As the field of cloud computing has developed over the last few years, many people in the industry have recognized the need for clear and open standards that can help maintain an environment that gives us as much flexibility in the future as possible. Standards work for cloud computing security is relatively mature, but work on standards that ensure interoperability and portability is not as far along. The work goes back as far as 2008 when I had the opportunity to help to start some of the first cloud computing standards activity that resulted in the launch of the DMTF Open Cloud Standards Incubator in early 2009. Lately, we’ve seen a lot of and Standards Development Organizations (SDO) that are also starting cloud standards work. When I was part of an industry panel recently, talking about the state of cloud standards, I reviewed all of the progress that has been made and thought about where we really need to focus.
In spite of all of the marketing hype, we’ve been able to make great progress. We completed the incubator work, published important foundational documents and in 2010 we launched a group, which I’ve had the privilege to co-chair, to work on the cloud interoperability standards. Later that same year, the DMTF was able to get OVF ratified as the first national standard for virtualization and cloud workload portability. Last year we were able to get OVF ratified by ISO/IEC JTC1/SC38 as their first international cloud standard and it continues to get implemented in our products as well as in various vendors’ offerings.
We‘ve also made other progress, including releasing public drafts of the Cloud Infrastructure Management Interface (CIMI) specifications. We have been actively working in partnership with over 30 other companies from around the globe to develop this critical interface so that we can truly achieve cloud interoperability at the IaaS layer. We have released updated versions of the CIMI specification for public review and comment while work has been in progress and so we expect to release a 1.0 version of the specifications soon.
The diagram outlines where I think we are on the cloud standards journey. As you can see, I think that security standards are the farthest along and the bulk of the activity that needs to be done is to be sure that they are compliant to best practices in how they are implemented. That is followed by workload portability which has also made great progress and we are looking at how to test interoperability and to extend the spec with the current work-in-progress version 2.0 that is out for public comment. On the other hand, there is work that is just beginning, such as the work on Software License Management which is still in the early stages but we hope to kick off some standards work based on the whitepaper output of the Cloud Software License Incubator.
The number of new customer-based organizations and forums for cloud computing that have emerged over the last year or so is another interesting phenomenon, including organizations such as the Open Data Center Alliance, the Object Management Group backed Cloud Standards Customer Council and the TM Forum’s Enterprise Cloud Leadership Council. This is a very good sign that we will someday achieve true interoperability. What customers demand, vendors will ultimately implement. Consumers of cloud services are very engaged and will promote the development of standards by participating in these activities. How customers purchase products and services will ultimately drive greater standardization in this emerging field of technology.
So where does this leave us? As I see it, more and more organizations, like OASIS, IEEE , ITU-T and the IETF have just begun to get engaged in cloud standards development. I hope that we, as an industry, don’t duplicate the work that has already been done and I hope that these organizations will focus on new problems such as PaaS and SaaS interoperability challenges. I think there is still plenty of work to be done in providing the interoperability standards that will enable the broader vision of cloud computing.