SlideShare une entreprise Scribd logo

NIST Cloud Computing Standards

GovCloud Network
GovCloud Network
Technologie
1  sur  11
Télécharger pour lire hors ligne
Perspectives on Cloud Computing and Standards Peter Mell, Tim Grance NIST, Information Technology Laboratory
Standardization and Cloud Computing • Cloud computing is a convergence of many technologies – Some have their own standards • This convergence combined with massively scaled deployments represents “leap-ahead” capabilities • We have a choice – proprietary stovepipe clouds – standards based clouds • Standards will be vital to achieve success • Can’t standardize what you can’t define
A NIST Definition of Cloud Computing • A computing capability where the architecture surrounding massive clusters of computers is abstracted from the applications using it and a software and server framework (usually based on virtualization) provides clients scalable utility computing capabilities to elastically provide many servers for a single software-as-a-service style application or to host many such applications on a few servers.
Foundational Elements of Cloud Computing Architecture Business Models • Web 2.0 • Autonomic System Computing • Software as a Service (SaaS) • Grid Computing • Utility Computing • Platform Virtualization • Service Level • Web Services Agreements • Service Oriented • Open standards, Data Architectures Portability, and • Web application Accessibility frameworks • Open source software
Need for Cloud Computing Standards • Standards for the cloud architecture • Emerging • Cloud interfaces are the key • Leverage autonomic computing, grids, and virtualization? • Standards for cloud applications • Mature technologies but various approaches exist • Software as a service / Utility computing • Service Oriented Architecture • Web Services standards • Web Application frameworks
Enterprise Cloud Infrastructures • The Need – Security and privacy concerns in using 3rd party clouds with sensitive data – Problem of security boundaries and security compliance (e.g., HIPAA, FISMA, SOX) • How should large enterprises create their own clouds? – Which standards should be adopted? – What is the role of open source and proprietary software? – How should one leverage existing data centers (cloud interconnections)? – Can one acquire isolated instances of 3rd party clouds? • Government owned, contractor operated (GOCO) – What is the minimum size needed to make it cost effective to build a cloud?
The Federal Cloud Infrastructure • An idea: The Federal government identifies minimal standards and an architecture to enable agencies to create or purchase interoperable cloud capabilities – Agencies would own cloud instances or ‘nodes’ – Nodes would provide the same software framework for running cloud applications – Nodes would participate in the Federal cloud infrastructure – Federal infrastructure would promote and adopt cloud architecture standards (non-proprietary) – ‘Minimal standards’ refers to the need to ensure node interoperability and application portability without inhibiting innovation and adoption thus limiting the scale of cloud deployments
The Federal Cloud Infrastructure • Benefits – Federal applications could run on any cloud node – Federal applications could migrate between cloud nodes • Contingency planning/disaster recovery • Scalability/elasticity – Centralized and standardized security enforcement and monitoring (intrusions, secure configurations, vulnerabilities, malware) – Interagency billing of resources used will self-optimize growth of cloud nodes • Limits to agencies independently building their own clouds – Lack of the massive scale needed to leverage cloud benefits – Non-interoperable architectures (e.g., no disaster recovery capabilities)
Possible Approaches Moving Forward • Should the U.S. government: – solely use 3rd party clouds (probably just for non- sensitive data) – procure a single USG cloud – procure multiple independent non-interoperable USG clouds – work towards a Federal cloud infrastructure (standards and architecture)
Upcoming Draft NIST Cloud Computing Security Publication • NIST Special Publication to be created in FY09 – Overview of cloud computing – Cloud computing security issues – Securing cloud architectures – Securing cloud applications – Enabling and performing forensics in the cloud – Centralizing security monitoring in a cloud architecture – Obtaining security from 3rd party cloud architectures through service level agreements – Security compliance frameworks and cloud computing (e.g., HIPAA, FISMA, SOX)
Questions? • Peter Mell • Senior Computer Scientist • NIST, Information Technology Laboratory • 301-975-5572 • mell@nist.gov • Tim Grance • Program Manager, Cyber and Network Security Program • NIST, Information Technology Laboratory • 301-975-4242 • grance@nist.gov

