U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Hardware-Enabled Security: Policy-Based Governance in Trusted Container Platforms

Published

Author(s)

Michael Bartock, Murugiah Souppaya, Haidong Xia, Raghu Yeluri, Uttam Shetty, Brandon Lum, Mariusz Sabath, Harmeet Singh, Alaa Youssef, Gosia Steinder, Yu Cao, Jayashree Ramanathan

Abstract

In today's cloud data centers and edge computing, attack surfaces have significantly increased, cyber attacks are industrialized, and most security control implementations are not coherent or consistent. The foundation of any data center or edge computing security strategy should be securing the platform on which data and workloads will be executed and accessed. The physical platform represents the foundation for any layered security approach and provides the initial protections to help ensure that higher-layer security controls can be trusted. This report explains an approach based on hardware-enabled security techniques and technologies for safeguarding container deployments in multi-tenant cloud environments. It also describes a prototype implementation of the approach intended to be a blueprint or template for the general security community.
Citation
NIST Interagency/Internal Report (NISTIR) - 8320B
Report Number
8320B
NIST Pub Series
NIST Interagency/Internal Report (NISTIR)
Pub Type
NIST Pubs

Download Paper

https://doi.org/10.6028/NIST.IR.8320B
Local Download

Keywords

cloud, container, hardware-enabled security, hardware root of trust, platform security, trusted compute pool, virtualization.
Trustworthy platforms

Citation

Bartock, M. , Souppaya, M. , Xia, H. , Yeluri, R. , Shetty, U. , Lum, B. , Sabath, M. , Singh, H. , Youssef, A. , Steinder, G. , Cao, Y. and Ramanathan, J. (2022), Hardware-Enabled Security: Policy-Based Governance in Trusted Container Platforms, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.IR.8320B, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=934361 (Accessed April 19, 2024)

Created April 20, 2022, Updated November 29, 2022