NIST's new roadmap expands cloud conversation

Tuesday - 11/1/2011, 3:03pm EDT

The National Institute of Standards and Technology is giving cloud computing providers and agency adopters some food for thought.

NIST issued the draft of version 1 of the U.S. Government Cloud Computing Technology Roadmap today.

"The intent is to lay the groundwork to more directly tackle a subset of cloud computing technology scope, consistent with the Federal Cloud Computing Strategy to accelerate USG cloud adoption. This does not imply an intent to prescribe a USG-centric view," NIST wrote in the document. "On the contrary, the roadmap is intended to foster a substantive discussion among cloud computing stakeholders in government and the private sector. In practical terms, the roadmap is a vehicle for NIST to fulfill its collaboration role and leverage input from the hundreds of organizations and individuals who have contributed to the NIST-led cloud computing working group analysis and discussions."

NIST wants the roadmap to define:

  • Prioritized strategic and tactical requirements that must be met for USG agencies to further cloud adoption.
  • Interoperability, portability and security standards, guidelines and technology that need to be in place to satisfy these requirements.
  • Candidate Priority Action Plans (PAPs) which are recommended for voluntary self-tasking by the cloud computing stakeholder community to support standards, guidelines and technology development.

NIST developed the roadmap through an interagency and private sector collaborative process. It held three public workshops in May and November 2010 and April 2011 where more than 1,500 participated. The CIO Council also created five working groups to address specific areas of cloud computing and offer recommendations.

The roadmap also defines 10 requirements to further the adoption of cloud computing. The document goes through each requirement discussing the issue, an illustrative example and the rationale of why it's important. And then under each area, NIST includes action plans with target completion dates.

For instance one requirement is for technical requirements for high-level service level agreements between agencies and vendors.

NIST lists three priority goals under this requirement, including developing a standard vocabulary, ensuring consistency in guidance and policy regarding SLA relevant terms and definitions and developing a cloud SLA taxonomy to ensure key elements are in the agreements.

Other requirements include clear and consistent categorized cloud services, frameworks to support federated community clouds, defining unique government requirements and several others.

NIST said it expects to issue new guidance around the different phases of cloud every six months in the coming years, with version 2 of the roadmap slated for November 2012.

"Phase 2 introduces new strategic activities to leverage the USG Cloud Computing Technology Roadmap produced in Phase 1," the document stated.

RELATED STORIES:

NIST defining steps to cloud computing

NIST cloud guidelines address security, privacy concerns

CIO Council report on cloud sets future vision