Cloud Computing A NIST Perspective & Beyond. Robert Bohn, PhD Advanced Network Technologies Division

Similar documents
Cloud Computing A NIST Perspective and Beyond. Robert Bohn, PhD Advanced Network Technologies Division

Standardizing Cloud Services for Financial Institutions through the provisioning of Service Level Agreements (SLAs)

NIST Cloud Computing Program

CLOUD SERVICE LEVEL AGREEMENTS Meeting Customer and Provider needs

NIST Cloud Computing Security Reference Architecture (SP draft)

Highlights & Next Steps

A New Way to Compute or: How I Learned to Stop Worrying and Love the Cloud

The NIST Cloud Computing Program

The Road to Cloud Standards via a Reference Architecture

NIST Cloud Computing Reference Architecture & Taxonomy Working Group

NIST Cloud Computing Reference Architecture

US Government Cloud Computing Technology Roadmap Volume II Release 1.0 (Draft)

US Government Cloud Computing Technology Roadmap Volume I

Document: NIST CCSRWG 092. First Edition

National Institute of Standards and Technology

Security Issues in Cloud Computing

A Strawman Model. NIST Cloud Computing Reference Architecture and Taxonomy Working Group. January 3, 2011

NIST Cloud Computing Standards Roadmap

NIST Cloud Computing Program Activities

US Government Cloud Computing Technology Roadmap Volume I Release 1.0 (Draft)

Cybersecurity. Cloud. and the. 4TH Annual NICE Workshop Navigating the National Cybersecurity Education InterState Highway September 2013

Moving to the Cloud: NIST Vision and Initiatives

ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS

Public Cloud Workshop Offerings

Seeing Though the Clouds

Cloudy with Showers of Business Opportunities and a Good Chance of. Security. Transforming the government IT landscape through cloud technology

The Magical Cloud. Lennart Franked. Department for Information and Communicationsystems (ICS), Mid Sweden University, Sundsvall.

Key Management Challenges in a Cloud Ecosystem

Cloud Computing Technology

U.S. HOUSE OF REPRESENTATIVES SUBCOMMITTEE ON TECHNOLOGY AND INNOVATION COMMITTEE ON SCIENCE, SPACE, AND TECHNOLOGY HEARING CHARTER

Table of Contents. Abstract... Error! Bookmark not defined. Chapter 1... Error! Bookmark not defined. 1. Introduction... Error! Bookmark not defined.

Perspectives on Moving to the Cloud Paradigm and the Need for Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

Audit of the CFPB s Acquisition and Contract Management of Select Cloud Computing Services

A Comprehensive Study on Cloud Computing Standardization

Applying Business Architecture to the Cloud

6 Cloud computing overview

An Overview of the Most Important Reference Architectures for Cloud Computing

Federal Aviation Administration. efast. Cloud Computing Services. 25 October Federal Aviation Administration

CLOUD COMPUTING. Agencies Need to Incorporate Key Practices to Ensure Effective Performance

Expert Reference Series of White Papers. Understanding NIST s Cloud Computing Reference Architecture: Part II

When Security, Privacy and Forensics Meet in the Cloud

Cloud computing: the state of the art and challenges. Jānis Kampars Riga Technical University

Logical Data Models for Cloud Computing Architectures

OFFICE OF AUDITS & ADVISORY SERVICES CLOUD COMPUTING AUDIT FINAL REPORT

Cloud Service Rollout. Chapter 9

Standards Acceleration to Jumpstart Adoption of Cloud Computing (SAJACC)

White Paper on CLOUD COMPUTING

CHAPTER 8 CLOUD COMPUTING

The Cloud Computing Revolution: Beyond the Hype

GAO INFORMATION TECHNOLOGY REFORM. Progress Made but Future Cloud Computing Efforts Should be Better Planned

SECURITY MODELS FOR CLOUD Kurtis E. Minder, CISSP

Cloud Computing Guide & Handbook. SAI USA Madhav Panwar

VMware vcloud Powered Services

OVERVIEW Cloud Deployment Services

Seamless adaptive multi- cloud management of service- based applications. European Open Cloud Collaboration Workshop, May 15, 2014, Brussels

Emerging Approaches in a Cloud-Connected Enterprise: Containers and Microservices

