Date Published: April 2022
Author(s)
Michael Bartock (NIST), Donna Dodson (NIST), Murugiah Souppaya (NIST), Daniel Carroll (Dell/EMC), Robert Masten (Dell/EMC), Gina Scinta (Gemalto), Paul Massis (Gemalto), Hemma Prafullchandra (HyTrust), Jason Malnar (HyTrust), Harmeet Singh (IBM), Rajeev Ghandi (IBM), Laura Storey (IBM), Raghuram Yeluri (Intel), Tim Shea (RSA), Michael Dalton (RSA), Rocky Weber (RSA), Karen Scarfone (Scarfone Cybersecurity), Anthony Dukes (VMware), Jeff Haskins (VMware), Carlos Phoenix (VMware), Brenda Swarts (VMware)
A cloud workload is an abstraction of the actual instance of a functional application that is virtualized or containerized to include compute, storage, and network resources. Organizations need to be able to monitor, track, apply, and enforce their security and privacy policies on their cloud workloads, based on business requirements, in a consistent, repeatable, and automated way. The goal of this project is to develop a trusted cloud solution that will demonstrate how trusted compute pools leveraging hardware roots of trust can provide the necessary security capabilities. These capabilities not only provide assurance that cloud workloads are running on trusted hardware and in a trusted geolocation or logical boundary, but also improve the protections for the data in the workloads and in the data flows between workloads. The example solution leverages modern commercial off-the-shelf technology and cloud services to address lifting and shifting a typical multi-tier application between an organization-controlled private cloud and a hybrid/public cloud over the internet.
A cloud workload is an abstraction of the actual instance of a functional application that is virtualized or containerized to include compute, storage, and network resources. Organizations need to be able to monitor, track, apply, and enforce their security and privacy policies on their cloud...
See full abstract
A cloud workload is an abstraction of the actual instance of a functional application that is virtualized or containerized to include compute, storage, and network resources. Organizations need to be able to monitor, track, apply, and enforce their security and privacy policies on their cloud workloads, based on business requirements, in a consistent, repeatable, and automated way. The goal of this project is to develop a trusted cloud solution that will demonstrate how trusted compute pools leveraging hardware roots of trust can provide the necessary security capabilities. These capabilities not only provide assurance that cloud workloads are running on trusted hardware and in a trusted geolocation or logical boundary, but also improve the protections for the data in the workloads and in the data flows between workloads. The example solution leverages modern commercial off-the-shelf technology and cloud services to address lifting and shifting a typical multi-tier application between an organization-controlled private cloud and a hybrid/public cloud over the internet.
Hide full abstract
Keywords
cloud technology; compliance; cybersecurity; privacy; trusted compute pools
Control Families
None selected
