Reprints from my posting to SAN-Tech Mailing List and ...

2011/06/19

[san-tech][02378] 講演資料:US NIST Cloud Computing Forum & Workshop, (2010/05/20)

Date: Wed, 16 Jun 2010 15:53:09 +0900
------------------------------------------------
2010年 5月 20日、US NIST (National Institute of Standards and Technology)
で開催された

Cloud Computing Forum & Workshop, May 20, 2010
  http://csrc.nist.gov/groups/SNS/cloud-computing/forum-workshop_may2010.html

の講演資料が上記サイトで公開されています。

AGNEDA
  http://www.nist.gov/itl/upload/Cloud_Computing_Forum_agenda_51810_post_version1-3-2.pdf


公開されている資料:
KeynoteSpeaker:
 United States Chief Information Officer, Vivek Kundra
  http://csrc.nist.gov/groups/SNS/cloud-computing/documents/forumworkshop-may2010/nist_cloud_computing_forum-kundra.pdf
"NIST Cloud Computing Overview"
 NIST Senior Executive for Cloud Computing, Dawn Leaf
  http://csrc.nist.gov/groups/SNS/cloud-computing/documents/forumworkshop-may2010/nist_cloud_computing_forum-leaf.pdf
"Cybersecurity and Standards Acceleration to Jumpstart Adoption of Cloud Computing (SAJACC)"
 Mark (Lee) Badger, NIST Senior Computer Scientist & Tim Grance, NIST Cyber & Network Security Program Manager
  http://csrc.nist.gov/groups/SNS/cloud-computing/documents/forumworkshop-may2010/nist_cloud_computing_forum-badger_grance.pdf
"Federal Risk and Authorization Management Program (FedRAMP)"
 Peter Mell, NIST Senior Computer Scientist & Peter Tseronis, Senior Advisor U.S. Department of Energy
  http://csrc.nist.gov/groups/SNS/cloud-computing/documents/forumworkshop-may2010/nist_cloud_computing_forum-mell.pdf

"NIST Cloud Computing Overview" から
----------------------------------------
National Institute of Standards and Technology (NIST)
Cloud Computing Technical Role, (Page 3)

NIST Cloud Computing efforts are consistent with the
  NIST mission:
  "To promote U.S. innovation and industrial
   competitiveness by advancing measurement science,
   standards, and technology in ways that enhance
   economic security and improve our quality of life."
----------------------------------------
----------------------------------------
Overview: Standards Acceleration to Jumpstart Adoption of Cloud
Computing (SAJACC), (Page 5)

SAJACC goal is to help solve the problem: "How do we
support the adoption of a new complex technology during
the interim period between when standards are needed
and when they are available, and how do we develop
standards more quickly?"

SAJAAC is: Strategy, Process, & Portal

NIST believes that we (the community) can accelerate
cloud adoption....
----------------------------------------
Cloud Computing, NIST
  http://csrc.nist.gov/groups/SNS/cloud-computing/


"NIST Helps Accelerate the Federal Government's Move to the Cloud"
 June 9, 2010
  http://www.nist.gov/itl/csd/cloud_060910.cfm

  "The National Institute of Standards and Technology (NIST) has been
   designated by Federal Chief Information Officer Vivek Kundra to
   accelerate the federal government's secure adoption of cloud
   computing by leading efforts to develop standards and guidelines
   in close consultation and collaboration with standards bodies,
   the private sector, and other stakeholders."
....
  "Another major challenge with cloud computing is to safeguard
   government data in clouds, especially citizens' private information.
   Agencies using cloud computing will still use NIST-developed
   Federal Information Security Management Act (FISMA) guidelines.

   NIST is serving as the technical advisor for the Federal Risk and
   Authorization Management Program (FedRAMP), which will allow
   agencies to collaboratively develop baseline FISMA security criteria
   and authorization to operate deliverables upfront for use of cloud
   computing vendor products and services."

Federal Information Security Management Act (FISMA) Implementation Project
  http://csrc.nist.gov/groups/SMA/fisma/index.html
  "Protecting the Nation's Critical Information Infrastructure"

Federal Risk and Authorization Management Program (FedRAMP)
  http://cio.gov/pages.cfm/page/Federal-Risk-and-Authorization-Management-Program-FedRAMP
  "FedRAMP is a unified government-wide risk management program
   focused on large outsourced and multi-agency systems."

NIST Cloud Computing Forum & Workshopでのビデオ:
"Vivek Kundra Keynote at the Cloud Computing Forum & Workshop"
  http://www.youtube.com/watch?v=USfYrYKfYgI
※英文字幕つき

"NIST helps accelerate the federal government's move to the cloud"
 09 June 2010
  http://www.supercomputingonline.com/latest/nist-helps-accelerate-the-federal-governments-move-to-the-cloud


クラウドとセキュリティに関して面白い記事です:
"HSMやタイムスタンプでクラウドのリスクを低減
「クラウドにデータを預ける前に暗号化と署名を」、タレスが提案", 2010/05/19
  http://www.atmarkit.co.jp/news/201005/19/thales.html

  " フランスを本拠とするタレスは、通信・運輸や金融に加え、航空宇宙産業
   など幅広い分野向けに、広義のセキュリティ製品を提供している。2008年10月
   には、イギリスのエンサイファー(nCipher)を買収し、情報セキュリティ分野
   にも手を広げてきた。"
...
  " 「クラウドというのはアウトソーシングするということ。つまり、アウト
   ソーシングがはらむリスクに直面することになる」(ギーター氏)。

    こうした懸念に対しタレスでは、「クラウドにデータを保管する前に暗号化する」、
   そして「クラウドにデータを渡す前に電子署名を加える」というアプローチを
   提唱したいとした。"
Thales (タレス)
  http://iss.thalesgroup.com/ja-jp/
------------------------------------------------
[san-tech][02211] US Federal CIO Vivek Kundra:クラウドコンピューティングを語る (2010/04/07) 
[san-tech][02333] US "State of Public Sector Cloud Computing", May 20, 2010

0 件のコメント:

コメントを投稿