Recommandé

Virtualization in cloud computing ppt
Virtualization in cloud computing pptVirtualization in cloud computing ppt
Virtualization in cloud computing pptMehul Patel
 
Cloud architecture
Cloud architectureCloud architecture
Cloud architectureAdeel Javaid
 
Unit 2 -Cloud Computing Architecture
Unit 2 -Cloud Computing ArchitectureUnit 2 -Cloud Computing Architecture
Unit 2 -Cloud Computing ArchitectureMonishaNehkal
 
Lecture5 virtualization
Lecture5 virtualizationLecture5 virtualization
Lecture5 virtualizationhktripathy
 
Cloud Computing Architecture
Cloud Computing ArchitectureCloud Computing Architecture
Cloud Computing ArchitectureAnimesh Chaturvedi
 
Virtualization & cloud computing
Virtualization & cloud computingVirtualization & cloud computing
Virtualization & cloud computingSoumyajit Basu
 
What is Virtualization and its types & Techniques.What is hypervisor and its ...
What is Virtualization and its types & Techniques.What is hypervisor and its ...What is Virtualization and its types & Techniques.What is hypervisor and its ...
What is Virtualization and its types & Techniques.What is hypervisor and its ...Shashi soni
 
Hardware virtualization basic
Hardware virtualization basicHardware virtualization basic
Hardware virtualization basicSanoj Kumar
 

Recommandé

Virtualization in cloud computing ppt
Virtualization in cloud computing pptVirtualization in cloud computing ppt
Virtualization in cloud computing pptMehul Patel
 
Cloud architecture
Cloud architectureCloud architecture
Cloud architectureAdeel Javaid
 
Unit 2 -Cloud Computing Architecture
Unit 2 -Cloud Computing ArchitectureUnit 2 -Cloud Computing Architecture
Unit 2 -Cloud Computing ArchitectureMonishaNehkal
 
Lecture5 virtualization
Lecture5 virtualizationLecture5 virtualization
Lecture5 virtualizationhktripathy
 
Cloud Computing Architecture
Cloud Computing ArchitectureCloud Computing Architecture
Cloud Computing ArchitectureAnimesh Chaturvedi
 
Virtualization & cloud computing
Virtualization & cloud computingVirtualization & cloud computing
Virtualization & cloud computingSoumyajit Basu
 
What is Virtualization and its types & Techniques.What is hypervisor and its ...
What is Virtualization and its types & Techniques.What is hypervisor and its ...What is Virtualization and its types & Techniques.What is hypervisor and its ...
What is Virtualization and its types & Techniques.What is hypervisor and its ...Shashi soni
 
Hardware virtualization basic
Hardware virtualization basicHardware virtualization basic
Hardware virtualization basicSanoj Kumar
 
Virtualization- Cloud Computing
Virtualization- Cloud ComputingVirtualization- Cloud Computing
Virtualization- Cloud ComputingNIKHILKUMAR SHARDOOR
 
Virtualization for Cloud Environment
Virtualization for Cloud EnvironmentVirtualization for Cloud Environment
Virtualization for Cloud EnvironmentDr. Sunil Kr. Pandey
 
The cloud ecosystem
The cloud ecosystemThe cloud ecosystem
The cloud ecosystemBHASKAR CHAUDHURY
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud ComputingAnimesh Chaturvedi
 
Virtualization and its Types
Virtualization and its TypesVirtualization and its Types
Virtualization and its TypesHTS Hosting
 
Layers and types of cloud
Layers and types of cloudLayers and types of cloud
Layers and types of cloudANUSUYA T K
 
Unit 1-Cloud computing Foundation
Unit 1-Cloud computing FoundationUnit 1-Cloud computing Foundation
Unit 1-Cloud computing FoundationMonishaNehkal
 
Types of clouds in cloud computing
Types of clouds in cloud computingTypes of clouds in cloud computing
Types of clouds in cloud computingMahesh Chemmala
 
What is Virtualization
What is VirtualizationWhat is Virtualization
What is VirtualizationDhrupesh Kotadiya
 
