US federal government: cloud first, but 'cloud' needs to be defined

Summary:Federal working group preparing cloud roadmap for US agencies, to provide guidance with protocols and definitions.

What is 'cloud computing'?  That's what the federal government needs to determine as it aggressively pursues this strategy to cut costs and improve the flexibility of its agencies.

The National Institute of Standards and Technology (NIST) plans to issue a first draft of a “Cloud Computing Technology Roadmap” by the end of fiscal 2011, intended to provide agencies with a single, standardized process for cloud adoption and management, Fierce Government IT reports.

The US federal government now has an active policy to put cloud-based options before on-site software and systems options in new IT purchasing. But moving to cloud options could potentially be even more chaotic than the existing huge $80-billion annual patchwork of federal IT purchases.

The NIST Cloud Computing Standards Roadmap Working Group is spearheading this effort. The goal of the working group and roadmap is to “survey the existing standards landscape for security, portability, and interoperability standards/models/studies/etc. relevant to cloud computing, determine standards gaps, and identify standardization priorities.”

Standards and definitions the working group will likely include in the roadmap include the following:

  • Basic Definitions & Standards: TCP/IP, HTTP, HTML, XML, SOAP, REST, WSDL, SSL/TLS, XML/XMLD, JSON, TRP, DNS, SMTP
  • High Level Standards & Definition for Cloud and Web Services: OVF, OCCI, CDMI, SPML, Web services, GridFTP, OAuth, OpenID, WS, WSS, SAML, Frameworx, XACML
  • Categorization of Cloud Computing Related Standards: Cloud Taxonomy – output from Reference Architecture Working Group

Functional areas to be addressed in the roadmap include the following:

  • SaaS Self-service management
  • Application specific data formats
  • Application functional interfaces
  • Resource description and discovery
  • QoS specification, monitoring, reporting
  • SLA specification and negotiation
  • Billing and metering
  • Identity and access management
  • Provisioning, management, replication, federation
  • Single sign-on plus strong authentication
  • Security auditing and compliance

In addition, the US General Services Administration, the purchasing arm of the federal government, says it intends to release, by summer, the first version of FedRAMP — which provides common security and monitoring services for cloud services to help agencies avoid guesswork.

Topics: Government : US, Government, Security

About

Joe McKendrick is an author and independent analyst who tracks the impact of information technology on management and markets. Joe is co-author, along with 16 leading industry leaders and thinkers, of the SOA Manifesto, which outlines the values and guiding principles of service orientation. He speaks frequently on cloud, SOA, data, and... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.