• No results found

NIST Cloud Computing Program

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "NIST Cloud Computing Program"

Copied!
9
0
0

Loading.... (view fulltext now)

Download now ( 9 Page )

Full text

(1)

NIST Cloud Computing Program

USG Cloud Computing

Technology Roadmap…

Top “10” high priority requirements

to accelerate USG adoption of the

Cloud Computing model

NIST Mission:

To promote U.S. innovation and

industrial competitiveness by advancing measurement science,

standards, and technology

in ways that enhance economic security and improve

our quality of life ©Robert Rathe

(2)

2

Accelerate the federal government’s adoption of cloud

computing*

– Build a USG Cloud Computing Technology Roadmap which focuses on the

highest priority USG cloud computing security, interoperability and

portability requirements

– Lead efforts to develop standards and guidelines in close consultation and

collaboration with standards bodies, the private sector, and other

stakeholders

Unchanged: NIST Cloud Computing Program

Goal…

(3)

3

May

2010

Nov

2010

S

T

R

A

T

E

G

I

C

NIST

CC

Definition

Tactical efforts

Outreach & Fact finding with

USG, Industry, SDOs

Evaluate past models &

lessons learned

Define fresh approach

to support secure &

effective USG cloud

computing adoption,

prioritize interoperability,

portability, & security

requirements, collaborate,

more quickly respond to

operational needs

Launch CC Strategic

Program

Initiate Stakeholder

Meetings

Collaboratively define

working group scope &

resources

Refine

Plan

March

2011

Execute CC Strategic

program

Continue Stakeholder

meetings

Integrate results

into tactical

priorities

NIST CC Forum & Workshop I NIST CC Forum & Workshop II NIST CC Forum & Workshop III

Oct

2011

NIST CC Forum & Workshop IV

Complete

1

st

draft

Interagency

Report

Assess

Results &

Replan

USG Cloud

Computing

Technology

Roadmap

REVISITING NIST CLOUD COMPUTING PROGRAM

(PHASE 1)…

INITIATIVE TO BUILD A USG CLOUD COMPUTING TECHNOLOGY ROADMAP

How to build a USG Cloud Computing Technology Roadmap 1. Define Target USG Cloud Computing Use Cases 2. Define Neutral Cloud Computing Reference Architecture & Taxonomy 3. Generate Roadmap – Translate Requirements & Identify Gaps

(4)

4

USG Cloud Computing Technology Roadmap

requirements* - high priorities to further USG Cloud

Computing Technology Adoption:

Requirement 1: International voluntary consensus based

interoperability, portability and security standards

Requirement 2: Solutions for high priority Security

Requirements

Requirement 3: Technical specifications to enable development

of consistent, high quality Service Level Agreements

Requirement 4: Clearly and consistently categorized cloud

services

Requirement 5: Frameworks to support seamless

implementation of federated community cloud

environments

Requirement 6: Technical security solutions which are

de-coupled from organizational policy decisions

Requirement 7: Defined unique government regulatory

requirements, technology gaps, and solutions

Requirement 8: Collaborative parallel strategic “future cloud”

development initiatives

Requirement 9: Defined and implemented reliability design

goals

Requirement 10: Defined and implemented cloud service metrics

Top 10 High Priority USG

Requirements to accelerate

secure & effective cloud adoption

(interoperability, portability,

security)

And….There are practical reasons

why the requirements that are

needed for USG agencies to

securely & effectively deploy the

Cloud Computing model are also

needed by the broad cloud

computing stakeholder community

*

relationship to interoperability, portability, and security

guidance, standards, & technology highlighted in roadmap

(5)

Volume II - Highlights

• Summary of USG

target business use

case templates &

initial set

• NIST Cloud Computing

Reference Architecture

(& Taxonomy) SP 500-292

Sept 2011

Cloud Provider Cloud Service Manage ment Cloud Carrier Cloud Auditor Cloud Consumer Provisio ning/ Configur ation Portabili ty/ Interoper ability Securit y Audit Privacy Impact Audit Perfor mance Audit Business Support S ec ur it y P ri v ac y Cloud Broker Service Intermed iation Service Aggregat ion Service Arbitrag e Physical Resource Layer Hardware Facility Resource Abstraction and Control Layer Service Layer IaaS SaaS PaaS

• Cloud Computing

Standards Roadmap SP

500-291 July 2011

standards & gap analysis

• SAJACC technical

use case

summary

NIST Cloud Standards Portal Use Cases Validated Specifications Reference Implementations Standards Development Organizations standards Existing Standards Working Groups information Community Outreach spec 1 spec 2 … Specifications Use Cases Case 1 Case 2 … Validation Exercises Spec 1 Spec 2 … Spec n Test 1 Test 2 … Test n

• High Priority Security Requirements - challenges,

requirements overview, risk mitigation measures

• Other related work - Reliability Research in

Cloud-based Complex Systems Koala –

SLA taxonomy,

Useful Information for Cloud

Adopters

• Summary of the work

completed November 2010

through September 2011 in

projects & working groups

• Analysis supports high

priority requirements

introduced in Volume I

• References to detailed

(6)

6

How to build a USG Cloud Computing

Technology Roadmap

1. Define Target USG Cloud Computing Business Use Cases 2. REFINE & APPLY Neutral CC Reference Architecture & Taxonomy 3. UPDATE Cloud Computing Technology Roadmap – Translate Requirements & Identify Gaps

priorities risks obstacles Vendors map services

Strategic Program

(continue phase 1 activities and…)

NIST Tactical Program

USG Cloud

Computing

Technology

Roadmap

... leverage Priority Action Plans (PAPs) selected for

self-tasking by Cloud Stakeholder Community

Assess & Track: USG CC High Priority

Requirements met by Priority Action Plans

(self-tasked by NIST and other CC stakeholders)

Rqmt 1: International consensus interoperability,

security, portability standards

Rqmt 2: Solutions for High Priority Security

requirements

Rqmt 3: Technical Specifications to enable high quality

SLAs

…….

