U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST CSWP 14 (Initial Public Draft)

Hardware-Enabled Security for Server Platforms: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases

Date Published: April 28, 2020
Comments Due: June 2, 2020 (public comment period is CLOSED)
Email Questions to: hwsec@nist.gov

Author(s)

Michael Bartock (NIST), Murugiah Souppaya (NIST), Ryan Savino (Intel), Timothy Knoll (Intel), Uttam Shetty (Intel), Mourad Cherfaoui (Intel), Raghuram Yeluri (Intel), Karen Scarfone (Scarfone Cybersecurity)

Announcement

The foundation of any data center or edge computing security strategy should involve securing the platform on which data and workloads will be executed and accessed. The physical platform represents the first layer of a layered security approach and provides initial protections to help ensure that higher-layer security controls can be trusted. This white paper explains hardware-based security techniques and examples of technology that can improve platform security and data confidentiality for cloud data centers and edge computing.

Abstract

Keywords

confidential computing; container; hardware-enabled security; hardware security module (HSM); secure enclave; trusted execution environment (TEE); trusted platform module (TPM); virtualization
Control Families

Configuration Management; Identification and Authentication; System and Information Integrity

Documentation

Publication:
https://doi.org/10.6028/NIST.CSWP.14.ipd
Download URL

Supplemental Material:
Local Download (pdf)

Document History:
04/28/20: CSWP 14 (Draft)
05/27/21: IR 8320 (Draft)
10/27/21: IR 8320 (Draft)
05/04/22: IR 8320 (Final)

Topics

Security and Privacy

general security & privacy, roots of trust

Technologies

biometrics, BIOS, hardware

Activities and Products

reference materials