ISO/IEC JTC 1/SC 38

Last updated September 21, 2022

ISO/IEC JTC 1/SC 38 Cloud Computing and Distributed Platforms is a standardization subcommittee, which is part of the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).

ISO/IEC JTC 1/SC 38 serves as the focus, proponent, and systems integration entity on Cloud Computing, Distributed Platforms, and the application of these technologies. ISO/IEC JTC 1/SC 38 provides guidance to JTC 1, IEC, ISO and other entities developing standards in these areas. The Subcommittee is addressing the demand pull from users, especially governments, for standards to assist them in specifying, acquiring and applying Cloud Computing and distribute platform technologies and services.

History

ISO/IEC JTC 1/SC 38 was formed at the October 2009 ISO/IEC JTC 1 Plenary Meeting in Tel Aviv via approval of Resolution 36. The international secretariat of ISO/IEC JTC 1/SC 38 is the American National Standards Institute (ANSI), located in the United States.^[1] The first meeting of the subcommittee took place in Beijing, China in May 2010. ISO/IEC JTC 1/SC 38 approved its scope, established three working groups and developed terms of reference for each at this inaugural meeting.

Established to address three related areas of technology - Web Services, Service Oriented Architecture (SOA), and Cloud Computing - ISO/IEC JTC 1/SC 38 was initially titled Distributed Application Platforms and Services (DAPS). Meeting in Plenary 2 times per year during its first 6 years, with interim electronic and face-to-face meetings of its Working Groups, ISO/IEC JTC 1/SC 38 completed work in Web Services and SOA and increased its focus on Cloud Computing. To reflect this evolution in focus, the JTC 1 2014 Plenary Meeting in Abu Dhabi approved a revised scope and new title for ISO/IEC JTC 1/SC 38, Cloud Computing and Distributed Platforms.

Scope and mission

The scope of ISO/IEC JTC 1/SC 38 is the “Standardization in the area of Cloud Computing and Distributed Platforms”. ^[2] This includes:

Foundational concepts and technologies,
Operational issues, and
Interactions among Cloud Computing systems and with other distributed systems

Structure

ISO/IEC JTC 1/SC 38 is made up of two working groups (WGs). Each working group carries out specific tasks in standards development within the field of Cloud Computing and Distributed Platforms, where the focus of each working group is described in the group’s terms of reference. The two active working groups of ISO/IEC JTC 1/SC 38 are:^[3]^[4]

Working Group	Working Area
ISO/IEC JTC 1/SC 38/WG 3	Cloud Computing Fundamentals (CCF)
ISO/IEC JTC 1/SC 38/WG 5	Cloud Computing Data and its Flow (CCDF)

WG 3 - CLOUD COMPUTING FUNDAMENTALS (CCF)

Terms of Reference:

Projects related to Cloud Computing Service Agreements
Projects related to fundamental concepts, terminology and definitions for Cloud Computing
Projects related to guidance on use of international standards in the development of policies that govern or regulate cloud service providers and cloud services, and policies that govern the use of cloud services in enterprise organizations
Establish liaisons and collaborate with other entities within JTC 1, SDOs and consortia performing work related to Cloud Computing

WG 5 – DATA IN CLOUD COMPUTING AND RELATED TECHNOLOGIES

Terms of Reference:

Standardization in the area of data in cloud computing, distributed platforms, connected devices and related technologies
Establish liaisons and collaborate with other entities within and external to JTC 1 as appropriate

Collaborations

ISO/IEC JTC 1/SC 38 works closely with a number of other JTC 1 subcommittees, including ISO/IEC JTC 1/SC 7, Software and Systems Engineering, and ISO/IEC JTC 1/SC 27, IT Security Techniques.^[2] In addition, the subcommittee works with a number of external forums, including the Cloud Security Alliance, Distributed Management Task Force (DMTF), the Open Grid Forum and The Open Group.^[5] Together, ISO/IEC JTC 1/SC 38 (specifically WG 3: Cloud Computing) and ITU-T/SG 13 formed Collaborative Teams on Cloud Computing Overview and Vocabulary (CT-CCVOCAB) and Cloud Computing Reference Architecture (CT-CCRA) that developed two standards: ISO/IEC JTC 1 17788 – Cloud Computing Vocabulary and ISO/IEC JTC 1 17789 – Cloud Computing Reference Architecture.

