The National Institute of Standards and Technology is going to weigh in on cloud computing and has started by working on a definition of what cloud computing is.

While it hasn’t officially released its draft definition, it’s been posted on several blogs, including this one by Chris Hoff, who makes an important observation: the NIST draft is similar to his own definition of clouds which is similar to that of the Jericho Forum.

Hoff’s work for the Cloud Security Alliance so closely resembled that of the Jericho Forum that members of both groups promised at the recent RSA conference to work together.

NIST, CSA and Jericho Forum agreeing on what clouds are is an important step toward getting a set of cloud standards, including security, in place. Together, they represent a broad spectrum of interested parties.

For its part, NIST is exploring the possibilities cloud computing holds for the government and weighing the merits of a single government cloud vs. multiple clouds built agency by agency. NIST’s security concerns are significant and align well with what businesses ought to worry about.

The agency breaks its security concerns into creating a secure overall cloud architecture, securing applications that might exist within that cloud, centralizing security monitoring and enabling forensics in a cloud to discover the cause of security breaches. NIST’s results in any of these areas can be instructive to corporations considering cloud services.

Significantly, NIST is also considering how the government might use third-party clouds and insure a measure of security using service level agreements. Apparently NIST gives cloud service providers the benefit of the doubt when it comes to creating environments secure enough to pass federal muster, bringing a broader consensus to the utility of cloud services.

Tim Greene is senior editor at Network World.