NIST creates cloud-computing team

The National Institute of Standards and Technology has created a new team to determine the best way to provide security for agencies that want to adopt the emerging technology called cloud computing, said Ron Ross, a senior computer scientist and information security researcher at NIST.

“The team will give our customers a sense of what kinds of risks they may be taking on by moving into that new territory,” Ross said today at the SaaS/Gov 2009 conference produced by the Software and Information Industry Association and market research firm Input.

Cloud computing refers to an arrangement in which an organization pays a service provider to deliver applications, computing power and storage via the Web.

Implementing cloud computing at agencies will be similar to how government organizations adopted and secured wireless technology, Ross said.

“When wireless came along, we didn’t really know a lot about how to protect it, but we developed that understanding as we went forward, and now we do a pretty good job of protecting wireless,” he said.

Security experts at NIST are responsible for figuring out how to make the new technology secure. Each agency will decide whether and to what extent it wants to adopt cloud computing.

NIST plans to demonstrate how current standards and guidelines for evaluating technology can be used for cloud computing, Ross said.

Federal agencies need to determine how to certify and accredit new technology when a service provider is involved, as is the case with cloud computing, and service providers will need to provide evidence to federal customers that they have accomplished the due diligence on security, he said.

Meanwhile, the team hopes to prepare NIST officials to handle agencies’ questions about cloud computing. “When customers ask us, ‘Is it a good way to go?’ or ‘Is it secure enough for us?’ we’re going to try and provide some of that information,” Ross said.

About the Author

Doug Beizer is a staff writer for Federal Computer Week.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.