Organizations internal to ISO or IEC that collaborate with or are in liaison to ISO/IEC JTC 1/SC 38 include:^[6]

ISO/IEC JTC 1/SC 6, Telecommunications and information exchange between systems
ISO/IEC JTC 1/SC 7, Software and systems engineering
ISO/IEC JTC 1/SC 27, Security techniques
ISO/IEC JTC 1/SC 32, Data management and interchange
ISO/IEC JTC 1/SC 37, Biometrics
ISO/IEC JTC 1/SC 39, Sustainability for and by Information Technology
ISO/IEC JTC 1/SC 40, Service Management and IT Governance
ISO/IEC JTC 1/SC 41, Internet of Things and related technologies
ISO/IEC JTC 1/SC 42, Artificial intelligence

Organizations external to ISO or IEC that collaborate with or are in liaison to ISO/IEC JTC 1/SC 38 include:

Cloud security alliance (CSA)
Distributed Management Task Force (DMTF)
IEEE Computer Society
Latino American Institute for Quality Assurance (INLAC)
ITU‐T Study Group 13
ITU‐T Study Group 17
Organization for the Advancement of Structured Information Standards (OASIS)
Open Grid Forum (OGF)
Storage Networking Industry (SNIA)

Member countries

Countries pay a fee to ISO to be members of subcommittees.^[7]

The 29 "P" (participating) members of ISO/IEC JTC 1/SC 38 are: Australia, Austria, Belgium, Brazil, Canada, China, Denmark, Finland, France, Germany, India, Ireland, Israel, Italy, Japan, Republic of Korea, Luxembourg, Netherlands, Poland, Portugal, Russian Federation, Singapore, Slovakia, South Africa, Spain, Sweden, Switzerland, United Kingdom, and United States of America.

The 8 "O" (observing) members of ISO/IEC JTC 1/SC 38 are: Argentina, Bosnia and Herzegovina, Czech Republic, Hong Kong, New Zealand, Norway, Serbia, and Uruguay.^[1]

Standards

As of 2019, ISO/IEC JTC 1/SC 38 has 15 published standards. Some standards related to the work in ISO/IEC JTC 1/SC 38 include:^[8]

ISO/IEC Standard	Title	Status	Description	WG
ISO/IEC 17203	Information technology — Open Virtualization Format (OVF) specification	Published (2017)	Specifies an open, secure, portable, efficient and extensible format for the packaging and distribution of software to be run in virtual machines.
ISO/IEC 17788^[9]	Information technology -- Cloud computing -- Overview and vocabulary	Published (2014)	Provides an overview of cloud computing along with a set of terms and definitions	3
ISO/IEC 17789	Information technology — Cloud computing — Reference architecture	Published (2014)	Specifies the cloud computing reference architecture (CCRA). The reference architecture includes the cloud computing roles , cloud computing activities , and the cloud computing functional components and their relationships.	3
ISO/IEC 17826	Information technology – Cloud Data Management Interface (CDMI)	Published (2012)	Specifies the interface to access cloud storage and to manage the stored data	3
ISO/IEC 17963	Web Services for Management (WS-Management) Specification	Published (2013)	Describes a Web services protocol based on SOAP for use in management‑specific domains	1
ISO/IEC 17998^[10]	Information technology – SOA Governance Framework	Published (2012)	Describes a framework for providing context and definitions related to SOA for organizations to use when deploying SOA governance. Defines: SOA Governance SOA Governance Reference Model SOA Governance Vitality Model	2
ISO/IEC 18384-1	Information technology — Reference Architecture for Service Oriented Architecture (SOA RA) — Part 1: Terminology and concepts for SOA	Published (2016)	Establishes vocabulary, guidelines, and general technical principles underlying service oriented architecture (SOA), including principles relating to functional design, performance, development, deployment, and management.	2
ISO/IEC 18384-2	Information technology — Reference Architecture for Service Oriented Architecture (SOA RA) — Part 2: Reference Architecture for SOA Solutions	Published (2016)	Describes a Reference Architecture for SOA Solutions which applies to functional design, performance, development, deployment and management of SOA Solutions.	2
ISO/IEC 18384-3	Information technology — Reference Architecture for Service Oriented Architecture (SOA RA) — Part 3: Service Oriented Architecture ontology	Published (2016)	Defines a formal ontology for service-oriented architecture (SOA), an architectural style that supports service orientation. The terms defined in this ontology are key terms from the vocabulary in ISO/IEC 18384-1.	2
ISO/IEC 19086-1	Information technology — Cloud computing — Service level agreement (SLA) framework — Part 1: Overview and concepts	Published (2016)	Establish a set of common cloud SLA building blocks (concepts, terms, definitions, contexts) that can be used to create cloud Service Level Agreements (SLAs).	3
ISO/IEC 19086-2	Cloud computing — Service level agreement (SLA) framework — Part 2: Metric model	Published (2018)	Establishes common terminology, defines a model for specifying metrics for cloud SLAs, and includes applications of the model with examples.	3
ISO/IEC 19086-3	Information technology — Cloud computing — Service level agreement (SLA) framework — Part 3: Core conformance requirements	Published (2017)	Specifies the core conformance requirements for service level agreements (SLAs) for cloud services based on ISO/IEC 19086‑1 and guidance on the core conformance requirements.	3
ISO/IEC 19941	Information technology — Cloud computing — Interoperability and portability	Published (2017)	Specifies cloud computing interoperability and portability types, the relationship and interactions between these two cross-cutting aspects of cloud computing and common terminology and concepts used to discuss interoperability and portability, particularly relating to cloud services.	4
ISO/IEC 19944	Information technology — Cloud computing — Cloud services and devices: Data flow, data categories and data use	Published (2017)	Extends the existing cloud computing vocabulary and reference architecture in ISO/IEC 17788 and ISO/IEC 17789 to describe an ecosystem involving devices using cloud services	5
ISO/IEC TR 22678	Information technology — Cloud computing — Guidance for policy development	Published (2019)	Provides guidance on the use of international standards as a tool in the development of those policies that govern or regulate cloud service providers (CSPs) and cloud services, and those policies and practices that govern the use of cloud services in organisations.	3
ISO/IEC TR 23186	Information technology — Cloud computing — Framework of trust for processing of multi-sourced data	Published (2018)	Describes a framework of trust for the processing of multi-sourced data that includes data use obligations and controls, data provenance, chain of custody, security and immutable proof of compliance as elements of the framework.	5
ISO/IEC TR 30102	Information technology – Distributed Application Platforms and Services (DAPS) – General technical principles of Service Oriented Architecture	Published (2012)	Describes general technical principles underlying SOA including principles relating to functional design, performance, development, deployment and management