Issues in cloud computing
Issues in cloud computingIssues in cloud computing
Issues in cloud computingronak patel
 
Unit 3
Unit 3Unit 3
Unit 3Ravi Kumar
 
Research in Cloud Computing
Research in Cloud ComputingResearch in Cloud Computing
Research in Cloud ComputingRajshri Mohan
 
Cloud computing and Cloudsim
Cloud computing and CloudsimCloud computing and Cloudsim
Cloud computing and CloudsimManash Kumar Mondal
 
Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Mahesh Tibrewal
 
Cloud computing
Cloud computingCloud computing
Cloud computingReetesh Gupta
 
Cloud Computing: Virtualization
Cloud Computing: VirtualizationCloud Computing: Virtualization
Cloud Computing: VirtualizationDr.Neeraj Kumar Pandey
 
Cloud Service Models
Cloud Service ModelsCloud Service Models
Cloud Service ModelsAbhishek Pachisia
 
Cloud computing information management
Cloud computing information managementCloud computing information management
Cloud computing information managementHallmark B-school
 
CS8791 Cloud Computing - Question Bank
CS8791 Cloud Computing - Question BankCS8791 Cloud Computing - Question Bank
CS8791 Cloud Computing - Question Bankpkaviya
 
My Presentation on Cloud Computing
My Presentation on Cloud ComputingMy Presentation on Cloud Computing
My Presentation on Cloud ComputingPravin Sable
 
Nist cloud computing-standardsispab-dec2008p-mell-090508165235-phpapp01
Nist cloud computing-standardsispab-dec2008p-mell-090508165235-phpapp01Nist cloud computing-standardsispab-dec2008p-mell-090508165235-phpapp01
Nist cloud computing-standardsispab-dec2008p-mell-090508165235-phpapp01sengura
 
Cloud Computing in Business and facts
Cloud Computing in Business and factsCloud Computing in Business and facts
Cloud Computing in Business and factsArun Ganesh
 

Contenu connexe

Tendances

Virtualization for Cloud Environment
Virtualization for Cloud EnvironmentVirtualization for Cloud Environment
Virtualization for Cloud EnvironmentDr. Sunil Kr. Pandey
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud ComputingAnimesh Chaturvedi
 
Virtualization and its Types
Virtualization and its TypesVirtualization and its Types
Virtualization and its TypesHTS Hosting
 
Layers and types of cloud
Layers and types of cloudLayers and types of cloud
Layers and types of cloudANUSUYA T K
 
Unit 1-Cloud computing Foundation
Unit 1-Cloud computing FoundationUnit 1-Cloud computing Foundation
Unit 1-Cloud computing FoundationMonishaNehkal
 
Types of clouds in cloud computing
Types of clouds in cloud computingTypes of clouds in cloud computing
Types of clouds in cloud computingMahesh Chemmala
 
Issues in cloud computing
Issues in cloud computingIssues in cloud computing
Issues in cloud computingronak patel
 
Research in Cloud Computing
Research in Cloud ComputingResearch in Cloud Computing
Research in Cloud ComputingRajshri Mohan
 
Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Mahesh Tibrewal
 
Cloud computing information management
Cloud computing information managementCloud computing information management
Cloud computing information managementHallmark B-school
 
CS8791 Cloud Computing - Question Bank
CS8791 Cloud Computing - Question BankCS8791 Cloud Computing - Question Bank
CS8791 Cloud Computing - Question Bankpkaviya
 
My Presentation on Cloud Computing
My Presentation on Cloud ComputingMy Presentation on Cloud Computing
My Presentation on Cloud ComputingPravin Sable
 

Tendances (20)

Virtualization- Cloud Computing
Virtualization- Cloud ComputingVirtualization- Cloud Computing
Virtualization- Cloud Computing
 
Virtualization for Cloud Environment
Virtualization for Cloud EnvironmentVirtualization for Cloud Environment
Virtualization for Cloud Environment
 
The cloud ecosystem
The cloud ecosystemThe cloud ecosystem
The cloud ecosystem
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud Computing
 
