Feds, industry to hash out cloud standards at May summit

The Cloud Summit will turn attention to standards for data interoperability, portability and security.

The National Institute of Standards and Technology will host a Cloud Summit on May 20 with federal agencies and the private sector with the intent to develop data interoperability, portability and security standards for cloud computing that can be applied across agencies.

Vivek Kundra, the federal chief information officer, told an audience at the Brookings Institution today that establishing such standards is essential to making full use of cloud computing's potential.

By Aug. 1, NIST officials plan to move forward with initial specifications, which will lead to the launch of a portal for cloud standards where various stakeholders can collaborate online in a cloud environment, Kundra said.

“NIST will convene people around the table, and part of what we want to do is test case studies,” Kundra said during an address on “The Economic Gains of Cloud Computing,” sponsored by Brookings in Washington, D.C. The event was moderated by Darrell West, vice president and director of Governance Studies with Brookings, which released a report entitled “Saving Money Through Cloud Computing.”

Related stories:

Cloud computing really can save your agency millions

Don't look down: the path to cloud computing is still missing a few steps

From the event:

Kundra's full remarks

Kundra's slide presentation

Cloud computing refers to services, applications and data storage delivered online through powerful file servers. To that end, the federal government is encouraging agencies to move to the cloud for more efficient information technology operations and cost savings.

Many agencies are making the shift toward the cloud, Kundra said. For example, the Health and Human Services Department is deploying a cloud-based customer relationship and project management solution provided by Salesforce.com.

The solution will support HHS’s Regional Extension Centers in allocating grant funding to doctors and hospitals for the implementation of electronic health records.

At the NIST Cloud Summit, participants will look at cases studies such as HHS' and try to assess the issues and specifications associated with the cloud implementation -- what standards are needed for data portability, interoperability and security, Kundra said.

“For example, what does authentication look like in the cloud environment? As you look at the government and its shift in the last couple of years to smart cards, how does that interoperate with a cloud-based solution?” Kundra asked. “Those are some of the questions we want to address.”

Kundra said that the government wants to create a consensus-driven environment for standard-setting. “If we don’t set those standards, it is going to create an environment where we are doing nothing more than webifying our current infrastructure,” he said.

Furthermore, the federal government wants “to make sure that from a security perspective we have the right standards in place so that agencies can continuously monitor the security of these [cloud] solutions,” Kundra said.

Federal employees and the public must be confident that their information is safe in the cloud, Kundra said. However, the economic benefits of cloud computing won’t be realized if every agency independently reviews and certifies solutions, he said.

NIST has created a technical process for centralized certification to provide common security management services to federal agencies. The process supports the development of common security requirements and performs authorization and continuous monitoring services for governmentwide use, Kundra said.

Agencies can realize these benefits by leveraging the security authorizations provided through a joint authorization board. The board consists of the agency sponsoring a system’s governmentwide authorization and three permanent members: the Defense and Homeland Security departments and the General Services Administration.

The board will provide both initial and ongoing acceptance of risk on behalf of the government as systems are continuously monitored throughout their life cycles, Kundra said.


About the Author

Rutrell Yasin is is a freelance technology writer for GCN.


    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

  • FCW Illustration.  Original Images: Shutterstock, Airbnb

    Should federal contracting be more like Airbnb?

    Steve Kelman believes a lighter touch and a bit more trust could transform today's compliance culture.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.