NIST Cloud Computing Program 1 NIST Cloud Computing Program - Highlights & Next Steps NIST Mission: To promote U.S. innovation and industrial competitiveness.

Slides:



Advertisements
Similar presentations
NISTs Role in Securing Health Information AMA-IEEE Medical Technology Conference on Individualized Healthcare Kevin Stine, Information Security Specialist.
Advertisements

Roadmap for Sourcing Decision Review Board (DRB)
State of Indiana Business One Stop (BOS) Program Roadmap Updated June 6, 2013 RFI ATTACHMENT D.
ELTSS Alignment to Nationwide Interoperability Roadmap DRAFT: For Stakeholder Consideration in response to public comment.
Course: e-Governance Project Lifecycle Day 1
NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.
© 2009 The MITRE Corporation. All rights Reserved. Evolutionary Strategies for the Development of a SOA-Enabled USMC Enterprise Mohamed Hussein, Ph.D.
Advanced Health Models and Meaningful Use Workgroup: Roadmap Charge Overview Paul Tang, chair Joe Kimura, co-chair.
BENEFITS OF SUCCESSFUL IT MODERNIZATION
Strategy 2022: A Holistic View Tony Hayes International President ISACA © 2012, ISACA. All rights reserved.
CLOUD COMPUTING AN OVERVIEW & QUALITY OF SERVICE Hamzeh Khazaei University of Manitoba Department of Computer Science Jan 28, 2010.
SmartER Semantic Cloud Sevices Karuna P Joshi University of Maryland, Baltimore County Advisors: Dr. Tim Finin, Dr. Yelena Yesha.
Priority Project Update PSSD-CIO Joint Council Meeting Lac Carling, May 28, 2003 Service Delivery to Business and Mapping.
Annie W. Sokol, IT Specialist, NIST
The topics addressed in this briefing include:
1 Accelerating Standards for the Smart Grid David Wollman National Institute of Standards and Technology
NIST Cloud Computing Program Current Activities
Standards for Shared ICT Jeju, 13 – 16 May 2013 Gale Lightfoot Senior Staff Program Manager, Office of the CTO, SPB Cisco ATIS Cybersecurity Standards.
Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order “Improving Critical Infrastructure Cybersecurity”
NIST Information Technology Laboratory Cloud Computing Program NIST Cloud Computing Program Current Activities Robert Bohn OASIS – International Cloud.
Information Technology Laboratory Cloud Computing Program Beyond the Definition – Categorizing & Classifying Cloud Services using the Collaboratively Developed.
NGAC Interagency Data Sharing and Collaboration Spotlight Session: Best Practices and Lessons Learned Robert F. Austin, PhD, GISP Washington, DC March.
Sai-innovations.com. Why we care about IA Review of Information Management statistics published by Gartner shows  Information is doubling every 2 years.
US NITRD LSN-MAGIC Coordinating Team – Organization and Goals Richard Carlson NGNS Program Manager, Research Division, Office of Advanced Scientific Computing.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
National Institute of Standards and Technology Information Technology Laboratory 1 USG Cloud Computing Technology Roadmap Highlights NIST Cloud Computing.
Update on the U.S. Climate Change Science Program UN Framework Convention on Climate Change Subsidiary Body Meeting June 21, 2004 Linda V. Moodie Senior.
The Challenge of IT-Business Alignment
Using Business Scenarios for Active Loss Prevention Terry Blevins t
Clean, Green, and on the Same Team! How Economic and Workforce Development are Partnering to Serve an Emerging Regional Industry.
Copyright © 2004 by The Web Services Interoperability Organization (WS-I). All Rights Reserved 1 Interoperability: Ensuring the Success of Web Services.
EHR System (EHR-S) Functional Requirements Implementation Guide: Laboratory Results Interface (LRI) Kickoff March 3 rd,
Promoting Web Services Interoperability Across Platforms, Applications and Programming Languages Basic Profile 1.0 August 12, 2003 Copyright © 2003 by.
DRAFT – For Discussion Only HHSC IT Governance Executive Briefing Materials DRAFT April 2013.
NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY 1 Integrated Enterprise-wide Risk Management Protecting Critical Information Assets and Records FIRM Forum.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All SMART GRID ICT: SECURITY, INTEROPERABILITY & NEXT STEPS John O’Neill, Senior Project Manager CSA.
National Institute of Standards and Technology Information Technology Laboratory 1 USG Cloud Computing Technology Roadmap Next Steps NIST Mission: To promote.
Disaster Recover Planning & Federal Information Systems Management Act Requirements December 2007 Central Maryland ISACA Chapter.
Geneva, Switzerland, April 2012 Introduction to session 7 - “Advancing e-health standards: Roles and responsibilities of stakeholders” ​ Marco Carugi.
WP8– Governance Models Jurry de la Mar T-Systems – 26 June 2014.
FEA DRM Management Strategy Presented by : Mary McCaffery, US EPA.
BEYOND MKUKUTA FRAMEWORK: Monitoring and Evaluation, Communication and Implementation Guide Presentation to the DPG Meeting 18 th January, 2011.
NIST / URAC / WEDi Health Care Security Workgroup Presented by: Andrew Melczer, Ph.D. Illinois State Medical Society.
Interoperability Standards and Next Generation Interconnectivity Pankaj Batra Chief (Engineering) CERC.
Chapter 3 Strategic Information Systems Planning.
The FEA Data Reference Model V2.0 Michael C. Daconta, DRM Working Group Lead Susan Turnbull, AIC Representative Mary McCaffery, FEA PMO Representative.
Business Analysis. Business Analysis Concepts Enterprise Analysis ► Identify business opportunities ► Understand the business strategy ► Identify Business.
DOCUMENT #:GSC15-PLEN-82r2 FOR:Presentation SOURCE:ATIS AGENDA ITEM: PLEN 6.14 CONTACT(S): Andrew White ATIS’
NIST HIPAA Security Rule Toolkit Kevin Stine Computer Security Division Information Technology Laboratory National Institute of Standards and Technology.
NSDI Strategic Plan Update National Geospatial Advisory Committee Meeting December 11, 2013.
Daniel Field, Atos Spain Towards the European Open Science Cloud, Heidelberg, 20/01/2016.
Presented by Eliot Christian, USGS Accessibility, usability, and preservation of government information (Section 207 of the E-Government Act) April 28,
CYSSC - Cluster 2.0 Partner Management Final Deliverable High Sensitivity Sep 2, 2011 Cluster 2.0 Project Team.
The FEA Data Reference Model V1.5 Michael C. Daconta, DRM Working Group Lead Susan Turnbull, AIC Representative Mary McCaffery, FEA PMO Representative.
19-20 October 2010 IT Directors’ Group meeting 1 Item 6 of the agenda ISA programme Pascal JACQUES Unit B2 - Methodology/Research Local Informatics Security.
1 Industry Advisory Council’s Enterprise Architecture Shared Interest Group (IAC EA SIG) Collaborative Approach to Addressing Common Government- Industry.
INTRODUCTION TO CLOUD COMPUTING. CLOUD  The expression cloud is commonly used in science to describe a large agglomeration of objects that visually appear.
Capacity Building in: GEO Strategic Plan 2016 – 2025 and Work Programme 2016 Andiswa Mlisa GEO Secretariat Workshop on Capacity Building and Developing.
Industry Views on the Current and Future Cloud Computing Adoption and Next Steps David LeDuc - June 6, 2012.
THE VALUE (SUPPLY) CHAIN STRETCHES FROM THE BEGINNING OF YOUR SUPPLIER’S SUPPLY CHAIN THROUGH ALL OF YOUR PROCESSES THAT CREATE VALUE FOR YOUR CUSTOMERS.
Considerations for a Modern Distribution Grid
Data Architecture World Class Operations - Impact Workshop.
Next Generation Distribution System Platform (DSPx)
Cloud computing is meant to provide better utilization of computing resources, scalability,backups and reliability through the use of multiple sites proving.
TSMO Program Plan Development
Understanding what is the Phytosanitary Capacity Evaluation (PCE)
Cybersecurity ATD technical
Vijay Rachamadugu and David Snyder September 7, 2006
Employee engagement Delivery guide
MODULE 11: Creating a TSMO Program Plan
Presentation transcript:

NIST Cloud Computing Program 1 NIST Cloud Computing Program - Highlights & Next Steps NIST Mission: To promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life ©Robert Rathe Secure Cloud 2012, May 10, 2012 Robert Bohn, Cloud Computing Program Manager

