The National Institute of Standards and Technology launched Phase 2 of its efforts to guide the adoption of cloud computing in the federal government with the release this week of the first two volumes of the U.S. Government Cloud Computing Technology Roadmap, Release 1.0.

Release 1.0 of the roadmap, is “designed to support the secure and effective adoption of the cloud computing model by federal agencies to reduce costs and improve services,” according to authors of the NIST document.

Phase 2 introduces new strategic activities to aid agencies in building on lessons learned which are captured in the roadmap, Dawn Leaf, NIST Senior Executive for Cloud Computing told Breaking Gov.

Open to comment through December 2, 2011, the roadmap (NIST Special Publication 500-293) was the top agenda item at the NIST Cloud Computing Forum & Workshop IV held Nov. 2-4.

“A key contribution of the roadmap effort is to focus the discussion to achieve a clear understanding between the government and private sector, particularly on the specific technical steps (standards, guidance and technology solutions) needed to move federal IT from its current early-cloud state to a cloud-based foundation, as envisioned in the Federal Cloud Computing Strategy,” she said.

“We have spent two days now talking about the strategic portions, the tactical portions, the working groups and priority action plans of the Roadmap,” she explained. “We needed to lay out new set program objectives and plans, lay out a new strategy and a new timeline, because we just finished our timeline.”

Leaf said that the Phase 1 objectives have not changed. What has changed is the approach, making use of what was developed last year; and the real addition is introducing the priority action plans for self-tasking by the cloud community.

“The next logical question is: how are you going to develop the standards guidelines and technology?” she said.

“The priority action plan process is very defined; it gives us a way to very specifically find out what other standards organizations or countries or industry or academics are already working on the problems we have identified. They tell us and we track the progress against the plan and make sure we don’t duplicate the effort. This way we engage the broader community.”

Leaf emphasized the broader community includes everyone and how that levels the playing field.

“We say that all the time we level the playing field, but the truth is big organizations have more resources; sometimes they are better positioned than we are to present their ideas,” she asserted. “However for the innovators, the person with the bright idea, approach or technical solution who doesn’t have those kinds of resources, the roadmap and priority action plans give us a way to include them in the conversation.”

Tackling Cloud Issues

The fourth annual NIST Cloud Computing Forum brought together cloud computing leaders and those eager to learn about real-life cloud implementation from government, academia and the private sector.

Attendees heard US CIO Steven VanRoekel deliver the keynote where he outlined his “future first” policy, asserted that agencies seek already available technology before buying new and reiterated that cloud is a way for agencies to do more with less.

Day 1 forum panel sessions sparked lively discussions on issues such as: the cloud from the international perspective; cloud priorities; building a healthy cloud ecosystem; and categorizing and classifying cloud services using the NIST Reference Architecture.

On Day 2, panel discussions focused on: standards from the customer point of view; “assumption busting” security issues; community advances in cloud technology and infrastructure; and acquiring IT services using a consumption-based model.

Day 3 was devoted to workshops on: business use cases; using the Reference Architecture and Taxonomy and security issues including FedRAMP.

Next Steps – Where We Go From Here

Over the past year Leaf said we have gone from a really high level general agreement of principles laid out in the Federal Cloud Computing Strategyto now where “we are getting into the specifics of how to translate that into activities that can be tracked and measured at a strategic level and at the tactical level.”

“We are not only going to talk about the priority action plans, but in the back of Volume 2, the Technical volume, there is a list of activities that can happen now. You don’t have to wait for priority action plan, they are very tangible.”

One example is asking vendors to map their products to the Reference Architecture. “There is no mystery to that. All they have to do is take their products and map them. It gives you something very tangible and deliverable right there. So, big picture, we are narrowing it down to a more and more workable, executable plan and not just an agreement of intent.”

Leaf also urged anyone in the Federal government interested in the cloud to not stand on the sidelines, but become part of the Federal cloud computing standards and technology working group created under the auspices of the Federal CIO Council.

“Any Federal individual with an interest in this space is invited by NIST to attend. It is a US government only working group open to anyone who is interested in the subject area of technology, standards, best technical practices and cloud.”

Roadmap Fast Facts

According to NIST, it plans to issue the final U.S. Government Cloud Computing Roadmap as a three-volume work.

Volume I, High-Priority Requirements to Further USG Agency Cloud Computing Adoption, provides a general understanding and overview of the roadmap initiative, including:

• prioritized interoperability, portability and security requirements that must be met to further government cloud adoption;
• standards, guidelines and technology that must be in place to satisfy these requirements; and
• a list of Priority Action Plans (PAPs) recommended for voluntary self-tasking by the cloud stakeholder community to support standards, guidelines and technology development.

Volume II, Useful Information for Cloud Adopters, is the nuts and bolts publication. It is a technical reference that is useful for those working on strategic and tactical cloud computing initiatives-whether they work in government agencies or not. Volume II integrates and summarizes the work completed to date, explains the assessment findings based on this work and how these findings support the roadmap introduced in Volume I.

The third volume, Technical Considerations for USG Cloud Computing Deployment Decisions, is under development as part of an interagency and public working group collaborative effort. It is intended as a guide for decision makers who are planning and implementing cloud computing solutions. The document explains how the technical work in Volume II can be applied to the decision framework defined in the Federal Cloud Computing Strategy.

The working groups also contributed to the content of two related cloud publications released earlier this year-NIST Cloud Computing Standards Roadmap (SP 500-291) and NIST Cloud Computing Reference Architecture (NIST SP 500-292).

Learn more and find other cloud publications at www.nist.gov/itl/cloud/index.cfm.