliver a map of requirements to help public organizations going into the cloud computing." 

Neil McEvoy,  neil.mcevoy@ifossfoundation.org,  iFOSSF: “As primary representative for the iFOSS Foundation I confirm our support for this charter and endorse our proposer listed above.  We are pleased to support the work of this new TC which is looking to fill a very important gap in the standards for deploying Cloud services.” 

Colin Wallis, Colin.Wallis@dia.govt.nz,  DIA, New Zealand Government:  “As primary representative for DIA in the New Zealand Government I confirm our support for this charter and endorse our proposer listed above.  The Department participated in the Discussion Group leading up to this proposal. In consideration of those discussions, the Department concurs that governments' requirements are sufficiently differentiated from corporate enterprises to warrant the establishment of this Technical Committee.”  

Convener
The convener is John Borras.

Member Section Affiliation
The TC intends to request affiliation with the OASIS eGov Member Section.


/chet 
----------------
Chet Ensign
Director of Standards Development and TC Administration 
OASIS: Advancing open standards for the information society
http://www.oasis-open.org

Primary: +1 973-996-2298
Mobile: +1 201-341-1393


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]