Good afternoon, everyone. We thank you for joining us today to participate in these important discussions.
Before we jump into this afternoon's agenda, I'd like to start with a bit of recent history to show why meetings like this one are so important.
The idea of providing computing services like a utility similar to electricity dates back to the 1960s.
The term "cloud computing" started much later, in the late 1990s. But it didn't really take off as the "next big thing" until about 2006—less than 10 years ago—when companies like Google and Amazon starting using the term.
Five years after that, in 2011, cloud computing was already a fully deployed technology worth billions of dollars. That's when then-U.S. Chief Information Officer Vivek Kundra released the Federal Cloud Computing Strategy. In it, he laid out the Obama Administration's "Cloud First" priority and described how cloud migration could help the U.S. government reduce costs and improve services.
We're honored to have had Tony Scott, the federal government's current chief information officer, come out earlier today to give us an update on government-wide implementation of cloud computing.
That 2011 strategy identified NIST as the organization to help define cloud computing. And it charged us with working to accelerate federal adoption of cloud computing while minimizing risks.
Of course, before you can speed up a process, you must first understand what's slowing it down. So the NIST Cloud Computing Program set out to identify what was keeping federal organizations from moving to the cloud.
Our first step was to get some help. We enlisted colleagues in other agencies, standards organizations, academia, and industry. We wanted to leverage the strengths and resources of these different stakeholders to identify obstacles and opportunities for federal adoption of the cloud.
After lots of give and take, we released the U.S. Government Cloud Computing Technology Roadmap in October 2014. The report describes 10 requirements that must be addressed to meet the objectives of the Federal Cloud Computing Strategy. These requirements focus on standards for international interoperability, portability and security.
Why standards? Because well thought out, consensus standards are the ball bearings that keep commercial markets running smoothly—especially those for high-tech products. For cloud computing specifically, we need standards for 3 reasons:
One of the major goals of this workshop is to see how far we have come in addressing the requirements outlined in that roadmap. Personally, I think we're doing pretty well.
When we started developing the plan, there were no international voluntary consensus-based standards for cloud computing. Today, we're devoting an entire day to discussing cloud standards.
This morning, you heard about the efforts of ISO/IEC and ITU. They began developing standards separately, but are now collaborating in earnest. This is good for everyone, the standards development organizations and the buyers and sellers of cloud services.
So now, we have the joint standards that go by the very official title of Cloud Computing—Overview and Vocabulary and Cloud-Computing Reference Architecture. These standards are foundational. They provide a shared understanding of cloud computing and a common language—all to enable meaningful conversations.
And as you also heard this morning, we have much to look forward to from these organizations as they work to identify new areas that are ready for standardization.
Their plans include creating common components for Service Level Agreements, which is one of the requirements outlined in the NIST Roadmap. They also plan to define the types of interoperability and portability that are possible within cloud computing, and to better understand data mobility within the cloud ecosystem.
In addition to ISO/IEC, leadership has also come from other organizations who are moving cloud computing standards and technology forward.
Our speakers this afternoon will give us an overview of the broader world of cloud computing standards. Many people here in this room have worked hard to make the substantial progress on the voluntary cloud standards we've seen emerge over the past 5 years. From an organization that has "standards" as its middle name, thank you!
Of course, there's more work to be done to address all 10 of the requirements in our roadmap. These other requirements will be our main topics over the next three days, as we focus on cloud computing security, forensics, research and the needs of cloud customers in industry and government.
There is an old joke that goes: The great thing about standards is that there are so many to choose from. Thankfully, we don't have that problem just yet. Cloud computing standardization is still in its early stages. What we have instead is opportunity!
We have the opportunity to make the full benefits of cloud computing available globally. We have the opportunity to directly improve people's lives with access to data and information on any device, anywhere—and to do so while protecting sensitive information in verifiably secure ways. We have the opportunity to ensure that cloud computing lives up to its full economic potential.
My colleagues here at NIST and I are counting on all of you to help us seize this opportunity. Thank you and I look forward to hearing about your progress.