Related Research Articles

<span class="mw-page-title-main">Moving Picture Experts Group</span> Alliance of working groups to set standards for multimedia coding

The Moving Picture Experts Group (MPEG) is an alliance of working groups established jointly by ISO and IEC that sets standards for media coding, including compression coding of audio, video, graphics, and genomic data; and transmission and file formats for various applications. Together with JPEG, MPEG is organized under ISO/IEC JTC 1/SC 29 – Coding of audio, picture, multimedia and hypermedia information.

The Joint Photographic Experts Group (JPEG) is the joint committee between ISO/IEC JTC 1/SC 29 and ITU-T Study Group 16 that created and maintains the JPEG, JPEG 2000, JPEG XR, JPEG XT, JPEG XS, JPEG XL, and related digital image standards. It also has the responsibility for maintenance of the JBIG and JBIG2 standards that were developed by the former Joint Bi-level Image Experts Group.

ISO/IEC JTC 1, entitled "Information technology", is a joint technical committee (JTC) of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Its purpose is to develop, maintain and promote standards in the fields of information and communications technology (ICT).

ISO/IEC JTC 1/SC 22 Programming languages, their environments and system software interfaces is a standardization subcommittee of the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) that develops and facilitates standards within the fields of programming languages, their environments and system software interfaces. ISO/IEC JTC 1/SC 22 is also sometimes referred to as the "portability subcommittee". The international secretariat of ISO/IEC JTC 1/SC 22 is the American National Standards Institute (ANSI), located in the United States.

ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection is a standardization subcommittee of the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). ISO/IEC JTC 1/SC 27 develops International Standards, Technical Reports, and Technical Specifications within the field of information security. Standardization activity by this subcommittee includes general methods, management system requirements, techniques and guidelines to address information security, cybersecurity and privacy. Drafts of International Standards by ISO/IEC JTC 1 or any of its subcommittees are sent out to participating national standardization bodies for ballot, comments and contributions. Publication as an ISO/IEC International Standard requires approval by a minimum of 75% of the national bodies casting a vote. The international secretariat of ISO/IEC JTC 1/SC 27 is the Deutsches Institut für Normung (DIN) located in Germany.

