Blue glowing high energy plasma field in space, computer generated abstract background

Yes Virginia, there are cloud standards

I have seen several articles that have stated that there are no cloud standards yet so customers should not wait. I agree customers should not wait to start implementing clouds. Cloud computing has moved this year from hype to reality, so customers should not wait to take advantages of the efficiencies and cost savings that it can provide.


The part that troubles me is the statement that there are no cloud standards, so I would like to set the record straight.  There are standards that customers should consider before buying and implementing cloud computing today in their data centers and before they sign agreements with cloud service providers. These standards will provide the portability that customers need so that they don’t find themselves on a one-way ticket to a particular cloud. Customers need to be able to choose the best cloud services and not choose vendors that only provide their formats or just as bad a vendor who only provides a one-way conversion to their format.


Earlier this year the DMTF Open Virtualization Format (OVF) was adopted as by the American National Standards Institute (ANSI) as a national standard. OVF is supported by a number virtualization vendors and cloud systems. It provides a standard way to package, deploy and provision clouds. By having a standards set of meta data and open image formats customers can move their workloads between clouds, private to public, or move their workloads to clouds that are more cost effective or provide the functionality and security they require.   OVF is the fundimental concept of a vApp that is extensively supported through the VMware cloud offering and in the widely implemented vCloud API.


The other issue that customers should be concerned about is cloud security standards.  They too exist and are widely implemented. The Cloud Security Alliance was formed over a year ago to develop best practices to implement the various web-based security standards. Their premise, which is an excellent one, that we don’t need new security standards, we need to understand how bext to utilize and implement the ones we have. Todate they have published several papers on how to analyze and implement these standards.


There are standards that are in process and being debated and work on in the various SDOs. A standard cloud interface specification is not completed yet as there is still several proposals on the subject. I hope to see one emerge as the cloud interface sometime next year. There are also other important activitities going on around cloud audit and cloud identity and we hope for some additional work in this space soon.  For a complete look at the standards landscape take a look at


So bottomline, yes, there are standards.  Customers need to be aware and ask for them from their cloud software, platform, and infrastructure providers. There has been progress on cloud standards in 2010 and good cloud standards do exist.


Leave a Reply

Your email address will not be published. Required fields are marked *