Annie W. Sokol, IT Specialist, NIST

Slides:

Advertisements

Similar presentations

What is Business Architecture?. Overview Agility matters today more than yesterday Previous methods for managing change were designed for the needs of.

Advertisements

GIS Executive Council and Advisory Committee Update November 2010.

G20 Training Strategy Bridging Education, Training, and Decent Work

Roadmap for Sourcing Decision Review Board (DRB)

State Staff Development and Training Team January 2012.

Business Architecture

NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.

NIST Cloud Computing Program 1 NIST Cloud Computing Program - Highlights & Next Steps NIST Mission: To promote U.S. innovation and industrial competitiveness.

Federal Risk and Authorization Management Program (FedRAMP) Lisa Carnahan, Computer Scientist National Institute of Standards & Technology Standards Coordination.

Advancing Alternative Energy Technologies Glenn MacDonell Director, Energy Industry Canada Workshop on Alternatives to Conventional Generation Technologies.

Procurement: A Whole of Government Approach Building capability and driving performance across government Workshop for Crown entity Monitoring Departments.

Strategy 2022: A Holistic View Tony Hayes International President ISACA © 2012, ISACA. All rights reserved.

Systems Engineering in a System of Systems Context

Corporate Responsibility Index 14 April Athens A tool for improving management of and performance in corporate responsibility.

A Tour of Federated Clouds Robert Bohn, PhD Advanced Network Technologies Division GEOSS 25 March 2015 Norfolk, VA.

The topics addressed in this briefing include:

Eurasian Corporate Governance Roundtable

NIST Cloud Computing Program Current Activities

GTM for Product Leaders Project Overview A project that guides product leaders and their teams in developing a successful go-to-market strategy.

Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order “Improving Critical Infrastructure Cybersecurity”

The Knowledge Resources Guide The SUVOT Project Sustainable and Vocational Tourism Rimini, 20 October 2005.

" ICT SUPPORT FOR UNIVERSALISATION OF SECONDARY EDUCATION“ Ashish Garg Asia Regional Coordinator Global eSchools and Communities Initiative 27 th May 2009,

CROSS-CUTTING PAPER FOR DISCUSSION AT MDBS ANNUAL REVIEW MAY 17, PRESENTED BY THE PUBLIC SECTOR REFORM (PSR) SECTOR GROUP PUBLIC SECTOR MANAGEMENT.

National Institute of Standards and Technology Information Technology Laboratory 1 USG Cloud Computing Technology Roadmap Highlights NIST Cloud Computing.

Campaign Readiness Project Overview Enabling a structured, scalable approach to customer-centric campaigns.

Summary of the U.S. Task Force on United Way’s Economic Model & Growth.

LOGO PROJECT HerO Project Meeting in Liverpool Presentation of ‘Road Maps’ John Hinchliffe, City of Liverpool 16th-17th July 2009.

December 14, 2011/Office of the NIH CIO Operational Analysis – What Does It Mean To The Project Manager? NIH Project Management Community of Excellence.

Sustainable Product Innovation Project UNEP’s Policy Component On behalf of UNEP Tran Van Nhan Asc. Prof., Ph.D Director Vietnam Cleaner Production Centre.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All SMART GRID ICT: SECURITY, INTEROPERABILITY & NEXT STEPS John O’Neill, Senior Project Manager CSA.

National Institute of Standards and Technology Information Technology Laboratory 1 USG Cloud Computing Technology Roadmap Next Steps NIST Mission: To promote.

Disaster Recover Planning & Federal Information Systems Management Act Requirements December 2007 Central Maryland ISACA Chapter.

Geneva, Switzerland, April 2012 Introduction to session 7 - “Advancing e-health standards: Roles and responsibilities of stakeholders” Marco Carugi.

April_2010 Partnering initiatives at country level Proposed partnering process to build a national stop tuberculosis (TB) partnership.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Cloud Computing in TTC Kazunori MATSUO, TTC Cloud Computing Advisory Group Document No: GSC16-PLEN-17.

Pilot Projects on Strengthening Inventory Development and Risk Management-Decision Making for Mercury: A Contribution to the Global Mercury Partnership.

BEYOND MKUKUTA FRAMEWORK: Monitoring and Evaluation, Communication and Implementation Guide Presentation to the DPG Meeting 18 th January, 2011.

Introducing… the Sustainable Energy 4 All Action Accelerator! Adam Cooper Senior Manager, Accenture Sustainability Services United Nations Global Compact.

Analysing climate change policy and institutions in Saint Lucia and Trinidad and Tobago: Piloting a Caribbean process Key findings from the Coastal Zone.

