Needed to support more manageable assessment and

This preview shows page 54 - 56 out of 76 pages.

needed to support more manageable assessment and accreditation processes, which are often a prerequisite before a system is put in operation. 7.2.2 Identity and Access Management As described earlier, security integration of a cloud-based system into existing enterprise security infrastructure is a must for the majority of government systems with moderate and greater impact. Existing practices of external cloud-based components in identity and access management is often based on proprietary and custom integration solutions. Constant and standard ways of provisioning identity data, managing identity data, and replicating to-and- from cloud-based system components, are needed to ensure that consumer organizations’ short- term and long-terms needs are met. A lot of government systems are required to have strong authentication, such as two-factor authentication implemented in an Internet-deployed system. Standards in supporting single sign-on and strong authentication are a must for these types of systems. 7.2.3 SaaS Application Specific Data and Metadata To support the urgent need to migrate certain applications to the cloud, application-specific data and metadata format standards are required. This is an area where a lot of SaaS providers currently help consumer organizations to migrate their existing system by offering custom conversion and migration support. However, without standards in data and metadata format for these applications, there is the potential danger of creating non-interoperable islands of cloud solutions and vendor lock-in. For example, some SaaS email solutions may not be fully
Image of page 54

Subscribe to view the full document.

NIST Cloud Computing Standards Roadmap NIST SP500 291 v1.0 55 interoperable with in-house email and calendaring solutions. There are specific email working groups in the federal cloud computing initiative that are looking into putting forward specific metadata standardization requirements for email security, privacy, and record management. Other SaaS functional areas, such as document management and financial systems are also among the high-priority areas where standards in data and metadata are needed. 7.2.4 Resource Description and Discovery Descriptions and discovery of computing resources needs are usually the first steps for consumers to take to start using cloud computing. Standard ways of resource descriptions will facilitate programmatically developing interoperable cloud applications to discover and use cloud computing resources, be it computing resources, storage resources, or application resources. In establishing private or community cloud computing as a way to implement data center consolidation, standards for these areas are important to not only help avoid implementing vendor-specific interfaces, but also to help increase the dynamic provisioning capabilities of the solution and utility of the computing resources.
Image of page 55
NIST Cloud Computing Standards Roadmap NIST SP500 291 v1.0 56 8 Conclusions and Recommendations 8.1 Conclusions
Image of page 56
You've reached the end of this preview.
  • Spring '14
  • NIST Cloud Computing Standards Roadmap

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern