Date Published: April 2022
Author(s)
Michael Bartock (NIST), Murugiah Souppaya (NIST), Haidong Xia (Intel), Raghuram Yeluri (Intel), Uttam Shetty (Intel), Brandon Lum (IBM), Mariusz Sabath (IBM), Harmeet Singh (IBM), Alaa Youssef (IBM), Gosia Steinder (IBM), Yu Cao (Red Hat), Jayashree Ramanathan (Red Hat)
In today’s cloud data centers and edge computing, attack surfaces have significantly increased, cyber attacks are industrialized, and most security control implementations are not coherent or consistent. The foundation of any data center or edge computing security strategy should be securing the platform on which data and workloads will be executed and accessed. The physical platform represents the foundation for any layered security approach and provides the initial protections to help ensure that higher-layer security controls can be trusted. This report explains an approach based on hardware-enabled security techniques and technologies for safeguarding container deployments in multi-tenant cloud environments. It also describes a prototype implementation of the approach intended to be a blueprint or template for the general security community.
In today’s cloud data centers and edge computing, attack surfaces have significantly increased, cyber attacks are industrialized, and most security control implementations are not coherent or consistent. The foundation of any data center or edge computing security strategy should be securing the...
See full abstract
In today’s cloud data centers and edge computing, attack surfaces have significantly increased, cyber attacks are industrialized, and most security control implementations are not coherent or consistent. The foundation of any data center or edge computing security strategy should be securing the platform on which data and workloads will be executed and accessed. The physical platform represents the foundation for any layered security approach and provides the initial protections to help ensure that higher-layer security controls can be trusted. This report explains an approach based on hardware-enabled security techniques and technologies for safeguarding container deployments in multi-tenant cloud environments. It also describes a prototype implementation of the approach intended to be a blueprint or template for the general security community.
Hide full abstract
Keywords
cloud; container; hardware-enabled security; hardware root of trust; platform security; trusted compute pool; virtualization
Control Families
None selected