Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Security Assurance Requirements for Linux Application Container Deployments



Ramaswamy Chandramouli


In order for security solutions for application container environments to effectively meet their security objectives, it is necessary to analyze those security solutions and detail the metrics they must satisfy in the form of security assurance requirements. Since Linux and its various distributions form the predominant host OS component of the deployed container platforms, the focus of this document is on security assurance requirements for security solutions for application containers hosted on Linux.
NIST Interagency/Internal Report (NISTIR) - 8176
Report Number


application container, capabilities, Cgroups, container image, container registry, kernel loadable module, Linux kernel, namespace, Trusted Platform Module.


Chandramouli, R. (2017), Security Assurance Requirements for Linux Application Container Deployments, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed May 26, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created October 11, 2017, Updated May 4, 2021