Virtualization and its Types
Virtualization and its TypesVirtualization and its Types
Virtualization and its Types
 
Layers and types of cloud
Layers and types of cloudLayers and types of cloud
Layers and types of cloud
 
Unit 1-Cloud computing Foundation
Unit 1-Cloud computing FoundationUnit 1-Cloud computing Foundation
Unit 1-Cloud computing Foundation
 
Types of clouds in cloud computing
Types of clouds in cloud computingTypes of clouds in cloud computing
Types of clouds in cloud computing
 
What is Virtualization
What is VirtualizationWhat is Virtualization
What is Virtualization
 
Issues in cloud computing
Issues in cloud computingIssues in cloud computing
Issues in cloud computing
 
Unit 3
Unit 3Unit 3
Unit 3
 
Research in Cloud Computing
Research in Cloud ComputingResearch in Cloud Computing
Research in Cloud Computing
 
Cloud computing and Cloudsim
Cloud computing and CloudsimCloud computing and Cloudsim
Cloud computing and Cloudsim
 
Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Cloud Computing for college presenation project.
Cloud Computing for college presenation project.
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud Computing: Virtualization
Cloud Computing: VirtualizationCloud Computing: Virtualization
Cloud Computing: Virtualization
 
Cloud Service Models
Cloud Service ModelsCloud Service Models
Cloud Service Models
 
Cloud computing information management
Cloud computing information managementCloud computing information management
Cloud computing information management
 
CS8791 Cloud Computing - Question Bank
CS8791 Cloud Computing - Question BankCS8791 Cloud Computing - Question Bank
CS8791 Cloud Computing - Question Bank
 
My Presentation on Cloud Computing
My Presentation on Cloud ComputingMy Presentation on Cloud Computing
My Presentation on Cloud Computing
 

Similaire à NIST Cloud Computing Standards

Nist cloud computing-standardsispab-dec2008p-mell-090508165235-phpapp01
Nist cloud computing-standardsispab-dec2008p-mell-090508165235-phpapp01Nist cloud computing-standardsispab-dec2008p-mell-090508165235-phpapp01
Nist cloud computing-standardsispab-dec2008p-mell-090508165235-phpapp01sengura
 
Cloud Computing in Business and facts
Cloud Computing in Business and factsCloud Computing in Business and facts
Cloud Computing in Business and factsArun Ganesh
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud ComputingUnmesh Ballal
 
Trends in recent technology
Trends in recent technologyTrends in recent technology
Trends in recent technologysai krishna
 
Virtualization on embedded boards
Virtualization on embedded boardsVirtualization on embedded boards
Virtualization on embedded boardsMohamed Ramadan
 
A Complete Guide Cloud Computing
A Complete Guide Cloud ComputingA Complete Guide Cloud Computing
A Complete Guide Cloud ComputingSripati Mahapatra
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud ComputingBharat Kalia
 
Grid and Cloud Computing Lecture-2a.pptx
Grid and Cloud Computing Lecture-2a.pptxGrid and Cloud Computing Lecture-2a.pptx
Grid and Cloud Computing Lecture-2a.pptxDrAdeelAkram2
 
cloudintroduction.ppt
cloudintroduction.pptcloudintroduction.ppt
cloudintroduction.pptAhmedRebai8
 
Cloud computing computer
Cloud computing computerCloud computing computer
Cloud computing computerSanath Surawar
 
lect15_cloud.ppt
lect15_cloud.pptlect15_cloud.ppt
lect15_cloud.pptAjit Mali
 
Cloud computing v3 mar 2016
Cloud computing v3 mar 2016Cloud computing v3 mar 2016
Cloud computing v3 mar 2016Roshan Goolaup
 
ERP Implementation Services UK
ERP Implementation Services UKERP Implementation Services UK
ERP Implementation Services UKArcus Universe Ltd
 
Cloud Computing genral for all concepts.pptx
Cloud Computing genral for all concepts.pptxCloud Computing genral for all concepts.pptx
Cloud Computing genral for all concepts.pptxraghavanp4
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computingnitinw25
 

