Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Challenging Security Requirements for US Government Cloud Computing Adoption



Michaela Iorga


The Federal Cloud Strategy, February 8, 2010, outlines a federal cloud computing program that identifies program objectives aimed at accelerating the adoption of cloud computing across the federal government. NIST, along with other agencies, was tasked with a key role and specific activities in support of that effort, including the delivery of the NIST Cloud Computing Technology Roadmap and the publication of other Special Publications that address the reference architecture, definitions, and security aspects of cloud computing. In order to achieve adoption of cloud computing for the federal government, it is necessary to address the security and privacy concerns that federal agencies have when migrating their services to a cloud environment. To further exacerbate the situation, there are few documented details that directly address how to achieve some security aspects in a cloud environment. The purpose of this document is to provide an overview of the high-priority security and privacy challenges perceived by federal agencies as impediments to the adoption of cloud computing. The document provides descriptions of the existing mitigations to these security and privacy impediments. If no mitigations are listed, then ongoing efforts that could lead to mitigations are described. In the cases where no ongoing efforts were identified, the document makes recommendations for possible mitigation or references existing best practices.


cloud computing, security, cloud computing security, cloud computing security requirements


Iorga, M. (2012), Challenging Security Requirements for US Government Cloud Computing Adoption, NIST, [online],, (Accessed April 19, 2024)
Created November 19, 2012, Updated February 19, 2017