by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : November and December 2014
The National Institute of Standards and Technology released the nal version of its Cloud Computing Technology Road- map Volumes I and II, the culmination of a three-year effort to set objectives for the accelerated adoption of cloud computing in government. "Cloud computing is still in an early deployment stage, and standards are crucial to increased adoption," the report said. "The urgency is driven by rapid deployment of cloud computing in response to nancial incentives." The rst volume, High Priority Re- quirements to Further Cloud Comput- ing, identi es 10 requirements NIST believes are necessary to maintain innovative cloud adoption across gov- ernment. The requirements relate to in- teroperability, performance, portability and security, and they are largely intact from the draft version of the roadmap, published in 2011. Volume II, Useful Information for Cloud Adopters, is designed to be a technical reference for those ac- tively working on strategic and tactical cloud computing initiatives. Volume II integrates and summarizes the work completed to date and explains how these ndings support the roadmap introduced in Volume I. Among Volume I's 10 requirements is a call for a focus on technical speci- cations to enable development of consistent, high-quality Service-Level Agreements in provisioning cloud services. Another requirement addresses the need for improved frameworks to support federated community clouds. "Technical policies, credentials, namespaces and trust infrastructure must be harmonized to support a com- munity cloud that spans multiple ser- vice providers' physical environments," said the NIST plan. Yet another requirement identi es the need to improve cloud service metrics, including standardized units of measurements for cloud resources. "In utility industries," the paper said, "the notion of units of measurement is fundamental to buying and selling service." But even though cloud computing uses a utility model for service delivery, "IT resources are supplied as abstract- ed services, often characterized as infrastructure as a service or platform as a service. Consumers need to be able to precisely specify and receive services," the paper argued. The NIST document also acknowl- edges the role of parallel technologies, including big data and cybersecurity, in shaping cloud services as well as the way cloud acts an "enabler of big data capture, storage, analysis, sharing and management." "Big data subject matter experts commonly refer to cloud computing as being indistinguishable from big data," said the NIST document. "Just as cloud computing struggled with de ni- tion early in its adoption, and similarly was represented as an "old" or "new" capability depending on the perspec- tive of those de ning it, big data as a concept is the focus of de nition and framing discussions. Likewise, cybersecurity has a com- plicated interdependency with cloud, according to the NIST roadmap, which "presents certain unique security chal- lenges resulting from the cloud's very high degree of outsourcing, depen- dence on networks, sharing (multi- tenancy) and scale." Those security challenges include "authentication techniques such as multifactor authentication with tokens, applied cryptography and software assurance techniques (e.g., testing and analysis) needed to build con dence that logical boundaries implemented in cloud systems are suf ciently strong to provide security." NIST cited projects that relate to these challenges, including the Department of Homeland Security's Continuous Asset Evaluation, Situ- ational Awareness and Risk Scoring (CAESARA) project, which provides an architecture for dynamic system moni- toring and reporting, and the National Science Foundation Future Internet Architectures initiative, which is devel- oping Internet architectures to provide advanced security and reliability in the context of emerging Internet usage patterns.• [BrieFing] NIST lays out roadmap for cloud computing International voluntary consensus- based interoperability, portability and security standards. Solutions for high-priority security requirements. Technical specifications to enable development of consistent, high- quality service level agreements. Clearly and consistently catego- rized cloud services. Frameworks to support seamless implementation of community cloud environments. Technical security solutions that are de-coupled from organizational policy decisions. Defined unique government regula- tory requirements, technology gaps and solutions. Collaborative parallel strategic "future cloud" projects. Defined and implemented reliability design goals. Defined and implemented cloud service metrics. 10 GCN NOVEMBER/DECEMBER 2014 • GCN.COM