NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Hardware-Enabled Security: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases

Published

Author(s)

Murugiah Souppaya, Michael Bartock, Karen Scarfone, Ryan Savino, Tim Knoll, Uttam Shetty, Mourad Cherfaoui, Raghu Yeluri, Don Banks, Akash Malhotra, Michael Jordan, Dimitrios Pendarakis, Peter Romness

Abstract

In today's cloud data centers and edge computing, attack surfaces have shifted and, in some cases, significantly increased. At the same time, hacking has become industrialized, and most security control implementations are not coherent or consistent. The foundation of any data center or edge computing security strategy should be securing the platform on which data and workloads will be executed and accessed. The physical platform represents the first layer for any layered security approach and provides the initial protections to help ensure that higher-layer security controls can be trusted. This report explains hardware-enabled security techniques and technologies that can improve platform security and data protection for cloud data centers and edge computing.
Citation
NIST Interagency/Internal Report (NISTIR) - 8320
Report Number
8320
NIST Pub Series
NIST Interagency/Internal Report (NISTIR)
Pub Type
NIST Pubs

Download Paper

https://doi.org/10.6028/NIST.IR.8320
Local Download

Keywords

confidential computing, container, hardware-enabled security, hardware security module (HSM), secure enclave, trusted execution environment (TEE), trusted platform module (TPM), virtualization.
Trustworthy platforms and Cybersecurity and privacy

Citation

Souppaya, M. , Bartock, M. , Scarfone, K. , Savino, R. , Knoll, T. , Shetty, U. , Cherfaoui, M. , Yeluri, R. , Banks, D. , Malhotra, A. , Jordan, M. , Pendarakis, D. and Romness, P. (2022), Hardware-Enabled Security: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.IR.8320, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=934427 (Accessed October 9, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created May 4, 2022, Updated November 29, 2022
Was this page helpful?