UNEP Collaborating Centre on Energy and Environment CD for CDM - Phase 1 - First National Workshop, Egypt December Capacity Development for.

Interoperability Standards and Next Generation Interconnectivity Pankaj Batra Chief (Engineering) CERC.

EGovOS Panel Discussion CIO Council Architecture & Infrastructure Committee Subcommittee Co-Chairs March 15, 2004.

Strategies for Knowledge Management Success SCP Best Practices Showcase March 18, 2004.

1 Possible elements for the EGTT future programme of work on technologies for adaptation Mr. Jukka Uosukainen Chair Expert Group on Technology Transfer.

Update on work of IUCN Council Private Sector Task Force Diana Shand Regional Councillor and Chair of Private Sector Task Force The International Union.

September 8, 2015 Update Housing Committee September 8, 2015 Neighborhood Revitalization Plan for Dallas.

FAO Turkey Partnership Programme (FTPP) FAO Final Evaluation of the FTPP Summary for FTPP Programming Meeting, 14 December

12-CRS-0106 REVISED 8 FEB 2013 APO (Align, Plan and Organise)

Virginia Office of Public-Private Partnerships (VAP3) Adopted Public-Private Transportation Act (PPTA) enabling legislation in 1995 Public-Private Education.

1COPANT BSG/ Date: International Organization for Standardization.

Amman October 1-2, 2003 Presentation Evolution of Saudi Telecom During Sector Reform 3 rd Annual Private Sector Cooperation Meeting in the Arab Region.

CDP-GIZ research project – Paris Workshop Gesellschaft für internationale Zusammenarbeit GmbH André Lammerding, Head of Programme International Water Stewardship.

Driving Value from IT Services using ITIL and COBIT 5 July 24, 2013 Gary Hardy ITWinners.

Update from the United States Standards and Conformity Assessment Work in the Sub Committee on Standards and Conformance.

Presenter:- Mrs. Josette Maxwell-Dalsou Chief Economist Economic Planning Ministry of Finance, Economic Affairs and National Development.

Economics of Policing Shared Forward Agenda Economics of Policing Shared Forward Agenda.

Capacity Building in: GEO Strategic Plan 2016 – 2025 and Work Programme 2016 Andiswa Mlisa GEO Secretariat Workshop on Capacity Building and Developing.

Industry Views on the Current and Future Cloud Computing Adoption and Next Steps David LeDuc - June 6, 2012.

Improving the Garment Sector in Lao PDR:

Data Architecture World Class Operations - Impact Workshop.

EERA e3s and Energy Consumers

Identify the Risk of Not Doing BA

Kazunori MATSUO, TTC Cloud Computing Advisory Group

Standards for success in city IT and construction projects

Understanding what is the Phytosanitary Capacity Evaluation (PCE)

Breakout sessions Outcome.

NIST Special Publications

MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further

Collaborative regulation in the digital economy

Presentation transcript:

Annie W. Sokol, IT Specialist, NIST Annie.sokol@nist.gov ITU Workshop on “Cloud Computing Standards – Today and the Future” (Geneva, Switzerland 14 November 2014) National Institute of Standards and Technology (NIST) CLOUD COMPUTING PROGRAM Annie W. Sokol, IT Specialist, NIST Annie.sokol@nist.gov Geneva, Switzerland, 14 November 2014

Overview of NIST Cloud Computing Program Federal Cloud Computing Strategy NIST Cloud Program Launch & Objectives Federal Cloud Computing Technology Roadmap NIST Focus

Federal IT Strategies

Federal Cloud Computing Strategy US IT Budget ~ $80B/year: Savings ~25% Move existing apps to cloud when possible Select – Provision – Manage 3 main agencies GSA – Procurement (FedRAMP) DHS – Operational Security NIST – Standards

Select – Provision - Manage

Why NIST? US government agencies need Cloud Computing standards & guidance to accelerate effective adoption Private sector and U.S. government agencies must work together to identify highest priority USG Cloud Computing requirements & gaps Neutral, objective entity is instrumental in encouraging innovation and “a level playing field” for U.S. industry 6

Program Goal To accelerate the federal government’s adoption of cloud computing Build a USG Cloud Computing Technology Roadmap which focuses on the highest priority USG cloud computing security, interoperability and portability requirements Lead efforts to develop standards and guidelines in close consultation and collaboration with standards bodies, the private sector, and other stakeholders

NIST Cloud Computing Program PHASE I Launch & Objectives Standards, Workshops, Architecture PHASE II Future Architecture Activities

Building the NIST Cloud Computing Technology Roadmap priorities risks obstacles Define Target USG Cloud Computing Use Cases Define Neutral Cloud Computing Reference Architecture & Taxonomy Cloud Computing Standards & Technology Roadmap Translate Requirements Identify Gaps Expand CC defn, ref. arch. Business Use Cases Standards SAJACC Security Ref Arch & Tax Public Working Groups

SP 500-293 USG Cloud Computing Roadmaps – Volume I & II Use collaboration through public working groups to validate findings Core Elements: Prioritized strategic and tactical requirements that must be met for USG agencies to further cloud adoption; Interoperability, portability, and security standards, guidelines, and technology needed to satisfy these requirements; Recommended list of Priority Action Plans (PAPs) -- candidates for voluntary self-tasking by the stakeholder community.