NIST Cloud Computing Program 2 2 Accelerate the federal government’s adoption of cloud computing* –Build a USG Cloud Computing Technology Roadmap which focuses on the highest priority USG cloud computing security, interoperability and portability requirements –Lead efforts to develop standards and guidelines in close consultation and collaboration with standards bodies, the private sector, and other stakeholders Unchanged: NIST Cloud Computing Program Goal… * REF

NIST Cloud Computing Program 3 3 May 2010 Nov 2010 STRATEGICSTRATEGIC NIST CC Definition Tactical efforts Outreach & Fact finding with USG, Industry, SDOs Evaluate past models & lessons learned Define fresh approach to support secure & effective USG cloud computing adoption, prioritize interoperability, portability, & security requirements, collaborate, more quickly respond to operational needs Launch CC Strategic Program Initiate Stakeholder Meetings Collaboratively define working group scope & resources Refine Plan April 2011 Execute CC Strategic program Continue Stakeholder meetings Integrate results into tactical priorities NIST CC Forum & Workshop I NIST CC Forum & Workshop II NIST CC Forum & Workshop III Nov 2011 NIST CC Forum & Workshop IV Complete 1 st draft Interagency Report Assess Results & Replan USG Cloud Computing Technology Roadmap USG Cloud Computing Technology Roadmap REVISITING NIST CLOUD COMPUTING PROGRAM (PHASE 1)… INITIATIVE TO BUILD A USG CLOUD COMPUTING TECHNOLOGY ROADMAP How to build a USG Cloud Computing Technology Roadmap 1. Define Target USG Cloud Computing Use Cases 2. Define Neutral Cloud Computing Reference Architecture & Taxonomy 3. Generate Roadmap – Translate Requirements & Identify Gaps

NIST Cloud Computing Program 4 4 USG Cloud Computing Technology Roadmap requirements* - high priorities to further USG Cloud Computing Technology Adoption: Requirement 1: International voluntary consensus based interoperability, portability and security standards Requirement 2: Solutions for high priority Security Requirements Requirement 3: Technical specifications to enable development of consistent, high quality Service Level Agreements Requirement 4: Clearly and consistently categorized cloud services Requirement 5: Frameworks to support seamless implementation of federated community cloud environments Requirement 6: Technical security solutions which are de- coupled from organizational policy decisions Requirement 7: Defined unique government regulatory requirements, technology gaps, and solutions Requirement 8: Collaborative parallel strategic “future cloud” development initiatives Requirement 9: Defined and implemented reliability design goals Requirement 10: Defined and implemented cloud service metrics * relationship to interoperability, portability, and security guidance, standards, & technology highlighted in roadmap Volume I - Highlights

NIST Cloud Computing Program 5 Volume II - Highlights

NIST Cloud Computing Program 6 How to build a USG Cloud Computing Technology Roadmap 1. Define Target USG Cloud Computing Business Use Cases 2. REFINE & APPLY Neutral CC Reference Architecture & Taxonomy 3. UPDATE Cloud Computing Technology Roadmap – Translate Requirements & Identify Gaps priorities risks obstacles Vendors map services Strategic Program (continue phase 1 activities and…) NIST Tactical Program USG Cloud Computing Technology Roadmap USG Cloud Computing Technology Roadmap... leverage Priority Action Plans (PAPs) selected for self-tasking by Cloud Stakeholder Community Assess & Track: USG CC High Priority Requirements met by Priority Action Plans (self-tasked by NIST and other CC stakeholders) Rqmt 1: International consensus interoperability, security, portability standards Rqmt 2: Solutions for High Priority Security requirements Rqmt 3: Technical Specifications to enable high quality SLAs ……. Rqmt 10: Defined and Implemented cloud service metrics Integrate results into tactical priorities Measure Results We have practical opportunities to leverage our efforts … one is identifying complementary efforts the NIST Roadmap refers to as Priority Action Plans