Similaire à NIST Cloud Computing Standards (20)

Nist cloud computing-standardsispab-dec2008p-mell-090508165235-phpapp01
Nist cloud computing-standardsispab-dec2008p-mell-090508165235-phpapp01Nist cloud computing-standardsispab-dec2008p-mell-090508165235-phpapp01
Nist cloud computing-standardsispab-dec2008p-mell-090508165235-phpapp01
 
Cloud Computing in Business and facts
Cloud Computing in Business and factsCloud Computing in Business and facts
Cloud Computing in Business and facts
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud Computing
 
Trends in recent technology
Trends in recent technologyTrends in recent technology
Trends in recent technology
 
Virtualization on embedded boards
Virtualization on embedded boardsVirtualization on embedded boards
Virtualization on embedded boards
 
A Complete Guide Cloud Computing
A Complete Guide Cloud ComputingA Complete Guide Cloud Computing
A Complete Guide Cloud Computing
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud Computing
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Grid and Cloud Computing Lecture-2a.pptx
Grid and Cloud Computing Lecture-2a.pptxGrid and Cloud Computing Lecture-2a.pptx
Grid and Cloud Computing Lecture-2a.pptx
 
cloudintroduction.ppt
cloudintroduction.pptcloudintroduction.ppt
cloudintroduction.ppt
 
Cloud computing computer
Cloud computing computerCloud computing computer
Cloud computing computer
 
lect15_cloud.ppt
lect15_cloud.pptlect15_cloud.ppt
lect15_cloud.ppt
 
Cloud computing v3 mar 2016
Cloud computing v3 mar 2016Cloud computing v3 mar 2016
Cloud computing v3 mar 2016
 
Introduction to Cloud computing
Introduction to Cloud computingIntroduction to Cloud computing
Introduction to Cloud computing
 
lect15_cloud.ppt
lect15_cloud.pptlect15_cloud.ppt
lect15_cloud.ppt
 
Salesforce - classification of cloud computing
Salesforce - classification of cloud computingSalesforce - classification of cloud computing
Salesforce - classification of cloud computing
 
ERP Implementation Services UK
ERP Implementation Services UKERP Implementation Services UK
ERP Implementation Services UK
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Cloud Computing genral for all concepts.pptx
Cloud Computing genral for all concepts.pptxCloud Computing genral for all concepts.pptx
Cloud Computing genral for all concepts.pptx
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 

Plus de GovCloud Network

IaaS Price performance-benchmark
IaaS Price performance-benchmarkIaaS Price performance-benchmark
IaaS Price performance-benchmarkGovCloud Network
 
Cloud computing training what's right for me
Cloud computing training what's right for meCloud computing training what's right for me
Cloud computing training what's right for meGovCloud Network
 
ViON Corporation: Surviving IT Change
ViON Corporation: Surviving IT ChangeViON Corporation: Surviving IT Change
ViON Corporation: Surviving IT ChangeGovCloud Network
 
Staying Safe in Cyberspace
Staying Safe in CyberspaceStaying Safe in Cyberspace
Staying Safe in CyberspaceGovCloud Network
 
Vets 360 Services - Military Dedication - Corporate Success
Vets 360 Services - Military Dedication - Corporate SuccessVets 360 Services - Military Dedication - Corporate Success
Vets 360 Services - Military Dedication - Corporate SuccessGovCloud Network
 
GovCloud Network LLC Overview - June 25, 2014
GovCloud Network LLC Overview - June 25, 2014GovCloud Network LLC Overview - June 25, 2014
GovCloud Network LLC Overview - June 25, 2014GovCloud Network
 
Army PEO EIS Cloud Architecture
Army PEO EIS Cloud Architecture Army PEO EIS Cloud Architecture
Army PEO EIS Cloud Architecture GovCloud Network
 
ICH Agile Cloud Session 1-Highlights /Prospective Svc Offerings Kevin Jackson
ICH Agile Cloud Session 1-Highlights /Prospective Svc Offerings Kevin JacksonICH Agile Cloud Session 1-Highlights /Prospective Svc Offerings Kevin Jackson
ICH Agile Cloud Session 1-Highlights /Prospective Svc Offerings Kevin JacksonGovCloud Network
 