SP 500-293 Volume I Roadmap Requirements Priority Action Plans (PAPs) International voluntary consensus-based standards* Solutions for High-priority Security Requirements, technically de-coupled from organizational policy decisions Technical specifications to enable development of consistent, high-quality Service-Level Agreements * Clearly and consistently categorized cloud services* Frameworks to support seamless implementation of federated community cloud environments* Updated Organization Policy that reflects the Cloud Computing Business and Technology model Defined unique government regulatory requirements and solutions* Collaborative parallel strategic “future cloud” development initiatives* Defined and implemented reliability design goals* Defined and implemented cloud service metrics* * (Interoperability, portability and security technology)

SP 500-293 USG Cloud Computing Roadmap – Volume II Reference Architecture & Taxonomy Recommend Industry Mapping so that USG agencies & others can more easily and consistently compare cloud services In parallel, support formal standards development process leveraging the reference architecture Standards Provide avenue for USG agency engagement Continue standards roadmap Target Business Use Cases & SAJACC Expand initial use case set & use SAJACC to identify gaps Security leverage working groups to finalize special publication focusing on challenging security requirements Continue technical advisor role – e.g. FedRAMP, continuous monitoring, conformity assessment system Useful information for Cloud Adopters Summary of the work completed Analysis supports: high priority requirements introduced in Volume I References to detailed publications and external work

Status Phase I (COMPLETED) Reference Architecture & Taxonomy Security Reference Architecture Descriptions of Cloud Broker Standards Inventory Phase II (On-going) Future Architecture Activities

Current Cloud Focus Areas Refinement Actors Services Architecture Service level agreements Metrics Interoperability and Portability Federation

Future Outlook The convenience of reliable, trusted and measureable cloud services become a foundational element of the global economy. These services, constructed with open standards and metric based building blocks, form the basis for a collection of interconnected clouds to: facilitate world-wide collaboration & shared knowledge drive innovation provide positive environmental and economic impacts

Contacts Dr. Abdella Battou abdella.battou@nist.gov Dr. Robert Bohn robert.bohn@nist.gov Lisa Carnahan lisa.carnahan@nist.gov John Messina john.messina@nist.gov Dr. Michaela Iorga micheala.iorga@nist.gov Annie Sokol annie.sokol@nist.gov Mike Hogan michael.hogan@nist.gov Eric Simmon eric.simmon@nist.gov Frederic de Vaulx frederic.devaulx@nist.gov CC Lead/ANTD Chief Program Manager Conformity Assessment RA/Tax Security Standards SLA/Standards Metrics NIST ITL Cloud Computing Home Page http://www.nist.gov/itl/cloud NIST Cloud Computing Collaboration Site (twiki) http://collaborate.nist.gov/twiki-cloud-computing/bin/view/CloudComputing

Additional References Geneva, Switzerland, 14 November 2014

Why Standards Highlights of a study by DIN (German Standards Institute) and the German Federal Ministry of Economic Affairs and Technology (IEEE Think Standards, http://www.thinkstandards.net/benefits.html ) Standards contribute more to economic growth than patents and licenses Standards play a strategic significance to companies Companies that participate actively in standards work have a head start on their competitors in adapting to market demands Research risks and development costs are reduced for companies contributing to the standardization process Business that are actively involved in standards work more frequency reap short and long term benefits with regard to costs and competitive status than those who do not participate Participating in standards development enables one to anticipate technology standardization thereby facilitating one’s products progress simultaneously with technology Standards are a positive stimulus for innovation

NIST Publications relating to Cloud Computing NIST Special Publication 800-144, Guidelines on Security and Privacy in Public Cloud Computing, December 2011 NIST Special Publication 800-145, NIST Definition of Cloud Computing, September 2011 NIST Special Publication 800-146, Cloud Computing Synopsis and Recommendations, May 2012 NIST Special Publication 500-291, NIST Cloud Computing Standards Roadmap, July 2011 NIST Special Publication 500-292, NIST Cloud Computing Reference Architecture, September 2011 NIST Special Publication 500-299, NIST Cloud Computing Security Reference Architecture (Draft)