NIST Cloud Computing Forum and Workshop 8
National Institute of Standards and Technology, Gaithersburg, MD
July 7-10, 2015
The cloud community has come a long way since NIST created its first definition of Cloud Computing and its associated Cloud Computing Technology roadmap. It is time to stop, look at our successes, see what still needs to be done, and to explore new areas in Cloud Computing.
Current State of Cloud Computing Standards
This topic puts the spotlight on the active and productive field of cloud computing standards. NIST SP 500-293 (Technology Roadmap) and NIST SP 500-291 (Standards Roadmap) identified the need for cloud computing standards and identified initial efforts in developing such standards. Now Standards Development Organizations (SDOs), trade consortiums, academia, and other organizations are all working on cloud computing standards to address the cloud computing community's needs. This topic highlights and showcases completed standards, standards in development, and opportunities for collaboration on future additional standards.
Progress on the NIST SP500 293: 10 High Level Requirements for Cloud Adoption
In July, 2011 NIST released its first draft NIST SP 500-293: Technology Roadmap document that identified 10 high level requirements that were impeding wide spread adoption of cloud computing by the community. These requirements address the priorities in security, interoperability and portability. For the past several years industry has been working on addressing many of those requirements and it is time to see which been addressed and which still need some work. As there are no fixed criteria to identify absolute success for any of the 10 requirements, this topic will highlight presentations showing either how specific requirements have been addressed or which still need some work.A full listing of the 10 requirements, which cover cloud security, cloud services, technical language for SLAs, cloud metrics and research, in the final version from October 2014, can be found here.
As cloud computing becomes ever more widely used, there is an increasing need to perform digital forensics in the cloud to support criminal or civil investigations or business processes, to investigate cyberattacks and data breaches, or to proactively support security and forensics cloud-based applications. In June, 2014 NIST released the draft NIST Interagency Report 8006 NIST Cloud Computing Forensic Science Challenges. This document identifies 65 challenges facing cloud forensic investigators. During our event, we will focus on cloud forensic architectures in addition to eight of the highest priority challenges identified in the NISTIR 8006: Root of trust, E-discovery, Deletion in the cloud, Lack of transparency, Timestamp synchronization, Use of metadata, Multiple venues and geolocations, and Data integrity and evidence preservation. A description of these challenges can be found here
Cloud Computing: Customers and Government
The US Government has a large stake in the field of cloud computing and continues to seek out new solutions for operationalizing the cloud computing model in order to serve the citizenry. Other governments have also seen the value in cloud computing and the economic, technological and societal benefit that cloud computing brings to the table. Debates and challenges still persist for cloud customers around the procurement, contracting and the convergence of technological capability and policy issues. This topic will illustrate some these challenges and successes of creative outcomes in various government agencies and customers.
NIST is calling for abstract submissions from participants that would like to present at our event their work related to the topics above!
Abstract submission information can be found on the next page and at: http://www.nist.gov/itl/cloud/abssubinst.cfm
Event, Accommodation and Registration information available here.