As a part of NIST Cloud Computing Program, NIST will host its eighth Cloud Computing Forum and Workshop on July 7-10, 2015. The format will be a 4-day event with the first day focusing on Cloud Standards (organized by ISO/IEC JTC1 SC38) followed by 3-days of Talks and Panels centered on specific areas of research and development in the cloud environment.
The event will cover:
Current State of Cloud Computing Standards
This topic puts the spotlight on the active and productive field of cloud computing standards. NIST SP 500-293 (Technology Roadmap) and NIST SP 500-291 (Standards Roadmap) identified the need for cloud computing standards and identified initial efforts in developing such standards. Now Standards Development Organizations (SDOs), trade consortiums, academia, and other organizations are all working on cloud computing standards to address the cloud computing community’s needs. This topic highlights and showcases completed standards, standards in development, and opportunities for collaboration on future additional standards.
Progress on the NIST SP 500-293: 10 High Level Requirements for Cloud Adoption
In July, 2011 NIST released its first draft NIST SP 500-293: Technology Roadmap document that identified 10 high level requirements that were impeding wide spread adoption of cloud computing by the community. These requirements address the priorities in security, interoperability and portability. For the past several years industry has been working on addressing many of those) requirements and it is time to see which been addressed and which still need some work. As there are no fixed criteria to identify absolute success for any of the 10 requirements, this topic will highlight presentations showing either how specific requirements have been addressed or which still need some work. A full listing of the 10 requirements, which cover cloud security, cloud services, technical language for SLAs, cloud metrics and research, in the final version from October 2014, can be found here.
As cloud computing becomes ever more widely used, there is an increasing need to perform digital forensics in the cloud to support criminal or civil investigations or business processes, to investigate cyberattacks and data breaches, or to proactively support security and forensics cloud-based applications. In June, 2014 NIST released the draft NIST Interagency Report 8006 NIST Cloud Computing Forensic Science Challenges. This document identifies 65 challenges facing cloud forensic investigators. During our event, we will focus on cloud forensic architectures in addition to eight of the highest priority challenges identified in the NISTIR 8006: Root of trust, E-discovery, Deletion in the cloud, Lack of transparency, Timestamp synchronization, Use of metadata, Multiple venues and geolocations, and Data integrity and evidence preservation. A description of these challenges can be found here.
Cloud Computing: Customers and Government
The US Government has a large stake in the field of cloud computing and continues to seek out new solutions for operationalizing the cloud computing model in order to serve the citizenry. Other governments have also seen the value in cloud computing and the economic, technological and societal benefit that cloud computing brings to the table. Debates and challenges still persist for cloud customers around the procurement, contracting and the convergence of technological capability and policy issues. This topic will illustrate some these challenges and successes of creative outcomes in various government agencies and customers
The CFP and shortlisting of Talks related to specific areas has just been completed. Here’s the final agenda and speakers bio