In this paper, researchers provide a preliminary analysis on the forensic implications of cloud computing reference architecture, on the segregation of duties of cloud actors in cloud investigations, forensic artifacts on all layers of cloud system stack, cloud actors interaction scenarios in cloud investigations, and forensic implications of all cloud deployment models. Defining intercloud architecture for interoperability and. Administrative domains, regulatory environments, identity providers, cloud service consumer, cloud service provider. Each actor plays a role and performs a set of activities and functions. The adoption of cloud computing into the federal government and its implementation depend upon a variety of technical and nontechnical. A design of cnc architecture based on cloud computing. The national institute of standards and technology released their security reference architecture for cloud computing, setting an important baseline for cloudbased systems in the united states.
Nist cloud computing reference architecture, an associated set of security components derived from the csa tcira, and a methodology for using the formal model and the security components to orchestrate. Itl skip to main content an official website of the united states government. A fundamental reference point, based on the nist definition of cloud computing, is needed to describe an. Cloud computing has been defined by nist as a model for enabling convenient, ondemand network access to a shared pool of configurable computing resources e. Nist cloud computing reference architecture proceedings. The purpose of this document is to define a nist cloud computing security reference architecture nccsra a framework that. Recommendations of the national institute of standards and technology special publication 500292 9781478168027. Nist sp 500322 evaluation of cloud computing services based on nist 800145.
Nist draws up a security architecture for cloud computing. Information technology laboratory cloud computing program nist cloud computing reference architecture toplevel view the nist cloud computing reference architecture consists of five major actors. Nist cloud computing reference architecture guide books. With all the opinionbased cloud computing definitions out there, it is hard to come to an agreement about what the cloud or a cloud service is. Certain commercial entities, equipment, or material may be identified in this document in order to describe a concept adequately. Cloud forensics nist cloud computing standardization digital investigation digital forensics. It has been created from the collective experiences of hundreds of cloud client engagements and implementation of ibmhosted clouds. Page 18 2 background this document presents the nist cloud computing security reference architecture formal model derived from nist sp 500292. Terminology of the reference architecturenist refernecemodel cloud service auditor 1 a party that can conduct independent examination of cloud service controls with the intent to express an opinion thereon. The nist definition characterizes important aspects of cloud computing and is intended to serve as a means for broad comparisons of cloud services anddeployment strategies, and to provide a baseline for discussion from what is cloud computing to how to best use cloud computing. Nist spotlights five actors in the cloud by judith myerson in cloud on october 23, 2014, 8. Nist cloud computing security reference architecture draft. The goal is to accelerate the federal governments adoption of secure and effective cloud computing to reduce costs and improve services.
Evaluation of cloud computing services based on nist 800145. This document presents the nist cloud computing reference architecture ra and taxonomy tax that will accurately communicate the components and offerings of cloud computing. Nist and describes standards research in support of the nist cloud computing program. Guidelines on security and privacy in public cloud computing. Michaela iorga, senior security technical lead for cloud computing cochair, cloud security wg. Nist cloud computing reference architecture ieee conference. The nist cloud computing security reference architecture provides a security overlay to the nist cloud computing reference architecture published in 2011. Nist sp 500292 nist cloud computing reference architecture ii reports on computer systems technology the information technology laboratory itl at the national institute of standards and technology nist promotes the u.
This alert has been successfully added and will be sent to. Nist cloud computing security reference architecture 800299. Recent years have witnessed a rapid increase not only in interest, but also in the actual adoption. Download scientific diagram cloud reference architecture by nist. Special publication 500292 discusses how the adoption of cloud computing into the federal government and its implementation depend upon a variety of technical and nontechnical factors. Cloudy with showers of business opportunities and and a good chance of security and accountability dr. An overview of the nist cloud computing program and reference architecture. This actorrole based model used the guiding principles of the nist cloud computing reference architecture to develop a model with 11 components. The nist definition characterizes important aspects of cloud computing and is intended to serve as a means for broad comparisons of cloud services and deployment strategies, and to provide a baseline for discussion from what is cloud computing to how to best use cloud computing. You will be notified whenever a record that you have chosen has been cited. Nist cloud computing standards roadmap xi foreword this is the second edition of the nist cloud computing standards roadmap, which has been developed by the members of the public nist cloud computing standards roadmap working group. Product development in a multidisciplinary environment pp 11191129 cite as. This is the second edition of the nist cloud computing standards roadmap, which has been developed by the members of the public nist cloud computing standards roadmap working group.
