Thursday, September 05, 2013

Cloud Computing Consultations with Australian Government

Greetings from the CSIRO Labs at Black Mountain in Canberra, where the Australian Government is consulting members of the computing profession on a cloud computing protocol. Previously this was to be called a "code" but that has a specific meaning under the Telecommunications Act. The idea is to provide a set of requirements which cloud computing providers would adhere to, to make consumers more confident as to what service they were going to get. Obvious issues include the privacy of the consumer's data and the reliability of the service. There is a National Cloud Computing Strategy from government and media release on the Australian Computer Society's involvement. Roland Padilla is researching this topic for his PHD at University of Melbourne and is sharing some preliminary results with us.

The Institute of IT Professionals NZ is ahead of Australia, having issued a "New Zealand Cloud Computing Code of Practice" (June 2012). This is a voluntary code and is mostly about disclosure to the client of the cloud provider's service delivery standards.
Also a draft "Australian Government Cloud Computing Strategic Direction Paper" was released for comment (deadline 31 January 2011). Glenn Archer, Acting Australian Government Chief Information Officer, has released a "Draft Report on Cloud Service Provider Certification Requirements for the Australian Government" for comment. The report recommends expanding the Data Centre as a Service (DCaaS) Multi Use List (MUL) to include cloud services and "cloud like" services. In the longer term the draft Australian Government Commercial Service Provider Assurance Framework would be extended to encompass cloud services.  Also the report recommends looking at the "National Standing Committee on Cloud Computing" (NSCCC) an industry body and the New Zealand Cloud Computing Code of Practice and the CSA Security, Trust and Assurance Registry (STAR) Program.

The period for comments on the ACS Cloud Computing Consumer Protocol - Discussion Paper have been extended to Monday 9 September 2013. Comments can be sent by email.

The Australian Computer Society (of which I am a member)  is making a considerable contribution of resources to helping the Australian Government. Hopefully the Australian Government will similarly put in resources to see something of value to the community. Previously the ACS assisted PM&C with consultations, including arranging a meeting in Canberra, 18 October 2011, which I attended. However, the Australian Government later abandoned work on this, without any public explanation, thus wasting the time of the many ACS members, including myself, who contributed and failing to adequately protect national security (I proposed a Australian CyberWarfare Battalion to address this).

No comments: