How standards could get cloud out of the 1970s

NIST document could pave the way to better interoperability, portability and security

A road map to developing standards about to be released by the National Institute of Standards and Technology promises to improve the interoperability, portability and security of cloud infrastructures -- and, in the words of Internet pioneer Vint Cerf, could help get the technology out of the Internet equivalent of the 1970s.

The NIST Cloud Computing Standards Roadmap Working Group is making use of existing, publicly available work along with the work of other NIST Working Groups to develop the standards document, Annie Sokol, co-chair of the working group, said during a presentation at the NIST Cloud Computing Forum and Workshop III on April 8. The document is set to be released this month.

The Cloud Computing Standards Roadmap document will be incorporated into the NIST Cloud Computing Roadmap, which is due by the end of fiscal 2011. The NIST Cloud Computing Roadmap will define and prioritize U.S. government requirements for interoperability, portability and security in order to support secure and effective adoption of cloud computing.

Other NIST Cloud Computing Working Groups contributing to the overall road map include: the Target Business Use Cases Working Group, Reference Architecture Working Group, Security Working Group and the Standards Acceleration to Jumpstart Adoption of Cloud Computing (SAJACC) Technical Use Cases Working Group. The working groups consist of interested participants from academia, industry and government.

Related coverage:

At last, a solid definition of what a cloud looks like

The Standards Roadmap Working Group comprises an inventory of standards that can be mapped to use cases, along with the NIST Cloud Computing Reference Architecture, which was released at the NIST cloud forum. The Reference Architecture serves as a road map for IT managers to understand, select, design and deploy cloud infrastructures.

The Standards Working Group found that “there were not many specific cloud computing standards, but many cloud-relevant IT standards” that can be leveraged, Sokol said. The three specific cloud standards include: the Open Virtualization Format from the Distributed Management Task Force, Open Cloud Computing Interface from the Open Grid Forum, and the Cloud Data Management Interface from the Storage Networking Industry Association.

Cloud service interfaces that are likely candidates for standardization include management applications programming interfaces (APIs), data exchange formats, data storage APIs, federated identity and resources descriptions. The standards road map document will describe areas in which standards are available, being developed or where new standards are needed.

The Standards Working Group recommends that agencies contribute clear and comprehensive requirements for cloud computing standards projects. Agencies should also participate actively in standards development projects, the group says.

Each cloud thinks it’s the only cloud

Cloud-to-cloud interoperability is where one of the co-founders of the Internet would like to see more efforts directed. Cloud systems have emerged from Amazon, Google, IBM and Microsoft. However, the industry is at the same stage as computer networks were in 1973, said Cerf, vice president and chief Internet evangelist at Google.

Networks worked fine. “But each network thought it was the only network in the world,” Cerf said. And, “now each cloud thinks it is the only cloud in the world.”

If someone has an enormous amount of data in Cloud A and wants to move or replicate the data to Cloud B to take advantage of its processing capability, they can't do it, because there is no common vocabulary for cloud vendors to port data to another provider. The same is true for metadata associated with access control.

There are lots of standards that can be used for the cloud. However, “in order to make progress, we should not be only working on paper, we must have real experience,” Cerf said.

The SAJACC Technical Use Cases Working Group has produced use cases, descriptions of how groups of users and their resources might interact with one or more cloud computing systems. Much of the work has focused on the infrastructure-as-a-service model centering on how to copy data objects into a cloud, said Lee Badger, NIST SAJACC Project and Working Group manager.

The SAJACC working group did not find any open support for direct cross-cloud copy of data, he noted. However, the working group did demonstrate how users on their own could copy data objects between cloud providers. But as a user of cloud services you would want the cloud provider to provide that capability, probably as an icon that you could click on, Badger said.

Cloud providers probably would not want to do this because they want to keep customers locked in to their services, said an IT director of a trade association, who attended the NIST Cloud Computing Forum.

But perhaps they have no choice, as some proponents of the cloud have said: The age of vendor lock-in is over.

About the Author

Rutrell Yasin is is a freelance technology writer for GCN.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected