Information Security - Neil Readshaw
Neil Readshaw 270001X752 firstname.lastname@example.org Tags:  cloud-computing nist tonkin cloud-security 523 Visits
NIST has published two new papers on Cloud Computing. The papers are currently still in draft. The Guidelines on Security and Privacy in Public Cloud Computing (SP 800-144) is an interesting one, echoing considerations I have read elsewhere on this topic (such as IBM's own Cloud Security Guidance - IBM Recommendations for the Implementation of Cloud Security). Perhaps the most significant aspect of the publication is that it is from NIST, reflecting an increased focus on public cloud from government. It will be interesting to see how this will translate into real deployments over the next couple of years.
For me, the publication is timely as I am due to speak at Tonkin Corporation's Electronic Identity Verification conference on the topic of "Managing Identity in the Cloud". The conference is a one-day event being held in both Sydney (Feb 23) and Melbourne (Feb 25). I'm looking forward to hearing the other speakers to grow my own knowledge of EIV.
Neil Readshaw 270001X752 email@example.com Tags:  government-computer-news gcn nist tklm tivoli-key-lifecycle-mana... encryption 601 Visits
Today I read a short though interesting article on the Government Computer News site titled "Five encryption tips from NIST". For me this article was quite timely as I had spent last week in Beijing teaching IBMers and business partners about a number of Tivoli security solutions, including Tivoli Key Lifecycle Manager (TKLM). I've added a few annotations below on each of the points raised by NIST.