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSAImproving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSAGovCloud Network
 
@AgileCLoud_ICH Presentation - 20140521 US Navy OPNAV - Capt Christopher Page
@AgileCLoud_ICH Presentation - 20140521 US Navy OPNAV - Capt Christopher Page@AgileCLoud_ICH Presentation - 20140521 US Navy OPNAV - Capt Christopher Page
@AgileCLoud_ICH Presentation - 20140521 US Navy OPNAV - Capt Christopher PageGovCloud Network
 
Agile Cloud Conference 2 Introduction - John Brennan
Agile Cloud Conference 2 Introduction - John BrennanAgile Cloud Conference 2 Introduction - John Brennan
Agile Cloud Conference 2 Introduction - John BrennanGovCloud Network
 
DoD Business Capability Lifecycle (BCL) Guide (Draft)
DoD Business Capability Lifecycle (BCL) Guide (Draft)DoD Business Capability Lifecycle (BCL) Guide (Draft)
DoD Business Capability Lifecycle (BCL) Guide (Draft)GovCloud Network
 
GovCloud Network Overview Presentation
GovCloud Network Overview PresentationGovCloud Network Overview Presentation
GovCloud Network Overview PresentationGovCloud Network
 
PM ISE Information Interoperability Presentation -agile sourcing brief
PM ISE Information Interoperability Presentation -agile sourcing briefPM ISE Information Interoperability Presentation -agile sourcing brief
PM ISE Information Interoperability Presentation -agile sourcing briefGovCloud Network
 
Intrusion Detection on Public IaaS - Kevin L. Jackson
Intrusion Detection on Public IaaS - Kevin L. JacksonIntrusion Detection on Public IaaS - Kevin L. Jackson
Intrusion Detection on Public IaaS - Kevin L. JacksonGovCloud Network
 
A Framework for Cloud Computing Adoption in South African Government
A Framework for Cloud Computing Adoption in South African GovernmentA Framework for Cloud Computing Adoption in South African Government
A Framework for Cloud Computing Adoption in South African GovernmentGovCloud Network
 
NCOIC GCC OWS-10 presentation 10 7 2013
NCOIC GCC OWS-10 presentation 10 7 2013NCOIC GCC OWS-10 presentation 10 7 2013
NCOIC GCC OWS-10 presentation 10 7 2013GovCloud Network
 
Tech gate kevin l jackson - 09-21-2013
Tech gate kevin l jackson - 09-21-2013Tech gate kevin l jackson - 09-21-2013
Tech gate kevin l jackson - 09-21-2013GovCloud Network
 
Paving the Way to the Cloud: Cloud Services Brokerage for Highly Secure, Dem...
Paving the Way to the Cloud: Cloud Services Brokerage for Highly Secure, Dem...Paving the Way to the Cloud: Cloud Services Brokerage for Highly Secure, Dem...
Paving the Way to the Cloud: Cloud Services Brokerage for Highly Secure, Dem...GovCloud Network
 
Government cloud deployment lessons learned final (4 4 2013)
Government cloud deployment lessons learned final (4 4 2013)Government cloud deployment lessons learned final (4 4 2013)
Government cloud deployment lessons learned final (4 4 2013)GovCloud Network
 

Plus de GovCloud Network (20)

IaaS Price performance-benchmark
IaaS Price performance-benchmarkIaaS Price performance-benchmark
IaaS Price performance-benchmark
 
Cloud computing training what's right for me
Cloud computing training what's right for meCloud computing training what's right for me
Cloud computing training what's right for me
 
ViON Corporation: Surviving IT Change
ViON Corporation: Surviving IT ChangeViON Corporation: Surviving IT Change
ViON Corporation: Surviving IT Change
 
Staying Safe in Cyberspace
Staying Safe in CyberspaceStaying Safe in Cyberspace
Staying Safe in Cyberspace
 
