NIST's National Cybersecurity Center of Excellence (NCCoE) has finalized NISTIR 8320A, Hardware-Enabled Security: Container Platform Security Prototype.
The foundation of any data center or edge computing security strategy should be securing the platform on which data and workloads will be executed and accessed. The physical platform represents the first layer for any layered security approach and provides the initial protections to help ensure that higher-layer security controls can be trusted.
This report explains an approach based on hardware-enabled security techniques and technologies for safeguarding container deployments in multi-tenant cloud environments. It also describes a proof-of-concept implementation of the approach—a prototype—that is intended to be a blueprint or template for the general security community.
If you’re interested in being involved with the NCCoE’s continuing work on hardware-enabled security, you can contact us at hwsec [at] nist.gov.