By Jason Bloomberg
| By Kevin Jackson | Article Rating: |
|
| March 4, 2009 07:30 AM EST | Reads: |
26,836 |
Late last year, the Center for Strategic and International Studies (CSIS) and the distinguished list of contributors released the CSIS Commission on Cybersecurity for the 44th Presidency. This document provided several recommendations for improving the nations cybersecurity. As an approach for federating service oriented architecures, cloud computing technology could be used to implement some of their recommendations. One in particular is their recommendation for a National Office for Cyberspace (NOC) and a new National Security Council Cybersecurity Directorate (NSCCD).
Along with the relevant agencies, these organizations would:
"Assume expanded authorities, including revised Federal Information Security management Act (FISMA) authorities, oversight of the Trusted Internet Connections (TIC) initiative, responsibility for the Federal Desktop Core Configuration (FDCC) and acquisition reform, and the ability to require agencies to submit budget proposals relating to cyberspace to receive its approval prior to submission to OMB."
As widely discussed in cloud computing circles, Infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS) and software-as-a-service (SaaS) are all the required components for desktop-as-a-service (DaaS). If applied to a private government cloud, this approach could be easily adopted for the Federal Desktop Core Configuration (FDCC). (Thanks goes to Avner Algom of the Israeli Association of Grid Technologies for this insightful graphic)
As proposed in the CSIS report, the NOC and NSCCD would:
"Manage both a new federated regulatory approach for critical cyber infrastructure and a collaborative cybersecurity network across the federal government"
This would be akin to a "Federated Service Oriented Architecture" where a governance and security layer would be used to simultaneously improve cross-agency collaboration and inter-agency security. Couldn't this actually be the basis for a governmental private cloud? By developing and implementing appropriate standards and protocols for the government-wide, federated SOA layer, the NOC and NSCCD could quickly implement the suggested federated regulatory approach.
As emphasised repeatedly in the CSIS report, cyberspace is a vital asset for the nation. International engagement in order to establish international norms for cyberspace security is also stressed. What better way to set these international norms than to work diligently toward establishing a global, interoperable, secure cloud computing infrastructure.
"Assume expanded authorities, including revised Federal Information Security management Act (FISMA) authorities, oversight of the Trusted Internet Connections (TIC) initiative, responsibility for the Federal Desktop Core Configuration (FDCC) and acquisition reform, and the ability to require agencies to submit budget proposals relating to cyberspace to receive its approval prior to submission to OMB."
As widely discussed in cloud computing circles, Infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS) and software-as-a-service (SaaS) are all the required components for desktop-as-a-service (DaaS). If applied to a private government cloud, this approach could be easily adopted for the Federal Desktop Core Configuration (FDCC). (Thanks goes to Avner Algom of the Israeli Association of Grid Technologies for this insightful graphic)
As proposed in the CSIS report, the NOC and NSCCD would:
"Manage both a new federated regulatory approach for critical cyber infrastructure and a collaborative cybersecurity network across the federal government"
This would be akin to a "Federated Service Oriented Architecture" where a governance and security layer would be used to simultaneously improve cross-agency collaboration and inter-agency security. Couldn't this actually be the basis for a governmental private cloud? By developing and implementing appropriate standards and protocols for the government-wide, federated SOA layer, the NOC and NSCCD could quickly implement the suggested federated regulatory approach.
As emphasised repeatedly in the CSIS report, cyberspace is a vital asset for the nation. International engagement in order to establish international norms for cyberspace security is also stressed. What better way to set these international norms than to work diligently toward establishing a global, interoperable, secure cloud computing infrastructure.
( Thank you. If you enjoyed this article, get free updates by email or RSS - KLJ )
- Simula Labs Launches Hosted Delivery Platform To Enable Enterprise Open Source Adoption
- How To Deploy Scalable WebSphere Applications Using "Maven" Build Tool
- Automatic Integration with CruiseControl.NET, NAnt, and NUnit
- Maven: A Different Way of Looking at Software Development
- An Introduction to Maven - Part III
- Managing an Open Source Project for DotNetNuke
- An Introduction to Maven - Part I
- Advanced Ant for Adobe Flex Projects
- Put Your Next Project on Cruise Control
- Setting Up a Java Shop: How To Build Better Software Faster
Subscribe to Continuous Integration Email News Alerts
Subscribe via RSS
