U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST Announces the Release of NISTIR 8176 Security Assurance Requirements for Linux Application Container Deployments
October 12, 2017

Application containers are now slowly finding adoption in production environments due to agile deployment process, efficient resource utilization and availability of automation tools. At the same time, to ensure secure deployment, security guidelines and countermeasures have been proposed (Application Container Security Guide, NIST Special Publication 800-190) to cover various components of a container environment such as: Hardware, Host Operating System (OS), Container Runtime, Image, Registry and Orchestrator.

To carry out these recommendations in the form of countermeasures, one or more security solutions are needed with defined metrics in the form of security assurance requirements. Linux (and its various distributions) being open-source and being the predominant host OS in the deployed container platforms, has sufficient reservoir of information to analyze the security impact of its various configuration options. The focus of this document is to derive the security assurance requirements for various security solutions for application containers hosted on Linux. The target audience includes system security architects and administrators who are responsible for the actual design and deployment of security solutions in enterprise infrastructures hosting containerized hosts.

To go to the NISTIR 8176, Security Assurance Requirements for Linux Application Container Deployments document.

Created October 12, 2017, Updated June 22, 2020