" [C]loud customers must be able to easily store, access, and process data across multiple clouds; weave together a mesh of different services to meet their needs; and have a way to collaborate with business partners around the globe. Federated clouds – networks of interoperable clouds that work together – will give rise to service grids which can harmonize technologies, business processes and policies to provide support across multiple businesses, industries, and levels of government. Through such a "network of networks" the true potential of cloud computing will be realized.
This is why National Institute of Standards and Technology (NIST) is charged with leading our efforts on standards for data portability, cloud interoperability, and security."
- Vivek Kundra, April 8, 2010
Through NIST, the Federal government will now address cloud interoperability, portability and security in a focused and collaborative manner. To kick this off, a "Cloud Summit" on May 20, 2010 will be used to introduce NIST as the lead organization for the definition of the Federal Government’s requirements for cloud computing, key technical research, and United States standards development. In my view, the Federal government and industry are now fully engaged in an exciting joint effort to build the cloud computing industry.
To drive this, NIST has created centralized certification process to provide common security management services to Federal agencies.
"The process supports the development of common security requirements and performs authorization and continuous monitoring services for government-wide use, enabling Federal agencies to rapidly, securely and cost-effectively procure technologies. Agencies can realize these benefits by leveraging the security authorizations provided through a joint authorization board. The board consists of the agency sponsoring a system’s government-wide authorization and three permanent members: the Department of Defense, the Department of Homeland Security, and the General Services Administration. The board will provide both initial and ongoing acceptance of risk on behalf of the government as systems are continuously monitored throughout their lifecycle."
full text of Vivek Kundra's remarks and his slides are available on-line.
( Thank you. If you enjoyed this article, get free updates by email or RSS - KLJ )