ISO/IEC JTC 1/SC 36 Information Technology for Learning, Education and Training is a standardization subcommittee (SC), which is part of the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), that develops and facilitates standards within the field of information technology (IT) for learning, education and training (LET). ISO/IEC JTC 1/SC 36 was established at the November 1999 ISO/IEC JTC 1 plenary in Seoul, Korea. The subcommittee held its first plenary meeting in March 2000 in London, United Kingdom. The international secretariat of ISO/IEC JTC 1/SC 36 is the Korean Agency for Technology and Standards (KATS), located in the Republic of Korea.

ISO/IEC JTC 1/SC 37 Biometrics is a standardization subcommittee in the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), which develops and facilitates standards within the field of biometrics. The international secretariat of ISO/IEC JTC 1/SC 37 is the American National Standards Institute (ANSI), located in the United States.

ISO/IEC JTC 1/SC 39 Sustainability for and by Information Technology is a standardization subcommittee of the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), that develops and facilitates standards within the field of sustainability and resource efficiency through Information Technology. The international secretariat of ISO/IEC JTC 1/SC 39 is the American National Standards Institute (ANSI), located in the United States.

ISO/IEC JTC 1/SC 7 Software and systems engineering is a standardization subcommittee of the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), that develops and facilitates standards within the field of engineering of software products and systems. The international secretariat of ISO/IEC JTC 1/SC 7 is the Bureau of Indian Standards (BIS) located in India.

ISO/IEC JTC 1/SC 25 Interconnection of information technology equipment is a standardization subcommittee of the Joint Technical Committee ISO/IEC JTC 1, of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), which develops and facilitates standards within the field of interconnection of information technology equipment. The international secretariat of ISO/IEC JTC 1/SC 25 is the Deutsches Institut für Normung (DIN) located in Germany.

ISO/IEC JTC 1/SC 28 Office equipment is a standardization subcommittee of the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), that develops and facilitates international standards, technical reports, and technical specifications within the field of office equipment and products, and systems composed of combinations of office equipment. The group's main focus lies within the area of printers and copiers. The international secretariat of ISO/IEC JTC 1/SC 28 is the Japanese Industrial Standards Committee (JISC) located in Japan.

ISO/IEC JTC 1/SC 2 Coded character sets is a standardization subcommittee of the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), that develops and facilitates standards within the field of coded character sets. The international secretariat of ISO/IEC JTC 1/SC 2 is the Japanese Industrial Standards Committee (JISC), located in Japan. SC 2 is responsible for the development of the Universal Coded Character Set which is the international standard corresponding to the Unicode Standard.

ISO/IEC JTC 1/SC 32 Data management and interchange is a standardization subcommittee of the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), which develops and facilitates standards within the field of data management and interchange. The international secretariat of ISO/IEC JTC 1/SC 32 is the American National Standards Institute (ANSI) located in the United States.

ISO/IEC JTC 1/SC 29, entitled Coding of audio, picture, multimedia and hypermedia information, is a standardization subcommittee of the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It develops and facilitates international standards, technical reports, and technical specifications within the field of audio, picture, multimedia, and hypermedia information coding. The standards developed by SC 29 have been recognized by nine Emmy Awards.

ISO/IEC JTC 1/SC 40 IT Service Management and IT Governance is a standardization subcommittee of the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). ISO/IEC JTC 1/SC 40 develops and facilitates the development of international standards, technical reports, and technical specifications within the fields of IT service management and IT governance, with a focus in IT activity such as audit, digital forensics, governance, risk management, outsourcing, service operations and service maintenance. The international secretariat of ISO/IEC JTC 1/SC 40 is Standards Australia (SA), located in Australia.

ISO/IEC JTC 1/SC 6 Telecommunications and information exchange between systems is a standardization subcommittee of the Joint Technical Committee ISO/IEC JTC 1. It is part of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), which develops and facilitates standards within the field of telecommunications and information exchange between systems.

Note: This working group has been disbanded.

ISO/IEC JTC 1/SC 23 Digitally recorded media for information interchange and storage is a standardization subcommittee of the joint technical committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), which develops and facilitates standards within the field of removable digital storage media for digital information interchange. The international secretariat of ISO/IEC JTC 1/SC 23 is the Japanese Industrial Standards Committee (JISC) located in Japan.

ISO/IEC JTC 1/SC 17 Cards and personal identification is a standardization subcommittee of the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), which develops and facilitates standards within the field of identification cards and personal identification. The international secretariat of ISO/IEC JTC 1/SC 17 is the British Standards Institution (BSI) located in the United Kingdom.