Perspectives on Cloud Computing and Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab

Architecting the Cloud

The Cloud at 30,000 feet. Art Ridgway Scripps Media Inc. Managing Director Newspaper IT Operations

Enterprise Architecture and the Cloud. Marty Stogsdill, Oracle

Security & Trust in the Cloud

The NIST Definition of Cloud Computing

The NIST Definition of Cloud Computing (Draft)

Concurrent Technologies Corporation (CTC) is an independent, nonprofit, applied scientific research and development professional services

Enterprise Architecture and the Cloud. Marty Stogsdill, Oracle

Topics. Images courtesy of Majd F. Sakr or from Wikipedia unless otherwise noted.

The Keys to the Cloud: The Essentials of Cloud Contracting

Cloud Computing Best Practices. Creating Effective Cloud Computing Contracts for the Federal Government: Best Practices for Acquiring IT as a Service

ca IT Leaders Forum Working in the Cloud using the new ISO/IEC/ITU-T Cloud Computing Standards Dr David Ross, Chief Information Security Officer,

The Hybrid Cloud: Bringing Cloud-Based IT Services to State Government

Improving IT Service Management Architecture in Cloud Environment on Top of Current Frameworks

Why Private Cloud? Nenad BUNCIC VPSI 29-JUNE-2015 EPFL, SI-EXHEB

Public, Private and Hybrid. Not Quite That Simple

The Cloud Seen from the U.S.A.

Cloud Computing; What is it, How long has it been here, and Where is it going?

Cloud Computing and Standards

How to Use the Federal Risk and Authorization Management Program (FedRAMP) for Cloud Computing

Purpose. Service Model SaaS (Applications) PaaS (APIs) IaaS (Virtualization) Use Case 1: Public Use Case 2: Use Case 3: Public.

Storage Clouds. Enterprise Architecture and the Cloud. Author and Presenter: Marty Stogsdill, Oracle

VMware for your hosting services

What Cloud computing means in real life

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS

Cloud Computing Standards: Overview and first achievements in ITU-T SG13.

Office of the Government Chief Information Officer The Government of the Hong Kong Special Administrative Region

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer

IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach.

Planning the Migration of Enterprise Applications to the Cloud

Cloud Computing Actionable Standards An Overview of Cloud Specifications

Cloud Architecture and Management. M.I. Deen General Manager (Enterprise Solutions) Sri Lanka Telecom

Private & Hybrid Cloud: Risk, Security and Audit. Scott Lowry, Hassan Javed VMware, Inc. March 2012

See Appendix A for the complete definition which includes the five essential characteristics, three service models, and four deployment models.

Web Application Hosting Cloud Solution Architecture.

MEF. Cloud Africa Summit. Carrier Ethernet Delivery of Cloud Services. Gary Williams. Head of Pre-Sales Engineering. Metrofibre

Cloud Computing are you ready?

VALUE PROPOSITION FOR SERVICE PROVIDERS. Helping Service Providers accelerate adoption of the cloud

DEPARTMENT AGENCY STATEMENT OF OBJECTIVES FOR CLOUD MIGRATION SERVICES: INVENTORY, APPLICATION MAPPING, AND MIGRATION PLANNING MONTH YYYY TEMPLATE

Deutsche Börse Cloud Exchange AG First vendor-neutral platform for IaaS cloud computing products. October 2013

CLOUD ARCHITECTURE DIAGRAMS AND DEFINITIONS

Transcription:

Cloud Computing A NIST Perspective & Beyond Robert Bohn, PhD Advanced Network Technologies Division ISACA National Capital Area Chapter Arlington, VA, USA 17 March 2015

Cloud Program Overview Launch & Objectives USG Cloud Computing Technology Roadmap NIST CC Reference Architecture & Cloud Actors Decision Framework, SLAs & Metrics Status & Next Steps Workshops 2

Federal IT Strategies 3

Federal Cloud Computing Strategy US IT Budget ~ $80B/year: Savings ~25% Move to cloud when possible. Investigate Cloud-applicability for new services 3 Agencies - NIST Standards GSA Procurement (FedRAMP) DHS Operational Security 4

