Presentation is loading. Please wait.

Presentation is loading. Please wait.

Annie W. Sokol, IT Specialist, NIST

Published byAugustus Gardner Modified over 9 years ago

Similar presentations

Presentation on theme: "Annie W. Sokol, IT Specialist, NIST"— Presentation transcript:

1 Annie W. Sokol, IT Specialist, NIST Annie.sokol@nist.gov
ITU Workshop on “Cloud Computing Standards – Today and the Future” (Geneva, Switzerland 14 November 2014) National Institute of Standards and Technology (NIST) CLOUD COMPUTING PROGRAM Annie W. Sokol, IT Specialist, NIST Geneva, Switzerland, 14 November 2014

2 Overview of NIST Cloud Computing Program
Federal Cloud Computing Strategy NIST Cloud Program Launch & Objectives Federal Cloud Computing Technology Roadmap NIST Focus

3 Federal IT Strategies

4 Federal Cloud Computing Strategy
US IT Budget ~ $80B/year: Savings ~25% Move existing apps to cloud when possible Select – Provision – Manage 3 main agencies GSA – Procurement (FedRAMP) DHS – Operational Security NIST – Standards

5 Select – Provision - Manage

6 Why NIST? US government agencies need Cloud Computing standards & guidance to accelerate effective adoption Private sector and U.S. government agencies must work together to identify highest priority USG Cloud Computing requirements & gaps Neutral, objective entity is instrumental in encouraging innovation and “a level playing field” for U.S. industry 6

7 Program Goal To accelerate the federal government’s adoption of cloud computing Build a USG Cloud Computing Technology Roadmap which focuses on the highest priority USG cloud computing security, interoperability and portability requirements Lead efforts to develop standards and guidelines in close consultation and collaboration with standards bodies, the private sector, and other stakeholders

8 NIST Cloud Computing Program
PHASE I Launch & Objectives Standards, Workshops, Architecture PHASE II Future Architecture Activities

9 Building the NIST Cloud Computing Technology Roadmap
priorities risks obstacles Define Target USG Cloud Computing Use Cases Define Neutral Cloud Computing Reference Architecture & Taxonomy Cloud Computing Standards & Technology Roadmap Translate Requirements Identify Gaps Expand CC defn, ref. arch. Business Use Cases Standards SAJACC Security Ref Arch & Tax Public Working Groups

10 SP 500-293 USG Cloud Computing Roadmaps – Volume I & II
Use collaboration through public working groups to validate findings Core Elements: Prioritized strategic and tactical requirements that must be met for USG agencies to further cloud adoption; Interoperability, portability, and security standards, guidelines, and technology needed to satisfy these requirements; Recommended list of Priority Action Plans (PAPs) -- candidates for voluntary self-tasking by the stakeholder community.

11 SP 500-293 Volume I Roadmap Requirements Priority Action Plans (PAPs)
International voluntary consensus-based standards* Solutions for High-priority Security Requirements, technically de-coupled from organizational policy decisions Technical specifications to enable development of consistent, high-quality Service-Level Agreements * Clearly and consistently categorized cloud services* Frameworks to support seamless implementation of federated community cloud environments* Updated Organization Policy that reflects the Cloud Computing Business and Technology model Defined unique government regulatory requirements and solutions* Collaborative parallel strategic “future cloud” development initiatives* Defined and implemented reliability design goals* Defined and implemented cloud service metrics* * (Interoperability, portability and security technology)

12 SP 500-293 USG Cloud Computing Roadmap – Volume II
Reference Architecture & Taxonomy Recommend Industry Mapping so that USG agencies & others can more easily and consistently compare cloud services In parallel, support formal standards development process leveraging the reference architecture Standards Provide avenue for USG agency engagement Continue standards roadmap Target Business Use Cases & SAJACC Expand initial use case set & use SAJACC to identify gaps Security leverage working groups to finalize special publication focusing on challenging security requirements Continue technical advisor role – e.g. FedRAMP, continuous monitoring, conformity assessment system Useful information for Cloud Adopters Summary of the work completed Analysis supports: high priority requirements introduced in Volume I References to detailed publications and external work

13 Status Phase I (COMPLETED) Reference Architecture & Taxonomy Security Reference Architecture Descriptions of Cloud Broker Standards Inventory Phase II (On-going) Future Architecture Activities

14 Current Cloud Focus Areas
Refinement Actors Services Architecture Service level agreements Metrics Interoperability and Portability Federation

15 Future Outlook The convenience of reliable, trusted and measureable cloud services become a foundational element of the global economy. These services, constructed with open standards and metric based building blocks, form the basis for a collection of interconnected clouds to: facilitate world-wide collaboration & shared knowledge drive innovation provide positive environmental and economic impacts

