U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST releases Draft NISTIR 8176, Security Assurance Requirements for Linux Application Container Deployments
August 01, 2017

NIST releases Draft NISTIR 8176, Security Assurance Requirements for Linux Application Container Deployments

 

Application Containers are slowly finding adoption in enterprise IT infrastructures. To address security concerns associated with deployment of application container platforms, NIST Special Publication 800-190 (2nd Draft), Application Container Security Guide, identified security threats to the components of the platform hosting the containers and related artifacts involved in building, storing and using container images. It has also proposed countermeasures for the following components: Hardware, Host OS, Container Runtime, Image, Registry and Orchestrator.

To implement the countermeasures one or more security solutions are needed. To assess the effectiveness of the security solutions implemented based on these recommendations, it is necessary to analyze them and outline the security assurance requirements they must satisfy to meet their intended objectives. This is the contribution of Draft NIST Internal Report (NISTIR) 8176, which focuses on application containers on Linux platforms.

Comments are due August 25, 2017; they may be submitted to NISTIR8176@nist.gov

 

For full details and a link to the document.

Created August 01, 2017, Updated June 22, 2020