NIST Cloud Computing Program 7 7 Recommended Priority Action Plans are tactical as well as strategic Examples of Priority Action Plans & interim solutions to apply while cloud solutions are maturing USG Cloud Computing Technology Roadmap requirements - high priorities to further USG Cloud Computing Technology Adoption: Requirement 1: International voluntary consensus based interoperability, portability and security standards (interoperability, portability, and security standards) Requirement 2: Solutions for high priority Security Requirements (security technology) Requirement 3: Technical specifications to enable development of consistent, high quality Service Level Agreements (interoperability, portability, and security standards and guidance) Requirement 4: Clearly and consistently categorized cloud services (interoperability and portability guidance and technology) Requirement 5: Frameworks to support seamless implementation of federated community cloud environments (interoperability and portability guidance and technology) Requirement 6: Technical security solutions which are de-coupled from organizational policy decisions (security guidance, standards and technology) Requirement 7: Defined unique government regulatory requirements, technology gaps, and solutions (interoperability, portability and security technology) Requirement 8: Collaborative parallel strategic “future cloud” development initiatives (interoperability, portability, and security technology) Requirement 9: Defined and implemented reliability design goals (interoperability, portability, and security technology) Requirement 10: Defined and implemented cloud service metrics (interoperability and portability standards) Encourage standards & compensate with Service Level Agreements to require demonstration of data/system portability between providers Request that cloud service vendors map their offerings to a common reference (i.e. NIST Reference Architecture) so that it is easier to compare services Define unique USG/mission/sector/business Requirements (e.g. 508 compliance, e-discovery, record retention )

NIST Cloud Computing Program 8 NIST COMPUTING PROGRAM TIMELINE (PHASE 2) June 2012 STRATEGICSTRATEGIC NIST Cloud Computing Special Pubs Guidelines on Security and Privacy …… Definition of Cloud Computing ………… CC Synopsis & Recommendations…… CC Standards Roadmap ………………… CC Reference Architecture…………… USG CC Technology Roadmap Draft Tactical efforts Public & Federal Standards & Technology working groups Initiate NIST CC Program Phase II Integrate & track USG Technology Roadmap Priority Action Plans (PAPs) with external stakeholders Integrate results into tactical priorities Measure Results Nov 2011 NIST CC Forum & Workshop IV NIST CC Forum & Workshop V Nov 2012 NIST CC Forum & Workshop VI Re-Assess Progress & Phase 2 Plan Standards liaison, FedRamp & other technical advisory, Guidance, Koala USG Cloud Computing Technology Roadmap Version 2 USG Cloud Computing Technology Roadmap Version 2 Analyze Phase 1 working group & project results Complete 1 st draft for public comment USG Cloud Computing Technology Roadmap Version 1 SP USG Cloud Computing Technology Roadmap Version 1 SP Planned NIST Cloud Computing Special Pubs Challenging Security Requirements for US Government CC Adoption Revised USG CC Technology Roadmap Vol I High-priority requirements to Further USG Agency CC Adoption 2.Vol II Useful Information for Cloud Adopters 3.Draft Vol. III Technical Considerations for USG CC Deployment Decisions

NIST Cloud Computing Program Goals for RA/Tax Public WG Goal 1 - Requirement 3: Address “Technical Specifications for High-Quality Service-Level Agreements” Goal 2 - Requirement 5: Address “Frameworks to Support Federated Community Clouds”. Goal 3 - Requirement 10: Address “Defined & Implemented Cloud Service Metrics”. Goal 4 -Advanced Actor Analysis - To further the discussion on the roles of and interactions of cloud computing actors (consumer/auditor/broker/carrier). Goal 5 - Develop an in-depth study on security and RA mapping. (Collaborative with CC Security WG) 9

NIST Cloud Computing Program GOAL 1: R3 - Technical Specifications for High-Quality Service-Level Agreements & PAPs Cloud SLAs represent a negotiated service contract between two parties that specifies what cloud service will be provided to the customer. This requirement must be met to ensure: – key elements required for cloud services (warranties, guarantees, performance metrics, etc.) are not left out of the SLA and therefore rendered unenforceable, – common terms and definitions are used within the SLAs to avoid costly misunderstandings between parties, – to create an environment which allows agencies to objectively compare competing services. 10 Develop a controlled and standardized vocabulary of cloud SLA terms and definitions. Ensure consistency in guidance and policy regarding SLA relevant terms and definitions. Develop a cloud SLA Taxonomy to ensure the complete specification of key cloud computing elements that need to appear in an SLA periodically PAPs