The NIST Cloud Computing Program Goal To accelerate the federal government s adoption of cloud computing Build a USG Cloud Computing Technology Roadmap which focuses on the highest priority USG cloud computing security, interoperability and portability requirements Lead efforts to develop standards and guidelines in close consultation and collaboration with standards bodies, the private sector, and other stakeholders 5

NIST Definition of Cloud Computing Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. 3 Service Models Software as a Service Platform as a Service Infrastructure as a Service (SaaS) (PaaS) (IaaS) 4 Deployment models Public, Private, Community, Hybrid 5 Essential Characteristics On demand self-service Broad network access Resource Pooling Rapid Elasticity Measured Service Determine the What of Cloud Computing, not the How 6

How to build a USG Cloud Computing Technology Roadmap Public Working Groups Business Use Define Cases Target USG Cloud Computing Use Cases SAJACC Standards Security Ref Arch & Tax priorities risks obstacles Define Neutral Cloud Computing Reference Architecture & Taxonomy Cloud Computing Standards & Technology Roadmap Translate Requirements Identify Gaps Expand CC defn, ref. arch. 7

NIST Cloud Computing Reference Architecture Actors and their Roles Cloud Consumer Person or organization that maintains a business relationship with, and uses service from Cloud Providers. Cloud Auditor A party that can conduct independent assessment of cloud services, information system operations, performance and security of the cloud implementation. Cloud Provider Person, organization or entity responsible for making a service available to Cloud Consumers. Cloud Broker An entity that manages the use, performance and delivery of cloud services, and negotiates relationships between Cloud Providers and Cloud Consumers. Cloud Carrier The intermediary that provides connectivity and transport of cloud services from Cloud Providers to Cloud Consumers. 8

NIST Cloud Computing Reference Architecture Cloud Consumer Cloud Auditor Security Audit Privacy Impact Audit Performance Audit Service Layer IaaS PaaS SaaS Resource Abstraction and Control Layer Physical Resource Layer Hardware Facility Cloud Provider Cloud Service Management Business Support Provisioning/ Configuration Portability/ Interoperability Cloud Broker Service Intermediation Service Aggregation Service Arbitrage Cloud Carrier Security & Privacy 9

USG Cloud Computing Technology Roadmap Requirements (500-293) 1. International voluntary consensusbased standards 2. Solutions for High-priority Security Requirements, technically decoupled from organizational policy decisions 3. Technical specifications to enable development of consistent, highquality Service-Level Agreements 4. Clearly and consistently categorized cloud services 5. Frameworks to support seamless implementation of federated community cloud environments 6. Updated Organization Policy that reflects the Cloud Computing Business and Technology model 7. Defined unique government regulatory requirements and solutions 8. Collaborative parallel strategic future cloud development initiatives 9. Defined and implemented reliability design goals 10.Defined and implemented cloud service metrics 10

Cloud Broker Cloud Broker Intermediate Cloud Service Provider dd Consumer accesses multiple provider services through a single broker interface The Cloud Consumer retains visibility into the cloud service providers they use Intermediary uses additional providers as invisible components of its own service, presented as integrated offering No consumer visibility into or control over additional cloud providers 11

Three parts to the process Decide - lay out the requirements for the service Agree - the MSA/SLA is the agreement connecting customer and provider Measure - are the SLA objectives met?

Cloud Service Level Agreements (SLAs) Cloud Service Level Agreement: A document stating the technical performance promises made by the cloud provider, how disputes are to be discovered and handled, and any remedies for performance failures. (NIST SP 800-146). Differs from Master Service Agreement (MSA) No standard cloud computing contracts exist. Little agreement with respect to: which elements should appear within a SLA which metrics to use how terms are defined Industry and USG need to develop and adopt consistent technical specifications, of high quality and completeness, to enable the creation and practical evaluation of Service-Level Agreements (SLAs) between customers and cloud providers. 13

Mind Map of a Master Service Agreement

Contents of SLA Business Level Objectives Roles & Responsibilities Requirements Operational Policies Continuity Limitations Financial Glossary of Terms Service Level Objectives Resources Performance Indicators Service Deployment Service Management Description Security Privacy

Cloud Business & Performance Indicators 16

Service Level Agreements (SLAs) - Metrics Metrics for Selecting Cloud Services Metrics in Service Agreements (SAs) Metrics in Monitoring Decision Making Service Objectives Monitoring 17