Vets 360 Services - Military Dedication - Corporate Success
Vets 360 Services - Military Dedication - Corporate SuccessVets 360 Services - Military Dedication - Corporate Success
Vets 360 Services - Military Dedication - Corporate Success
 
GovCloud Network LLC Overview - June 25, 2014
GovCloud Network LLC Overview - June 25, 2014GovCloud Network LLC Overview - June 25, 2014
GovCloud Network LLC Overview - June 25, 2014
 
Army PEO EIS Cloud Architecture
Army PEO EIS Cloud Architecture Army PEO EIS Cloud Architecture
Army PEO EIS Cloud Architecture
 
ICH Agile Cloud Session 1-Highlights /Prospective Svc Offerings Kevin Jackson
ICH Agile Cloud Session 1-Highlights /Prospective Svc Offerings Kevin JacksonICH Agile Cloud Session 1-Highlights /Prospective Svc Offerings Kevin Jackson
ICH Agile Cloud Session 1-Highlights /Prospective Svc Offerings Kevin Jackson
 
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSAImproving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
 
@AgileCLoud_ICH Presentation - 20140521 US Navy OPNAV - Capt Christopher Page
@AgileCLoud_ICH Presentation - 20140521 US Navy OPNAV - Capt Christopher Page@AgileCLoud_ICH Presentation - 20140521 US Navy OPNAV - Capt Christopher Page
@AgileCLoud_ICH Presentation - 20140521 US Navy OPNAV - Capt Christopher Page
 
Agile Cloud Conference 2 Introduction - John Brennan
Agile Cloud Conference 2 Introduction - John BrennanAgile Cloud Conference 2 Introduction - John Brennan
Agile Cloud Conference 2 Introduction - John Brennan
 
DoD Business Capability Lifecycle (BCL) Guide (Draft)
DoD Business Capability Lifecycle (BCL) Guide (Draft)DoD Business Capability Lifecycle (BCL) Guide (Draft)
DoD Business Capability Lifecycle (BCL) Guide (Draft)
 
GovCloud Network Overview Presentation
GovCloud Network Overview PresentationGovCloud Network Overview Presentation
GovCloud Network Overview Presentation
 
PM ISE Information Interoperability Presentation -agile sourcing brief
PM ISE Information Interoperability Presentation -agile sourcing briefPM ISE Information Interoperability Presentation -agile sourcing brief
PM ISE Information Interoperability Presentation -agile sourcing brief
 
Intrusion Detection on Public IaaS - Kevin L. Jackson
Intrusion Detection on Public IaaS - Kevin L. JacksonIntrusion Detection on Public IaaS - Kevin L. Jackson
Intrusion Detection on Public IaaS - Kevin L. Jackson
 
A Framework for Cloud Computing Adoption in South African Government
A Framework for Cloud Computing Adoption in South African GovernmentA Framework for Cloud Computing Adoption in South African Government
A Framework for Cloud Computing Adoption in South African Government
 
NCOIC GCC OWS-10 presentation 10 7 2013
NCOIC GCC OWS-10 presentation 10 7 2013NCOIC GCC OWS-10 presentation 10 7 2013
NCOIC GCC OWS-10 presentation 10 7 2013
 
Tech gate kevin l jackson - 09-21-2013
Tech gate kevin l jackson - 09-21-2013Tech gate kevin l jackson - 09-21-2013
Tech gate kevin l jackson - 09-21-2013
 
Paving the Way to the Cloud: Cloud Services Brokerage for Highly Secure, Dem...
Paving the Way to the Cloud: Cloud Services Brokerage for Highly Secure, Dem...Paving the Way to the Cloud: Cloud Services Brokerage for Highly Secure, Dem...
Paving the Way to the Cloud: Cloud Services Brokerage for Highly Secure, Dem...
 
