The NCCoE Releases Three Publications on Trusted Cloud and Hardware-Enabled Security


The National Cybersecurity Center of Excellence (NCCoE) announces
the release of three related publications on trusted cloud and hardware-enabled
security. The foundation of any data center or edge computing security strategy
should be securing the platform on which data and workloads will be executed
and accessed. The physical platform represents the first layer for any layered
security approach and provides the initial protections to help ensure that
higher-layer security controls can be trusted.

Trusted Cloud: Security Practice Guide for VMware
Hybrid Cloud Infrastructure as a Service (IaaS) Environments

(NIST SP 1800-19)


NIST Special Publication (SP) 1800-19 presents an example of a
trusted hybrid cloud solution that demonstrates how trusted compute pools
leveraging hardware roots of trust can provide the necessary security
capabilities for cloud workloads in addition to protecting the virtualization
and application layers. View the document.

Each of the reports below, NISTIR 8320B and NISTIR 8320C, are intended to be
used as a blueprint or template that the general security community can use
as example proof of concept implementations.

Hardware-Enabled Security: Policy-Based Governance in
Trusted Container Platforms
(NISTIR 8320B)


NISTIR 8320B explains an approach based on hardware-enabled
security techniques and technologies for safeguarding container deployments
in multi-tenant cloud environments. View the document.

Hardware-Enabled Security: Machine Identity Management
and Protection
(NISTIR 8320C)


Draft NISTIR 8320C presents an approach for overcoming security
challenges associated with creating, managing, and protecting machine
identities, such as cryptographic keys, throughout their lifecycle. View the document.

We Want to Hear from You!

Review the draft NISTIR 8320C and submit comments online on or before
June 6, 2022. You can also contact us at
We value and welcome your input and look forward to your comments.