Information Security - Neil Readshaw
Neil Readshaw 270001X752 firstname.lastname@example.org Tags:  cloud-computing tonkin nist cloud-security 507 Visits
NIST has published two new papers on Cloud Computing. The papers are currently still in draft. The Guidelines on Security and Privacy in Public Cloud Computing (SP 800-144) is an interesting one, echoing considerations I have read elsewhere on this topic (such as IBM's own Cloud Security Guidance - IBM Recommendations for the Implementation of Cloud Security). Perhaps the most significant aspect of the publication is that it is from NIST, reflecting an increased focus on public cloud from government. It will be interesting to see how this will translate into real deployments over the next couple of years.
For me, the publication is timely as I am due to speak at Tonkin Corporation's Electronic Identity Verification conference on the topic of "Managing Identity in the Cloud". The conference is a one-day event being held in both Sydney (Feb 23) and Melbourne (Feb 25). I'm looking forward to hearing the other speakers to grow my own knowledge of EIV.
Neil Readshaw 270001X752 email@example.com Tags:  gcn government-computer-news tklm nist tivoli-key-lifecycle-mana... encryption 591 Visits
Today I read a short though interesting article on the Government Computer News site titled "Five encryption tips from NIST". For me this article was quite timely as I had spent last week in Beijing teaching IBMers and business partners about a number of Tivoli security solutions, including Tivoli Key Lifecycle Manager (TKLM). I've added a few annotations below on each of the points raised by NIST.