I was reading an interesting article the other day on a new Government Cloud service being offered by Amazon. Security advances and budgetary pressures draw agencies to cloud - Nextgov: This to me raised a number of thoughts including the cost of compliance for Amazon to maintain the system to meet some very broad and detailed government requirements. Now do not get me wrong, I think that Amazon has the capability to do this, the question becomes is there the long term desire to maintain things that the government will require of them. The flip side of this is that it may encourage the government agencies to rethink how it looks at maintaining systems and may in turn help them to reduce some of their costs internally as well.
The other thought I had was one of protecting access to the data. The federal agencies have broadly moved to smart card based authentication systems and are now looking at how to enhance that with attribute based authorization using architectures like BAE (Backend Attribute Exchange). I wonder how Amazon intends to leverage the authentication infrastructures that have been put in place. Does the Amazon offering now allow extension of the user platform beyond the traditional desktop to tablets and smartphones, both of which have become very relevant in the government market? How will Amazon handle the enhanced checking of credentials and interoperation with these systems? How open to the acceptable government profiles for SAML, OpenID and Kantara will they be? There are lots of questions here and dependent on which requirements the government has been testing the Amazon service against these may already be in the forefront or these may start to appear as people use the service.
Of course there is no lack of technology that will enhance the architecture - systems that provide for multiple authentication device types, which may be required dependent on the resource accessed, combined with the ability to roll out strong authentication credentials to smartphones or tablets (whether PKI, OTP or others), along with a variety of smart card/chip capabilities that can use various communication technologies certainly opens the field of use.
These are all things we are working with today and implementing for a broad audience. The technologies are there, the systems just need to leverage them appropriately.
- Posted using BlogPress from my iPad
No comments:
Post a Comment