Thursday, April 21, 2022

The NCCoE Releases Three Publications on Trusted Cloud and Hardware-Enabled Security

 

The National Cybersecurity Center of Excellence (NCCoE) announces the release of three related publications on trusted cloud and hardware-enabled security. The foundation of any data center or edge computing security strategy should be securing the platform on which data and workloads will be executed and accessed. The physical platform represents the first layer for any layered security approach and provides the initial protections to help ensure that higher-layer security controls can be trusted.

Trusted Cloud: Security Practice Guide for VMware Hybrid Cloud Infrastructure as a Service (IaaS) Environments
(NIST SP 1800-19)

 

NIST Special Publication (SP) 1800-19 presents an example of a trusted hybrid cloud solution that demonstrates how trusted compute pools leveraging hardware roots of trust can provide the necessary security capabilities for cloud workloads in addition to protecting the virtualization and application layers. View the document.


Each of the reports below, NISTIR 8320B and NISTIR 8320C, are intended to be used as a blueprint or template that the general security community can use as example proof of concept implementations.

Hardware-Enabled Security: Policy-Based Governance in Trusted Container Platforms (NISTIR 8320B)

 

NISTIR 8320B explains an approach based on hardware-enabled security techniques and technologies for safeguarding container deployments in multi-tenant cloud environments. View the document.

Hardware-Enabled Security: Machine Identity Management and Protection (NISTIR 8320C)

 

Draft NISTIR 8320C presents an approach for overcoming security challenges associated with creating, managing, and protecting machine identities, such as cryptographic keys, throughout their lifecycle. View the document.

We Want to Hear from You!

Review the draft NISTIR 8320C and submit comments online on or before June 6, 2022. You can also contact us at hwsec@nist.gov. We value and welcome your input and look forward to your comments.