NIST Issues Draft Guidance for Cloud Access Mgmt

The National Institute of Standards and Technology is looking for input on its draft guidance for managing user access to cloud infrastructure including commercial “as a service” models.

NIST said that the draft document covers cloud access control procedures in line with federal requirements for protecting sensitive information and critical computing resources.

The agency noted that while AC procedures encompass infrastructure- and platform-as-a-service environments as well as software-as-a-service frameworks, each model has a set of requirements specific to their respective cloud architectures.

According to NIST, previous cloud-focused AC standards did not cover comprehensive user access assessments and primarily served as ad hoc guidelines. However, the agency noted that the draft guidance does not include organization-specific standards for internal cloud AC functionalities.

NIST will accept stakeholder feedback through May 15.

Check Also

A-10 Thunderbolt II

USAF to Hold Virtual Industry Event for Aircraft Control System Redesign Effort

The U.S. Air Force plans to host a virtual industry event from Aug. 25 to 26 to answer queries and obtain input in line with the redesign of the A-10 Thunderbolt II aircraft's central interface control system.