California enterprise architecture framework cloud. Nist cloud computing reference architecture slideshare. So, cloud computing is measured, ondemand, elastic computing using pooled resources, usually on the internet. Standardized architecture for nistbased assurance frameworks on the aws cloud.
The reference architecture includes the cloud computing roles, cloud computing activities, and the cloud computing functional components and their relationships. About nist special publication 500292 nist cloud computing reference architecture permalink the adoption of cloud computing into the us government usg and its implementation depend upon a variety of technical and nontechnical factors. Digital forensic readiness architecture for cloud computing systems. Nist cloud computing reference architecture semantic scholar. The purpose of this document is to define a nist cloud computing security reference architecture nccsraa framework that. The ibm cloud computing reference architecture ccra is a blueprint to guide ibm development teams and field practitioners in the design of public and private clouds. Cloudy with showers of business opportunities and nist and. Nist cloud computing standards roadmap working group. This growth of cloud computing service consumers may influence the future data centers and operational models.
Standard andor project under the direct responsibility of isoiec jtc 1sc 38 secretariat stage ics. Such identification is not intended to imply recommendation or endorsement by the national institute of standards and technology. Manifesting itself as the descendant of several other computing research areas such as serviceoriented architecture, distributed and grid computing, and virtualization, cloud computing inherits. Secure systems research group fau a security reference architecture for cloud systems eduardo b. Recommendations of the national institute of standards and technology special publication 500292 june. This cloud model is composed of five essential characteristics, three. The issue of intercloud operability due to different cloud computing vendors reference architecture ra needs to be addressed to allow consumers to use services from any vendor. Of course, for that to be possible, the united states government will need to ensure maximum security for those cloud applications. Nist national institute for standards and technology the following standards have been retained for the csc phase 2 maturity assessment. Pdf nist cloud computing reference architecture researchgate. A fundamental reference point, based on the nist definition of cloud computing, is needed to describe an overall framework that can be used governmentwide. This document describes these components individually and how they function as an ensemble. Nist spotlights five actors in the cloud techrepublic. When a provider claims conformance with any other standard, it should cite the specific version and.
This edition includes updates to the information on portability, interoperability, and security. Jun 1, 2016 this major update to the nist 80053 quick start published earlier this year deploys a standardized environment that helps support additional nistbased security requirements on the aws cloud. This document presents the nist federated cloud reference architecture model. Nist cloud computing security reference architecture nist. This is a vendor neutral conceptual model that concentrates on the role and interactions of the. This paper presents the first version of the nist cloud computing reference architecture ra. Nist cloud computing reference architecture ccra within the resource abstraction and control layer and hardware layer. Cloud computing is a model for enabling ubiquitous, convenient, ondemand network access to a shared pool of configurable computing resources e. The nist cloud federation reference architecture nist. Nists security reference architecture for the cloudfirst. In the proposed solution, users can also launch thirdparty software e. Cloud computing is the next step in the continued evolution of information systems.
Nist special publication 500292, nist cloud computing reference architecture, september 2011 nist special publication 500293, us government cloud computing technology roadmap, volume i and volume ii, october 2014 nist special publication 500299, nist cloud computing security reference. The us national institute of standards and technology nist has developed a clear and concise definition of what cloud is that has been broadly adopted, both nationally and. Recommendations of the national institute of standards and technology special publication 500292june. Nist cloud computing security reference architecture. Cad, cam, and cae on the cloudenabled frontend, making it. Cloud computing cc reference architecture ra version 1. Cloud computing reference architecture from different.
An assessment of existing technical standards that could be used in cloud computing and a reference architecture for government use in the cloud have been published by the. Find, read and cite all the research you need on researchgate. Nist publishes a standards framework and reference. The nist definition characterizes important aspects of cloud computing and is. Sp 800145, the nist definition of cloud computing csrc. The nist cloud computing program designs security assessments, procedures, and technical guidance documents on building cloud architecture and services and. Fang liu, jin tong, jian mao, robert bohn, john messina, lee badger, dawn leaf. An overview of the nist cloud computing program and reference. Next, the nist definition of cloud computing list three service models. An overview of the nist cloud computing program and. This actorrole based model used the guiding principles of the nist cloud computing reference architecture to develop an eleven component model. Cloud computing reference architecture and its forensic implications. The nist cloud computing program is a set of best procedures, practices and standards for developing, deploying and maintaining cloud computing architecture. Thus, the computing ability and intelligence of cnc systems can be improved by a switch to the cloud architecture.
1077 140 1149 576 311 1344 1387 450 483 1282 1612 969 444 87 825 1046 837 606 1414 1545 1374 803 1564 1118 1328 616 231 1367 507 875 835 143 118 324 328 1354 898