Professional Documents
Culture Documents
A NIST Perspective
Robert Bohn, PhD
Advanced Network Technologies Division
28 January 2016
Cloud Standards Coordination ETSI
Brussels, Belgium
NISTs Goal
To accelerate the federal governments
adoption of cloud computing
2
The NIST Cloud Computing Program
3
Building a Roadmap
Reference Technical Business Use
Public Working Groups Architecture
Standards Security
Use Cases Cases
NIST SP 500-292
4
Roadmapping for Standards
Reference Technical Business Use
Public Working Groups Architecture
Standards Security
Use Cases Cases
NIST SP 500-291
5
A USG Technology Roadmap
Reference Technical Business Use
Public Working Groups Architecture
Standards Security
Use Cases Cases
6
USG Cloud Computing Technology Roadmap
Requirements (NIST SP 500-293)
1. International voluntary consensus-based 6. Updated Organization Policy that reflects
standards the Cloud Computing Business and
2. Solutions for High-priority Security Technology model
Requirements, technically de-coupled 7. Defined unique government regulatory
from organizational policy decisions requirements and solutions
3. Technical specifications to enable 8. Collaborative parallel strategic future
development of consistent, high-quality cloud development initiatives
Service-Level Agreements 9. Defined and implemented reliability design
4. Clearly and consistently categorized cloud goals
services 10.Defined and implemented cloud service
5. Frameworks to support seamless metrics
implementation of federated community
cloud environments
7
The NIST Cloud Computing Program
With the Interna>onal Organiza>on for
Standards Standardiza>on (ISO) and the Interna>onal
Electrotechnical Commission (IEC)
Founda6onal Con6nuing
Vocabulary & RA (17788, 17789) SLAs - 4 part (19086)
Interoperability/Portability (19941)
Data & Data Flow (19944)
8
Reference Architectures (RA) and
Vocabularies
NIST SP 800 145 (The NIST Definition of Cloud Computing)
10
Service Models & Capability Types
ISO/IEC 17788
NIST SP service providers applica6ons.
11
Service Models and Service Categories
A cloud service category is a group of cloud services that possess some common set of
quali>es. A cloud service category can include capabili>es from one or more cloud capabili>es
types.
Network as a
Service (NaaS)
Communica6ons as Compute as a SoNware as a
a Service (CaaS) Service (CompaaS) Service (SaaS)
12
Service Models and Service Categories
This table shows the rela>onship of the cloud service categories and cloud capabili>es
types
Cloud Capabili6es Types
Cloud Service Categories
Infrastructure Plaborm Applica>ons
Compute as a Service X
Communica>ons as a Service X X
Data Storage as a Service X X X
Infrastructure as a Service X
Network as a Service X X X
Plaborm as a Service X
Sodware as a Service X
13
Cloud Key Characteristics
14
Roles
Cloud
Cloud
Service
Roles as described Consumer
Customer
in NIST SP500-292
Cloud
Cloud
Service
Provider
Provider
Cloud
Cloud Cloud Cloud
Service
Broker Auditor Carrier
Partner
15
Hybrid Cloud
16
Service Level Agreement Frameworks
Current Standards Progress
20
Contacts
Dr. Abdella Battou abdella.battou@nist.gov CC Lead/ANTD Chief
Dr. Robert Bohn robert.bohn@nist.gov Program Mgr
John Messina john.messina@nist.gov RA/Tax, Federated Cloud
Dr. Michaela Iorga micheala.iorga@nist.gov Security
Annie Sokol annie.sokol@nist.gov Interop/Port, Standards
Mike Hogan michael.hogan@nist.gov Standards
Eric Simmon eric.simmon@nist.gov Cloud Services/Standards
Frederic de Vaulx frederic.devaulx@nist.gov Metrics
Lisa Carnahan lisa.carnahan@nist.gov Conformity Assessment