Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Trusted Cloud: Draft SP 1800-19 Volume B, "Approach, Architecture, and Security Characteristics" is Now Available for Comment

The NCCoE seeks comments on Volume B ("Approach, Architecture, and Security Characteristics") of Draft SP 1800-19, Trusted Cloud: Security Practice Guide for VMWare Hybrid Cloud Infrastructure as a Service (IaaS) Environments

NIST has released a preliminary draft of NIST Special Publication (SP) 1800-19B, Trusted Cloud: Security Practice Guide for VMWare Hybrid Cloud Infrastructure as a Service (IaaS) Environments (Approach, Architecture, and Security Characteristics). This preliminary draft is stable but has some gaps in its content that will be addressed in the next draft. [A draft of Volume A, Executive Summary, was released in August 2018.]

The initial comment period for Volume B will close on January 11, 2019. See the publication details for links to the document and instructions for submitting comments.


The National Cybersecurity Center of Excellence (NCCoE) at NIST recognizes the need to address security and privacy challenges for the use of shared cloud services in hybrid cloud architectures, and has launched this project. This project is using commercially available technologies to develop a cybersecurity reference design that can be implemented to increase security and privacy for cloud workloads on hybrid cloud platforms.

This project will demonstrate how the implementation and use of trusted compute pools not only will provide assurance that workloads in the cloud are running on trusted hardware and are in a trusted geolocation, but also will improve the protections for the data within workloads and flowing between workloads. This project will result in a NIST Cybersecurity Practice Guide - a publicly available description of the solution and practical steps needed to implement a cybersecurity reference design that addresses this challenge.

 

Released November 20, 2018, Updated July 5, 2019