ISO/IEC JTC 1/SC 31 Automatic identification and data capture techniques is a subcommittee of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) Joint Technical Committee (JTC) 1, and was established in 1996. SC 31 develops and facilitates international standards, technical reports, and technical specifications in the field of automatic identification and data capture techniques. The first Plenary established three working groups (WGs): Data Carriers, Data Content, and Conformance. Subsequent Plenaries established other working groups: RFID, RTLS, Mobile Item Identification and Management, Security and File Management, and Applications.

References

1 2 ISO. "ISO/IEC JTC 1/SC 38 - Cloud Computing and Distributed Platforms" . Retrieved 2013-07-12.
1 2 JTC 1/SC 38 Chair (2014-10-23). "Business Plan for JTC 1/SC 38".{{cite journal}}: Cite journal requires |journal= (help)
↑ ISO. "JTC 1/SC 38 Cloud Computing and Distributed Platforms". ISO. Retrieved 2013-07-12.
↑ Krutz, Ronald L.; Vines, Russell Dean (2010). Cloud Security: A Comprehensive Guide to Secure Cloud Computing. Indianapolis, IN: Wiley Publishing, Inc. p. 225. ISBN 9780470921449 . Retrieved 2013-07-19.
↑ O’Gara, Maureen (2011-04-24). "Cloud Security Alliance & ISO/IEC Team Up". Cloud Ventures. SYS-CON Media, Inc. Retrieved 2013-07-12.
↑ "ISO/IEC JTC 1/SC 38". ISO. Retrieved 2015-07-20.
↑ ISO (June 2012). "III. What Help Can I Get from the ISO Central Secretariat?". ISO Membership Manual (PDF). ISO. pp. 17–18. Retrieved 2013-07-12.
↑ ISO. "Standards Catalogue" . Retrieved 2013-07-12.
↑ ISO (2014-10-10). "ISO/IEC 17788:2014". ISO. Retrieved 2015-08-21.
↑ ISO (2012-08-31). "ISO/IEC 17998:2012". ISO. Retrieved 2013-07-19.

External links

ISO/IEC JTC 1/SC 38 page at ISO

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[countries-1] 1 2 ISO. "ISO/IEC JTC 1/SC 38 - Cloud Computing and Distributed Platforms" . Retrieved 2013-07-12.

[business2012-2] 1 2 JTC 1/SC 38 Chair (2014-10-23). "Business Plan for JTC 1/SC 38".{{cite journal}}: Cite journal requires |journal= (help)

[3] ISO. "JTC 1/SC 38 Cloud Computing and Distributed Platforms". ISO. Retrieved 2013-07-12.

[4] Krutz, Ronald L.; Vines, Russell Dean (2010). Cloud Security: A Comprehensive Guide to Secure Cloud Computing. Indianapolis, IN: Wiley Publishing, Inc. p. 225. ISBN 9780470921449 . Retrieved 2013-07-19.

[5] O’Gara, Maureen (2011-04-24). "Cloud Security Alliance & ISO/IEC Team Up". Cloud Ventures. SYS-CON Media, Inc. Retrieved 2013-07-12.

[6] "ISO/IEC JTC 1/SC 38". ISO. Retrieved 2015-07-20.

[7] ISO (June 2012). "III. What Help Can I Get from the ISO Central Secretariat?". ISO Membership Manual (PDF). ISO. pp. 17–18. Retrieved 2013-07-12.

[8] ISO. "Standards Catalogue" . Retrieved 2013-07-12.

[9] ISO (2014-10-10). "ISO/IEC 17788:2014". ISO. Retrieved 2015-08-21.

[10] ISO (2012-08-31). "ISO/IEC 17998:2012". ISO. Retrieved 2013-07-19.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

v t e International Electrotechnical Commission
Subsidiaries	CISPR
Technical committees	TC 12 TC 25 TC 57 JTC 1 JTC 1/SC 2 JTC 1/SC 6 JTC 1/SC 7 JTC 1/SC 17 JTC 1/SC 22 JTC 1/SC 23 JTC 1/SC 24 JTC 1/SC 25 JTC 1/SC 27 JTC 1/SC 28 JTC 1/SC 29 JTC 1/SC 31 JTC 1/SC 32 JTC 1/SC 34 JTC 1/SC 35 JTC 1/SC 36 JTC 1/SC 37 JTC 1/SC 38 JTC 1/SC 39 JTC 1/SC 40 JTC 1/SWG-A
Related	Information Technology Task Force International Electrotechnical Vocabulary List of International Electrotechnical Commission standards