Rqmt 10: Defined and Implemented cloud service

metrics

Integrate results into tactical priorities

Measure Results

We have practical opportunities to leverage our efforts … one

is identifying complementary efforts the NIST Roadmap refers

(7)

7

Recommended

Priority Action

Plans are tactical

as well as

strategic

• Examples of

Priority Action

Plans & interim

solutions to apply

while cloud

solutions are

maturing

USG Cloud Computing Technology Roadmap requirements - high priorities to further USG Cloud Computing Technology Adoption:

Requirement 1: International voluntary consensus based interoperability, portability and security standards (interoperability, portability, and security standards) Requirement 2: Solutions for high priority Security Requirements

(security technology)

Requirement 3: Technical specifications to enable development of consistent, high quality Service Level Agreements

(interoperability, portability, and security standards and guidance)

Requirement 4: Clearly and consistently categorized cloud services (interoperability and portability guidance and technology) Requirement 5: Frameworks to support seamless implementation

of federated community cloud environments

(interoperability and portability guidance and technology) Requirement 6: Technical security solutions which are de-coupled

from organizational policy decisions (security guidance, standards and technology)

Requirement 7: Defined unique government regulatory requirements, technology gaps, and solutions

(interoperability, portability and security technology) Requirement 8: Collaborative parallel strategic “future cloud”

development initiatives (interoperability, portability, and security technology)

Requirement 9: Defined and implemented reliability design goals (interoperability, portability, and security technology) Requirement 10: Defined and implemented cloud service metrics

(interoperability and portability standards)

Encourage standards & compensate with Service

Level Agreements to require demonstration of

data/system portability between providers

Request that cloud service vendors map their

offerings to a common reference (i.e. NIST

Reference Architecture) so that it is easier to

compare services

Define unique

USG/mission/sector/business

Requirements (e.g. 508

compliance, e-discovery, record

retention

)

(8)

8

NIST COMPUTING PROGRAM TIMELINE

(PHASE 2)

Nov

2011

March

2012

S

T

R

A

T

E

G

I

C

NIST Cloud Computing Special Pubs

Guidelines on Security and Privacy …… 800-144 Definition of Cloud Computing …………..800-145 CC Synopsis & Recommendations……. .800-146 CC Standards Roadmap ………500-291

Tactical efforts

Public & Federal Standards & Technology working groups

Initiate NIST CC Program Phase II

Integrate & track USG Technology

Roadmap Priority Action Plans (PAPs)

with external stakeholders

Integrate results into tactical priorities

Measure Results

NIST CC Forum & Workshop IV NIST CC Forum & Workshop V

Nov

2012

NIST CC Forum & Workshop VI

Re-Assess

Progress &

Phase 2 Plan

Standards liaison, SAJACC, FedRamp & other technical advisory, Guidance, Koala

USG Cloud

Computing

Technology

Roadmap

Version

2

Analyze Phase

1 working

group & project

results

Complete

1

st

draft

for public

comment

USG Cloud

Computing

Technology

Roadmap

Version 1

SP 500-293

Planned NIST Cloud Computing Special Pubs

•Challenging Security Requirements for US Government CC Adoption •Revised USG CC Technology Roadmap .... 500-293

1. Vol I High-priority requirements to Further USG Agency CC Adoption 2. Vol II Useful Information for Cloud Adopters

(9)

9

NIST invites you to collaborate with us on

Cloud Computing!

US Federal Cloud Computing references:

www.cio.gov

Public NIST cloud web site:

http://www.nist.gov/itl/cloud/

United States Department of Commerce

National Institute of Standards and Technology

Information Technology Laboratory

100 Bureau Drive Stop 2000

Gaithersburg, MD 20899-2000

References

Download now ( PDF - 9 Page - 1.81 MB )

Related documents

CHC Helicopter Investor Presentation March 2014

¹ Calculated as implied daily cost of helicopter/divided by typical day rate for offshore rig; implied daily cost of helicopter calculated by dividing FY2013 HE rate of $8.73M by

Using Young Adult Literature to Confront Mental Health: A Culturally Relevant Approach

For instance, before teaching When We Collided in our Young Adult Literature course, I asked students to discuss their previous experiences with mental health conversations

Watercress as a nutritional adjuvant treatment in breast cancer

Indirect ionisation stems from the radiolysis of water molecules inside the cell, which then results in the rapid formation of reactive free radicals, mainly

Representational organization of novel task sets during proactive encoding

activity patterns structured by dimension integration, response complexity and target category. The current study advances our knowledge about the structure underlying how

Dynamics of the human structural connectome underlying working memory training

Graph theoretical analysis of the structural (white matter) network connectivity (“connectome”) revealed increased global integration within a frontoparietal attention network

Structural and resting-state MRI detects regional brain differences in young and mid-age healthy APOE-e4 carriers compared with non-APOE-e4 carriers

In our mid-age cohort we see significant structural differences in these same regions: the parahippocampal cortical thickness and left anterior cingulate white matter volumes were

Incidental findings on cerebral MRI in twins: the Older Australian Twins Study

Clinical correlates of white matter findings on cranial magnetic resonance imaging of 3301 elderly people: The cardiovascular health study. Cavum septum pellucidum in monozygotic

Animal Functional Magnetic Resonance Imaging: Trends and Path Toward Standardization

Neuroimaging, especially by means of magnetic resonance imaging (MRI), is playing a preponderant role in mapping the human and animal brain, due to its non- invasiveness,