Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Trusted Cloud: Security Practice Guide for VMware Hybrid Cloud Infrastructure as a Service (IaaS) Environments



Murugiah Souppaya, Michael Bartock, Karen Scarfone, Donna Dodson, Daniel Carroll, Gina Scinta, Hemma Prafullchandra, Harmeet Singh, Raghuram Yeluri, Tim Shea, Carlos Phoenix, Robert Masten, Paul Massis, Jason Malnar, Michael Dalton, Anthony Dukes, Brenda Swarts, Rajeev Ghandi, Laura Storey, Rocky Weber, Jeff Haskins


A cloud workload is an abstraction of the actual instance of a functional application that is virtualized or containerized to include compute, storage, and network resources. Organizations need to be able to monitor, track, apply, and enforce their security and privacy policies on their cloud workloads, based on business requirements, in a consistent, repeatable, and automated way. The goal of this project is to develop a trusted cloud solution that will demonstrate how trusted compute pools leveraging hardware roots of trust can provide the necessary security capabilities. These capabilities not only provide assurance that cloud workloads are running on trusted hardware and in a trusted geolocation or logical boundary, but also improve the protections for the data in the workloads and in the data flows between workloads. The example solution leverages modern commercial off-the-shelf technology and cloud services to address lifting and shifting a typical multi-tier application between an organization-controlled private cloud and a hybrid/public cloud over the internet.
Special Publication (NIST SP) - 1800-19
Report Number


cloud technology, compliance, cybersecurity, privacy, trusted compute pools


Souppaya, M. , Bartock, M. , Scarfone, K. , Dodson, D. , Carroll, D. , Scinta, G. , Prafullchandra, H. , Singh, H. , Yeluri, R. , Shea, T. , Phoenix, C. , Masten, R. , Massis, P. , Malnar, J. , Dalton, M. , Dukes, A. , Swarts, B. , Ghandi, R. , Storey, L. , Weber, R. and Haskins, J. (2022), Trusted Cloud: Security Practice Guide for VMware Hybrid Cloud Infrastructure as a Service (IaaS) Environments, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online],, (Accessed May 30, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created April 20, 2022, Updated November 29, 2022