1. Cloud Computing Initiative Vision and Strategy Document (DRAFT) February 2010

4. The NIST Definition Offers Multiple Delivery Models for Cloud Computing Public Internet Public Cloud: The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services. Community Cloud: The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be managed by the organizations or a third party and may exist on premise or off premise. Hybrid Cloud: The cloud infrastructure is a composition of two or more clouds (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting). Private Cloud Commercially Hosted: Publically available Cloud Computing services offered through commercial sources that are dedicated and separate from the Public both physically and logically and must to remain within the U.S. borders to support heighted data security and privacy requirements. Access to these services are provided through a dedicated Government Intranet and is not accessible from the Public Internet. Government Dedicated Intranet Private Government Cloud : The cloud infrastructure is operated solely for an organization. It may be managed by the organization or a third party and may exist on premise or off premise. Cloud Sourcing Models Outsourced Government Trust (Security and Data Privacy) High Low Private Government Cloud Private Commercially Hosted Cloud Public Cloud Hybrid Government Cloud Community Cloud

6. Enable Support Lead Federal Cloud Computing Goals and Primary Objectives and Initiatives Establish and Manage Governance Provide Procurement Leadership Facilitate Implementation Operate as a Solutions Provider Conduct Outreach Activities Drive Cloud Technology Innovation Enable Sustainable & Cost-Effective Computing (Green IT, TCO) Goal Area Establish a Security Working Group Develop Acquisition Vehicles to Ease Agency Procurement of Cloud Computing Solutions Assist & Guide Agencies to Implement Cloud Solutions (e.g. Service Provisioning) Develop the Cloud Services Business Model Design and Implement a Central Information Portal for Federal Cloud Computing Identify Common Cloud Services & Foster Standards Development & Security Policies Identify Cloud Computing Performance Metrics Primary Objective Establish Security Initiative and Implement and Manage a Federal C&A Process Develop Acquisition Roadmap Identify and Facilitate Cloud Computing Agency Pilots Develop Services Roadmap Establish Communications Initiative and Develop Portal Develop Requirements for Portability Standards Establish Performance Metrics Initiative Primary Initiative Define Data Center Optimization Strategy Develop Data Center Analysis and Agency Goals Create Federal policies on security, standards, and governance Provide cloud computing solutions in support of Federal agency missions Provide strategic roadmaps, best practices, and acquisition guidance This information is draft and has not been published, please do not disseminate

7. Federal Cloud Computing Transition Plan Assist Agencies in Implementing/Providing Cloud Solutions and Services Identify Cloud Computing Performance Metrics Stand Up Federal C&A Process Develop Acquisition Roadmap Identify Technology Center Initiatives and Agency Pilots Develop Services Roadmap Develop Portal Establish Performance Metrics Initiative Program Management/ Governance/ Communications Standards Security Acquisition/ Procurement/ Services Develop Cloud Computing Maturity Model Develop Cloud Computing Implementation Guide for Agencies Develop Cloud Segment Architectures 2011 … Workstream Manage ESC, CCAC and Working Groups (ongoing) Adoption and Implementation (Sustainable and Cost-Effective Computing and Data Center Consolidation and Optimization) Conduct Outreach Activities (Summits, Online Discussions, Training, etc.) 2010 Coordinate with Working Groups and Agencies to Collect Content for Portal (ongoing) Identify Interoperability and Portability Standards Requirements Identify Security Standards Requirements Identify Manageability Standards Requirements Work with Industry Standards Bodies (ongoing) Develop Standards Roadmap Fully Inventory Security Challenges (e.g. identify FISMA gaps) Identify Pilots or Other Projects that can Test Security Issues Develop Analytic Framework Develop Data Center Assessment Guide and Maturity Model Assist Agencies in Data Center Optimization Strategies Award IaaS Release PaaS RFI Develop Guidelines for Leveraging Contract Vehicles Identify Integration and Coordination Points between Working Groups and other Government Fora (ongoing) Coordinate Policy and Strategy Development (eDiscovery, Records Management, Privacy, etc.) Maintenance of Apps.Gov (ongoing) Work with Agencies on Enabling Standards Adoption (ongoing) Validate Standards Use Cases Work with Agencies and Industry to Facilitate Use of the Federal C&A (ongoing) Coordinate Across the Federal Acquisition Community to Implement Procurement Policies Facilitate Adoption of Apps.Gov Establish, Manage and Coordinate Developer Communities and Application Libraries Identify Security Policy Issues, Coordinate Feedback and Determine Recommendations Implement and Manage Pilots Identify Data Center Pilots and Develop Tools Conduct Data Center Analysis Implement, Manage Pilots and Capture Best Practices and Lessons Learned Develop Data Center Recommendations for Agencies Finalize Communications Plan Develop and Manage Templates Develop Draft SOWs This plan is currently under consideration and should be considered Notional/Draft.

10. Government Cloud Services Model Online User Interface

12. Government Cloud Services Model Cloud Relationship View Behind the scenes are the core cloud services that support the daily functions for Government employees Commercially Hosted Private Clouds Public Cloud Vendors Internet Government Hybrid Clouds Provisioning Integration Procurement Financials Reporting Management Security C&A Public Cloud Vendors Government Private Clouds Government Private Clouds DMZ DMZ Single Sign on

13. Federal Cloud Computing Draft Services Framework User Tools Infrastructure as a Service (IaaS) Platform as a Service (PaaS) Software as a Service (SaaS) / Applications User/ Admin Portal Reporting & Analytics Service Mgmt & Provisioning Analytic Tools Data Mgmt Reporting Knowledge Mgmt Citizen Engagement Application Integration API’s Workflow Engine EAI Mobile Device Integration Data Migration Tools ETL Wikis / Blogs Social Networking Agency Website Hosting Email / IM Virtual Desktop Office Automation Business Svcs Apps Core Mission Apps Legacy Apps (Mainframes) Gov Productivity Gov Enterprise Apps Database Testing Tools Developer Tools DBMS Directory Services Security & Data Privacy Data/Network Security Data Privacy Certification & Compliance Authentication & Authorization Auditing & Accounting Service Provisioning SLA Mgmt Inventory Mgmt CoS/QoS Mgmt Utilization Monitoring App Perf Monitoring DR / Backup Operations Mgmt Storage Virtual Machines Web Servers Server Hosting CDN Data Center Facilities Routers / Firewalls LAN/WAN Internet Access Hosting Centers Core Foundational Capabilities Cloud Services User Profile Mgmt Trouble Mgmt Product Catalog Order Mgmt Billing / Invoice Tracking Customer / Account Mgmt