NIST Cloud Computing Program Draft Master Service Taxonomy

NIST Cloud Computing Program Draft SLA Cloud SLA Taxonomy

NIST Cloud Computing Program GOAL 2: R5- Frameworks to Support Federated Community Clouds & PAPs The case in which a Community Cloud deployment is not implemented in an environment (private/public cloud) that accommodates the entire community, there is a need to define and implement mechanisms to support the governance and processes that enable federation and interoperability between different cloud service provider environments to form a general or mission-specific federated Community Cloud. PAPs 13 Define federated Community cloud requirements and scenarios Identify how Hybrid Cloud and Cloud Broker elements described in the cloud Reference Architecture can be leveraged and harmonized Present analysis of GRID communities’ applicability to federated cloud communities, including technology, trust infrastructure, & governance All stakeholders -- assess Intercloud efforts (e.g., Standards Developing Organizations) for applicability NEW: Document current usage patterns and projected near-term trends in grid and cloud architectures with attention to tools used for effective support of federated user communities.

NIST Cloud Computing Program GOAL 2: R5- Current Activities Developing SOW, project plans Invitation to the Grid communities to participate Collaboration Tools: Supplemental Wiki. Identify, assemble and make available prior Grid community documents 14

NIST Cloud Computing Program GOAL 3: R10 - Defined & Implemented Cloud Service Metrics & PAPs In utility industries, the notion of units of measurement is fundamental to buying and selling service. However, in the case of cloud computing service delivery, which uses a utility model, IT resources are supplied as abstracted services, often characterized as Infrastructure as a Service or Platform as a Service. Abstracted services can be set to run fast or slow, to be small or large, and to be as reliable as desired (subject to underlying technology constraints). Service consumers pay for a “quantity” and a "quality" of the service, which is metered by a cloud computing system. Consumers need to be able to precisely specify and receive services. PAPs 15 Specify and Standardize the Units of Measurement for cloud services, seeking public comment and collaboration In parallel, incorporate Cloud Service Units of Measurement consistently in Service-Level Agreements

NIST Cloud Computing Program GOAL 3: R10 - Areas of Concentration & Deliverables Areas of Concentration Specify and normalize a small set of existing units of measurement for cloud services Define the cloud service measurement space, need atomic service units. The integration of normalized Units of Measurement for cloud services to SLAs. Deliverables Draft specification of the cloud service measurement space. Template for listing and organizing Cloud Services Units of Measurement. List of non-exhaustive Cloud Services Units of Measurement (existing or new) and normalization methods. Report of study of Units of Measurement successfully defined and used for the IT industry (i.e. network, storage, database etc...) List of Cloud Services Units of Measurement relevant for SLAs. 16

NIST Cloud Computing Program GOAL 4: Advanced Actor Analysis The current NIST Reference Architecture document is very focused on the roles and responsibilities of the cloud provider. The four other roles were not studied to a similar depth. Therefore, inclusions of a fuller description of their responsibilities and the activities/functions they will perform is necessary to attain a more complete description in the NIST RA. For example, cloud carrier may provide additional services that are needed by the Cloud Consumer and Cloud Provider. Milestones Expansion of Cloud Consumer / Auditor / Broker Roles & Responsibilities 2/2012 Generate the relevant definitions3/2012 Discussion of actor interactions4/2012 Deliverables Analysis document5/

NIST Cloud Computing Program GOAL 5: Security RA that supplements NIST RA (Collaborative with CC Security WG) Develop a Security RA that supplements the NIST RA. The approach - leverage on the CSA’s Reference Architecture to design a Security Reference Architecture for Cloud Computing. Public IaaS – initial exercise Milestones INITIAL DRAFT:4/2012 INTERNAL REVIEW5/2012 ADDRESS COMMENTS & PUBLIC DRAFT6/ 2012 PUBLIC REVIEW7/ 2012 PROCESS & ADDRESS COMMENTS8/ 2012 FINAL DOCUMENT9/ 2012 Deliverables Internal draft4/2012 Public draft6/2012 Final document9/

NIST Cloud Computing Program 19 NIST invites you to collaborate with us on Cloud Computing! US Federal Cloud Computing references: Public NIST cloud web site: Cloud Computing Forum & Workshop V: June 5-7, 2012: Washington, DC Contacts: Dawn Leaf: Senior Executive for Cloud Computing Robert Bohn: Cloud Computing Program Manager United States Department of Commerce National Institute of Standards and Technology Information Technology Laboratory 100 Bureau Drive Stop 2000 Gaithersburg, MD Tel: (301) ,

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.