SLA Performance Metric - Service Availability An Availability Metric could be based on different definitions for measures: Most commonly, availability is evaluated based on the percentage of uptime (available state) of a resource, over some period of time. service_uptime_percentage: the percentage of qualified service availability time over the observation time, as defined by the expression: service uptime % = qualified_uptime_total observation_time_total 100 (NIST SP 500-307) 18

Future Outlook The convenience of reliable, trusted and measureable cloud services become a foundational element of the global economy. These services, constructed with open standards and metric based building blocks, form the basis for a collection of interconnected clouds to: drive innovation facilitate world-wide collaboration & shared knowledge provide positive environmental and economic impacts 19

Federated Cloud Develop a common understanding and definition of what a Federated Cloud entails Identifying the requirements needed to reach the achieve a Federated cloud, Identify the technology and standards gaps that need to be addressed in order to enable the Federated Cloud Provide a path to achieving the Federated Cloud Pooling of resources from disparate, potentially heterogeneous, cloud systems where interoperability and portability enable sharing, migration, and redundancy which is all ensured through a common mechanism (such as central management system or a common API), and where identity and authorization management mechanisms are established. http://collaborate.nist.gov/twiki-cloud-computing/bin/view/cloudcomputing/cloudfederated

Cloud Services Explore the essential characteristics of cloud services and examine the intricacies that exist between cloud service types. Customers will make better selections of cloud services Customers will be able to objectively evaluate, compare, and select between products from cloud vendors, and Cloud Providers will have clear guidance where interoperability and portability must exist within similar categories of cloud services http://collaborate.nist.gov/twiki-cloud-computing/bin/view/cloudcomputing/cloudservices 21

Interoperability & Portability Types of cloud computing interoperability and portability - relationship and interactions Contexts where interoperability and portability are relevant in cloud computing, with respect to the cloud computing reference architecture; and Common terminology and concepts used to describe interoperability and portability. http://collaborate.nist.gov/twiki-cloud-computing/bin/view/cloudcomputing/cloudinteroperability 22

Status and Next Steps Developed Reference Architecture & Taxonomy Security Reference Architecture Descriptions of Cloud Broker Standards Inventory Developing Cloud Actor descriptions Cloud Consumer Cloud Carrier Cloud Auditor Developing a Cloud Service Metric Model 23

NIST Cloud Computing Forum & Workshop Series 7 events to date Initiated May 2010 Purpose Communication Outreach Building relationships Forming communities Special Events Cloud & Big Data January 2013 Cloud & Mobility March 2014 24

NIST Cloud Computing Forum & Workshop Series Cloud at 5 The Community Responds July 7-10, 2015 NIST Gaithersburg, MD Cloud Computing Progress on the 10 Requirements Cloud Standards and Activities Cloud Computing Forensics Cloud Federation Cloud Computing Research Federal Cloud Computing 25

NIST Cloud Computing Special Publications CC Standards Roadmap...500-291 CC Reference Architecture...500-292 USG CC Technology Roadmap Draft...500-293 Security Reference Architecture....500-299 Cloud Services Metrics Description...500-307 Guidelines on Security and Privacy.800-144 Definition of Cloud Computing..800-145 CC Synopsis & Recommendations...800-146 Searchable as NIST SP xxx-nnn 26

Dr. Abdella Battou Dr. Robert Bohn John Messina Dr. Michaela Iorga Annie Sokol Mike Hogan Eric Simmon Frederic de Vaulx Lisa Carnahan NIST ITL Cloud Computing Home Page Contacts abdella.battou@nist.gov robert.bohn@nist.gov john.messina@nist.gov micheala.iorga@nist.gov annie.sokol@nist.gov michael.hogan@nist.gov eric.simmon@nist.gov frederic.devaulx@nist.gov lisa.carnahan@nist.gov CC Lead/ANTD Chief Program Mgr RA/Tax, Federated Cloud Security Interop/Port, Standards Standards Cloud Services/Standards Metrics Conformity Assessment http://www.nist.gov/itl/cloud NIST Cloud Computing Collaboration Site (twiki) http://collaborate.nist.gov/twiki-cloud-computing/bin/view/cloudcomputing 27

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information