16 Contacts Dr. Abdella Battou abdella.battou@nist.gov
Dr. Robert Bohn Lisa Carnahan John Messina Dr. Michaela Iorga Annie Sokol Mike Hogan Eric Simmon Frederic de Vaulx CC Lead/ANTD Chief Program Manager Conformity Assessment RA/Tax Security Standards SLA/Standards Metrics NIST ITL Cloud Computing Home Page NIST Cloud Computing Collaboration Site (twiki)

17 Additional References
Geneva, Switzerland, 14 November 2014

18 Why Standards Highlights of a study by DIN (German Standards Institute) and the German Federal Ministry of Economic Affairs and Technology (IEEE Think Standards, ) Standards contribute more to economic growth than patents and licenses Standards play a strategic significance to companies Companies that participate actively in standards work have a head start on their competitors in adapting to market demands Research risks and development costs are reduced for companies contributing to the standardization process Business that are actively involved in standards work more frequency reap short and long term benefits with regard to costs and competitive status than those who do not participate Participating in standards development enables one to anticipate technology standardization thereby facilitating one’s products progress simultaneously with technology Standards are a positive stimulus for innovation

19 NIST Publications relating to Cloud Computing
NIST Special Publication , Guidelines on Security and Privacy in Public Cloud Computing, December 2011 NIST Special Publication , NIST Definition of Cloud Computing, September 2011 NIST Special Publication , Cloud Computing Synopsis and Recommendations, May 2012 NIST Special Publication , NIST Cloud Computing Standards Roadmap, July 2011 NIST Special Publication , NIST Cloud Computing Reference Architecture, September 2011 NIST Special Publication , NIST Cloud Computing Security Reference Architecture (Draft)

Download ppt "Annie W. Sokol, IT Specialist, NIST"

Similar presentations

What is Business Architecture?. Overview Agility matters today more than yesterday Previous methods for managing change were designed for the needs of.

What is Business Architecture?. Overview Agility matters today more than yesterday Previous methods for managing change were designed for the needs of.
GIS Executive Council and Advisory Committee Update November 2010.

GIS Executive Council and Advisory Committee Update November 2010.
G20 Training Strategy Bridging Education, Training, and Decent Work

G20 Training Strategy Bridging Education, Training, and Decent Work
Roadmap for Sourcing Decision Review Board (DRB)

Roadmap for Sourcing Decision Review Board (DRB)
State Staff Development and Training Team January 2012.

State Staff Development and Training Team January 2012.
Business Architecture

Business Architecture
NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.

NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.
NIST Cloud Computing Program 1 NIST Cloud Computing Program - Highlights & Next Steps NIST Mission: To promote U.S. innovation and industrial competitiveness.

NIST Cloud Computing Program 1 NIST Cloud Computing Program - Highlights & Next Steps NIST Mission: To promote U.S. innovation and industrial competitiveness.
Federal Risk and Authorization Management Program (FedRAMP) Lisa Carnahan, Computer Scientist National Institute of Standards & Technology Standards Coordination.

Federal Risk and Authorization Management Program (FedRAMP) Lisa Carnahan, Computer Scientist National Institute of Standards & Technology Standards Coordination.
Advancing Alternative Energy Technologies Glenn MacDonell Director, Energy Industry Canada Workshop on Alternatives to Conventional Generation Technologies.

Advancing Alternative Energy Technologies Glenn MacDonell Director, Energy Industry Canada Workshop on Alternatives to Conventional Generation Technologies.
Procurement: A Whole of Government Approach Building capability and driving performance across government Workshop for Crown entity Monitoring Departments.

Procurement: A Whole of Government Approach Building capability and driving performance across government Workshop for Crown entity Monitoring Departments.
Strategy 2022: A Holistic View Tony Hayes International President ISACA 2013-2014 © 2012, ISACA. All rights reserved.

Strategy 2022: A Holistic View Tony Hayes International President ISACA © 2012, ISACA. All rights reserved.
Systems Engineering in a System of Systems Context

Systems Engineering in a System of Systems Context
Corporate Responsibility Index 14 April Athens A tool for improving management of and performance in corporate responsibility.

Corporate Responsibility Index 14 April Athens A tool for improving management of and performance in corporate responsibility.
A Tour of Federated Clouds Robert Bohn, PhD Advanced Network Technologies Division GEOSS 25 March 2015 Norfolk, VA.

A Tour of Federated Clouds Robert Bohn, PhD Advanced Network Technologies Division GEOSS 25 March 2015 Norfolk, VA.
The topics addressed in this briefing include:

The topics addressed in this briefing include:
Eurasian Corporate Governance Roundtable

Eurasian Corporate Governance Roundtable
NIST Cloud Computing Program Current Activities

NIST Cloud Computing Program Current Activities
GTM for Product Leaders Project Overview A project that guides product leaders and their teams in developing a successful go-to-market strategy.

GTM for Product Leaders Project Overview A project that guides product leaders and their teams in developing a successful go-to-market strategy.
Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order 13636 “Improving Critical Infrastructure Cybersecurity”

Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order “Improving Critical Infrastructure Cybersecurity”

Similar presentations

Ads by Google