/>
X
Government
Home Government Government: US

US federal government: cloud first, but 'cloud' needs to be defined

Federal working group preparing cloud roadmap for US agencies, to provide guidance with protocols and definitions.
Written by Joe McKendrick, Contributing Writer on

What is 'cloud computing'?  That's what the federal government needs to determine as it aggressively pursues this strategy to cut costs and improve the flexibility of its agencies.

The National Institute of Standards and Technology (NIST) plans to issue a first draft of a “Cloud Computing Technology Roadmap” by the end of fiscal 2011, intended to provide agencies with a single, standardized process for cloud adoption and management, Fierce Government IT reports.

The US federal government now has an active policy to put cloud-based options before on-site software and systems options in new IT purchasing. But moving to cloud options could potentially be even more chaotic than the existing huge $80-billion annual patchwork of federal IT purchases.

The NIST Cloud Computing Standards Roadmap Working Group is spearheading this effort. The goal of the working group and roadmap is to “survey the existing standards landscape for security, portability, and interoperability standards/models/studies/etc. relevant to cloud computing, determine standards gaps, and identify standardization priorities.”

Standards and definitions the working group will likely include in the roadmap include the following:

  • Basic Definitions & Standards: TCP/IP, HTTP, HTML, XML, SOAP, REST, WSDL, SSL/TLS, XML/XMLD, JSON, TRP, DNS, SMTP
  • High Level Standards & Definition for Cloud and Web Services: OVF, OCCI, CDMI, SPML, Web services, GridFTP, OAuth, OpenID, WS, WSS, SAML, Frameworx, XACML
  • Categorization of Cloud Computing Related Standards: Cloud Taxonomy – output from Reference Architecture Working Group

Functional areas to be addressed in the roadmap include the following:

  • SaaS Self-service management
  • Application specific data formats
  • Application functional interfaces
  • Resource description and discovery
  • QoS specification, monitoring, reporting
  • SLA specification and negotiation
  • Billing and metering
  • Identity and access management
  • Provisioning, management, replication, federation
  • Single sign-on plus strong authentication
  • Security auditing and compliance

In addition, the US General Services Administration, the purchasing arm of the federal government, says it intends to release, by summer, the first version of FedRAMP — which provides common security and monitoring services for cloud services to help agencies avoid guesswork.

Editorial standards
Show Comments

Related

cloud computing in the future

The future of cloud computing, from hybrid to edge to AI-powered

Data protection privacy concept. GDPR. EU. Cyber security network. Business man protecting data personal information on tablet. Padlock icon and internet technology networking connection on digital dark blue background.

SMBs don't see need for cyber insurance since they won't experience security incidents

nvidia-h100-nvl-crop-for-twitter-new

For AI's 'iPhone moment', Nvidia unveils a large language model chip