Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics (On-demand self-service, Broad network access, Resource pooling, Rapid elasticity, Measured Service); three service models (Cloud Software as a Service (SaaS), Cloud Platform as a Service (PaaS), Cloud Infrastructure as a Service (IaaS)); and, four deployment models (Private cloud, Community cloud, Public cloud, Hybrid cloud). Key enabling technologies include: (1) fast wide-area networks, (2) powerful, inexpensive server computers, and (3) high-performance virtualization for commodity hardware.
The Cloud Computing model offers the promise of massive cost savings combined with increased IT agility. It is considered critical that government and industry begin adoption of this technology in response to difficult economic constraints. However, cloud computing technology challenges many traditional approaches to datacenter and enterprise application design and management. Cloud computing is currently being used; however, security, interoperability, and portability are cited as major barriers to broader adoption.
The long term goal is to provide thought leadership and guidance around the cloud computing paradigm to catalyze its use within industry and government. NIST aims to shorten the adoption cycle, which will enable near-term cost savings and increased ability to quickly create and deploy enterprise applications. NIST aims to foster cloud computing systems and practices that support interoperability, portability, and security requirements that are appropriate and achievable for important usage scenarios.
NCCP Current Projects:
Cloud Collaboration Site Information
We request comments from the public on this draft document from July 9, 2019 to September 20, 2019.
NIST defines a Community Cloud as supporting organizations that have a common set of interests (as defined in NIST 800-145), where "there is a need to clearly define and implement mechanisms to support the governance and processes which enable federation and interoperability between different cloud service provider environments to form a general or mission-specific federated Community Cloud."
Requirement 5 of the NIST Cloud Computing Technology Roadmap (NIST SP 500-293), encourages the development of frameworks to support seamless implementation of federated community cloud environments as part of its interoperability and portability guidance.
Cloud computing is becoming a deeply important infrastructure for society, not only powering much of the World Wide Web but also mobile applications, business systems, autonomous vehicles, and the Internet of Things. As other infrastructures have evolved—such as the global telephone system and the Internet itself—deep interoperability has been standardized, enabling service providers to federate with one another. Using such federation concepts, in a manner transparent to the end user while addressing security and privacy issues, an Internet Service Provider will facilitate access to the entire global internet and leverage the capabilities of many service providers behind the scenes.
Cloud Federation will lead to a landscape of new options for how individuals and businesses will interact with the cloud. Data scientists will find the capabilities to access information related to data sets that are only available at a given location, and be able to access this information on site, and given a federation relationship with the local provider, access to compute and identity federation as well.
This document presents the NIST Federated Cloud Reference Architecture model. This actor/role based model used the guiding principles of the NIST Cloud Computing Reference Architecture to develop a model with 11 components: Administrative Domains, Regulatory Environments, Identity Providers, Cloud Service Consumer, Cloud Service Provider, Federation Operator, Federation Manager, Federation Auditor, Federation Broker, and Security. Those are described individually and how they function as an ensemble. A discussion on possible future standards and use cases are also described in great detail.