Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Does Cloud Computing Offer a Viable Option for the Control of

advertisement 
“Does Cloud Computing Offer a Viable Option for the Control of
Statistical Data: How Safe Are Clouds”
Federal Committee for Statistical Methodology (FCSM)
Policy Conference
Presented by:
Harry Lee, Senior Computer Scientist for Infrastructure
U.S. Census Bureau
December 5, 2012
U.S. Department of Commerce
Economics and Statistics Administration
U.S. CENSUS BUREAU
Census Bureau Cloud Approach Overview
Agenda
• Cloud Computing Defined
• Why Cloud?
• Census Hybrid Cloud Approach
• Internal Census Use of Cloud Services
• External Access to Census Data and Services
• Shared Infrastructure and Services
• What Controls are Needed?
• Is the “Cloud” Safe Enough?
• Questions
U.S. Department of Commerce
Economics and Statistics Administration
U.S. CENSUS BUREAU
2
Census Bureau Cloud Approach Overview
Cloud Computing Defined
The NIST Definition of Cloud Computing
“Cloud computing is a model for enabling
convenient, on-demand network access to a
shared pool of configurable computing
resources (e.g., networks, servers, storage,
applications, and services) that can be rapidly
provisioned and released with minimal
management effort or service provider
interaction. This cloud model is composed of
five essential characteristics, three service
models, and four deployment models.”
U.S. Department of Commerce
Economics and Statistics Administration
U.S. CENSUS BUREAU
3
Census Bureau Cloud Approach Overview
Why Cloud?
Alignment with Federal Government Goals, Objectives and
Initiatives, primary examples include:
• 25 Point Implementation Plan to Reform Federal Information
Technology Management (12/9/2010)
• “Cloud First” Policy when looking to add IT resources
and or capabilities
• Federal Cloud Computing Strategy (2/8/2011)
• Highly reliable, innovative services quickly
despite resource constraints
• Digital Government Strategy (5/23/2012)
• Better content and data through
multiple channels
U.S. Department of Commerce
Economics and Statistics Administration
U.S. CENSUS BUREAU
4
Census Bureau Cloud Approach Overview
Why Cloud?
Cloud Benefits - Better, Faster, Cheaper…….even “Greener”
Efficiency
• Improved asset utilization (server utilization > 60-70%)
• Aggregated demand and accelerated system consolidation
(e.g., Federal Data Center Consolidation Initiative)
• Improved productivity in application development,
application management, network, and end-user
Agility
• Purchase “as-a-service” from trusted cloud providers
• Near-instantaneous increases and reductions in capacity
• More responsive to urgent agency needs
Innovation
• Shift focus from asset ownership to service management
• Tap into private sector innovation
• Encourages entrepreneurial culture
• Better linked to emerging technologies (e.g., devices)
U.S. Department of Commerce
Economics and Statistics Administration
U.S. CENSUS BUREAU
5
Census Bureau Cloud Approach Overview
Hybrid Cloud Approach
• 3 Cloud Model –
Private,
Government
Community,
Public
(composition of two or more clouds that remain
unique entities but are bound together, offering the
benefits of multiple deployment models.)
• Multiple
methods of data
access – web
site, web apps,
APIs, VDI, LAN
• 2 Consumer
Groups – Internal
(Census,
Partners),
External (Gov,
Public)
• Shared
Infrastructure –
network,
servers, storage,
security
• Multiple levels of
security – data,
apps, network,
device, user
• Shared Services
– data
management,
collaboration,
applications
• Governance & Compliance
Census Bureau Cloud Approach Overview
Both internal and external Census customers use a growing list of IT services
7
Census Bureau Cloud Approach Overview
Census’ public API - Makes data available to developers, both inside and outside of Census
8
Census Bureau Cloud Approach Overview
Mobile applications provide powerful data visualization of the nation’s economy, people & places
9
Census Bureau Cloud Approach Overview
Enabling Telework via a Virtual
Desktop Infrastructure (VDI) #3
Threats of the user’s device contaminating Census
Bureau systems and/or network are eliminated
4 Points about VDI
#2
Users work with files
and applications
which are centrally
located
Virtual Desktop
Infrastructure
Idle (Available Resources)
Firewall
#4
All system administration
tasks, systems and
software upgrades, backup
of user files, etc. occur
within the Census Bureau’s
Private Cloud
Session B
Session E
Session B
Authorized
External
Session C
Session D
Session A
Session A
Session C
#1
Teleworker
/WAH
Session D
Using personally
owned PCs, MACs,
or tablets users view
work sessions run
through a firewall
and processed in the
Census Bureau’s
Private Cloud
Session E
Users located at
Census Headquarters
U.S. Department of Commerce
Economics and Statistics Administration
U.S. CENSUS BUREAU
Census Bureau
Private Cloud
Note: The Census VDI
infrastructure is currently
capable of supporting over
10,000 users, is scalable to
over a million users, and
provides the opportunity to
replace all desktops PCs with
thin clients.
10
Census Bureau Cloud Approach Overview
What Controls are Needed?
• Data Security – Secure the data as primary security control
• Application Security – Build security into the application as well as the data being
accessed
• Network Security – User and device network access controls
• Device Security – Control and protect the devices accessing your data/systems
• User Authentication and Authorization – For access to “protected” data and
associated services
• Web Browser Security - Cloud users and administrators rely heavily on Web
browsers, so browser security features can lead to cloud security breaches
Census Bureau Cloud Approach Overview
Is the “Cloud” Safe Enough?
• With the proper security controls (based on level of data sensitivity)
• With the proper visibility (into access and usage)
• With the proper reviews (into who and what; and how to improve controls)
Questions?
Census Bureau Mission
“The Census Bureau serves as the leading source of quality data about the nation's people and economy. We honor privacy, protect confidentiality,
share our expertise globally, and conduct our work openly. We are guided on this mission by our strong and capable workforce, our readiness to
innovate, and our abiding commitment to our customers.”
Related documents
Document
Document
Amy O`Hara, Census - Washington Statistical Society
Amy O`Hara, Census - Washington Statistical Society
More on the project
More on the project
Document
Document
An Overview of Statistical Methodology at the Census Bureau
An Overview of Statistical Methodology at the Census Bureau
20-Questions-U.S.-Government-Resources915
20-Questions-U.S.-Government-Resources915
Measuring Population Aim-to know the statistics used to measure
Measuring Population Aim-to know the statistics used to measure
Download
advertisement