Government cloud deployment lessons learned final (4 4 2013)
Government cloud deployment lessons learned final (4 4 2013)Government cloud deployment lessons learned final (4 4 2013)
Government cloud deployment lessons learned final (4 4 2013)
 

Dernier

Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 

Dernier (20)

Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 

NIST Cloud Computing Standards

  • 1. Perspectives on Cloud Computing and Standards Peter Mell, Tim Grance NIST, Information Technology Laboratory
  • 2. Standardization and Cloud Computing • Cloud computing is a convergence of many technologies – Some have their own standards • This convergence combined with massively scaled deployments represents “leap-ahead” capabilities • We have a choice – proprietary stovepipe clouds – standards based clouds • Standards will be vital to achieve success • Can’t standardize what you can’t define
  • 3. A NIST Definition of Cloud Computing • A computing capability where the architecture surrounding massive clusters of computers is abstracted from the applications using it and a software and server framework (usually based on virtualization) provides clients scalable utility computing capabilities to elastically provide many servers for a single software-as-a-service style application or to host many such applications on a few servers.
  • 4. Foundational Elements of Cloud Computing Architecture Business Models • Web 2.0 • Autonomic System Computing • Software as a Service (SaaS) • Grid Computing • Utility Computing • Platform Virtualization • Service Level • Web Services Agreements • Service Oriented • Open standards, Data Architectures Portability, and • Web application Accessibility frameworks • Open source software
  • 5. Need for Cloud Computing Standards • Standards for the cloud architecture • Emerging • Cloud interfaces are the key • Leverage autonomic computing, grids, and virtualization? • Standards for cloud applications • Mature technologies but various approaches exist • Software as a service / Utility computing • Service Oriented Architecture • Web Services standards • Web Application frameworks
  • 6. Enterprise Cloud Infrastructures • The Need – Security and privacy concerns in using 3rd party clouds with sensitive data – Problem of security boundaries and security compliance (e.g., HIPAA, FISMA, SOX) • How should large enterprises create their own clouds? – Which standards should be adopted? – What is the role of open source and proprietary software? – How should one leverage existing data centers (cloud interconnections)? – Can one acquire isolated instances of 3rd party clouds? • Government owned, contractor operated (GOCO) – What is the minimum size needed to make it cost effective to build a cloud?
  • 7. The Federal Cloud Infrastructure • An idea: The Federal government identifies minimal standards and an architecture to enable agencies to create or purchase interoperable cloud capabilities – Agencies would own cloud instances or ‘nodes’ – Nodes would provide the same software framework for running cloud applications – Nodes would participate in the Federal cloud infrastructure – Federal infrastructure would promote and adopt cloud architecture standards (non-proprietary) – ‘Minimal standards’ refers to the need to ensure node interoperability and application portability without inhibiting innovation and adoption thus limiting the scale of cloud deployments
  • 8. The Federal Cloud Infrastructure • Benefits – Federal applications could run on any cloud node – Federal applications could migrate between cloud nodes • Contingency planning/disaster recovery • Scalability/elasticity – Centralized and standardized security enforcement and monitoring (intrusions, secure configurations, vulnerabilities, malware) – Interagency billing of resources used will self-optimize growth of cloud nodes • Limits to agencies independently building their own clouds – Lack of the massive scale needed to leverage cloud benefits – Non-interoperable architectures (e.g., no disaster recovery capabilities)
  • 9. Possible Approaches Moving Forward • Should the U.S. government: – solely use 3rd party clouds (probably just for non- sensitive data) – procure a single USG cloud – procure multiple independent non-interoperable USG clouds – work towards a Federal cloud infrastructure (standards and architecture)
  • 10. Upcoming Draft NIST Cloud Computing Security Publication • NIST Special Publication to be created in FY09 – Overview of cloud computing – Cloud computing security issues – Securing cloud architectures – Securing cloud applications – Enabling and performing forensics in the cloud – Centralizing security monitoring in a cloud architecture – Obtaining security from 3rd party cloud architectures through service level agreements – Security compliance frameworks and cloud computing (e.g., HIPAA, FISMA, SOX)
  • 11. Questions? • Peter Mell • Senior Computer Scientist • NIST, Information Technology Laboratory • 301-975-5572 • mell@nist.gov • Tim Grance • Program Manager, Cyber and Network Security Program • NIST, Information Technology Laboratory • 301-975-4242 • grance@nist.gov