Cloud computing has become the foundation of modern digital infrastructure, yet the absence of a unified architectural and compliance framework impedes interoperability, auditability, and robust security. This paper introduces a formal, machine-readable semantic model for Cloud Engines, integrating the architectural taxonomy of ISO/IEC 22123 (Cloud Reference Architecture) with the security and compliance controls of ISO/IEC 27001:2022 and ISO/IEC TR 3445:2022. The model decomposes cloud systems into four canonical interfaces--Control, Business, Audit, and Data--and extends them with a security ontology that maps mechanisms such as authentication, authorization, and encryption to specific compliance controls. Expressed in RDF/Turtle, the model enables semantic reasoning, automated compliance validation, and vendor-neutral architecture design. We demonstrate its practical utility through OpenStack and AWS case studies, and provide reproducible validation workflows using SPARQL and SHACL. This work advances the state of cloud security modeling by bridging architectural and compliance standards in a unified framework, with a particular emphasis on auditability.

翻译：云计算已成为现代数字基础设施的基石，然而统一架构与合规框架的缺失阻碍了互操作性、可审计性及稳健的安全性。本文提出了一种形式化、机器可读的云引擎语义模型，该模型将ISO/IEC 22123（云参考架构）的架构分类法与ISO/IEC 27001:2022及ISO/IEC TR 3445:2022的安全与合规控制措施相结合。该模型将云系统分解为四个规范接口——控制、业务、审计与数据——并通过一个安全本体对其进行扩展，该本体将认证、授权与加密等机制映射至具体的合规控制措施。该模型以RDF/Turtle语言表达，支持语义推理、自动化合规验证及供应商中立的架构设计。我们通过OpenStack与AWS的案例研究证明了其实用性，并提供了使用SPARQL与SHACL的可复现验证工作流。本工作通过在一个统一框架内桥接架构标准与合规标准，显著推进了云安全建模的现状，并特别强调了可审计性。