Feds, industry to hash out cloud standards at May summit

The Cloud Summit will turn attention to standards for data interoperability, portability and security.

The National Institute of Standards and Technology will host a Cloud Summit on May 20 with federal agencies and the private sector with the intent to develop data interoperability, portability and security standards for cloud computing that can be applied across agencies.

Vivek Kundra, the federal chief information officer, told an audience at the Brookings Institution today that establishing such standards is essential to making full use of cloud computing's potential.

By Aug. 1, NIST officials plan to move forward with initial specifications, which will lead to the launch of a portal for cloud standards where various stakeholders can collaborate online in a cloud environment, Kundra said.

“NIST will convene people around the table, and part of what we want to do is test case studies,” Kundra said during an address on “The Economic Gains of Cloud Computing,” sponsored by Brookings in Washington, D.C. The event was moderated by Darrell West, vice president and director of Governance Studies with Brookings, which released a report entitled “Saving Money Through Cloud Computing.”


Related stories:

Cloud computing really can save your agency millions

Don't look down: the path to cloud computing is still missing a few steps

From the event:

Kundra's full remarks

Kundra's slide presentation


Cloud computing refers to services, applications and data storage delivered online through powerful file servers. To that end, the federal government is encouraging agencies to move to the cloud for more efficient information technology operations and cost savings.

Many agencies are making the shift toward the cloud, Kundra said. For example, the Health and Human Services Department is deploying a cloud-based customer relationship and project management solution provided by Salesforce.com.

The solution will support HHS’s Regional Extension Centers in allocating grant funding to doctors and hospitals for the implementation of electronic health records.

At the NIST Cloud Summit, participants will look at cases studies such as HHS' and try to assess the issues and specifications associated with the cloud implementation -- what standards are needed for data portability, interoperability and security, Kundra said.

“For example, what does authentication look like in the cloud environment? As you look at the government and its shift in the last couple of years to smart cards, how does that interoperate with a cloud-based solution?” Kundra asked. “Those are some of the questions we want to address.”

Kundra said that the government wants to create a consensus-driven environment for standard-setting. “If we don’t set those standards, it is going to create an environment where we are doing nothing more than webifying our current infrastructure,” he said.

Furthermore, the federal government wants “to make sure that from a security perspective we have the right standards in place so that agencies can continuously monitor the security of these [cloud] solutions,” Kundra said.

Federal employees and the public must be confident that their information is safe in the cloud, Kundra said. However, the economic benefits of cloud computing won’t be realized if every agency independently reviews and certifies solutions, he said.

NIST has created a technical process for centralized certification to provide common security management services to federal agencies. The process supports the development of common security requirements and performs authorization and continuous monitoring services for governmentwide use, Kundra said.

Agencies can realize these benefits by leveraging the security authorizations provided through a joint authorization board. The board consists of the agency sponsoring a system’s governmentwide authorization and three permanent members: the Defense and Homeland Security departments and the General Services Administration.

The board will provide both initial and ongoing acceptance of risk on behalf of the government as systems are continuously monitored throughout their life cycles, Kundra said.

 

About the Author

Rutrell Yasin is is a freelance technology writer for GCN.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close

Trending

  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Our databases track awards back to 2013. Read More

  • Navigating the trends and issues of 2016 Nick Wakeman

    In our latest WT Insider Report, we pull together our best advice, insights and reporting on the trends and issues that will shape the market in 2016 and beyond. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

I agree to this site's Privacy Policy.