U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

    Publications

NIST SP 800-190

Application Container Security Guide

Date Published: September 2017

Planning Note (09/04/2020):

A Japanese translation of this publication is now available from the Information-technology Promotion Agency (IPA), Japan.

(DISCLAIMER: This translation is not an official U.S. Government or NIST translation.  The U.S. Government does not make any representations as to the accuracy of the translation. The official publication is available at https://doi.org/10.6028/NIST.SP.800-190.)


Author(s)

Murugiah Souppaya (NIST), John Morello (Twistlock), Karen Scarfone (Scarfone Cybersecurity)

Abstract

Keywords

application; application container; application software packaging; container; container security; isolation; operating system virtualization; virtualization
Control Families

Access Control; Awareness and Training; Audit and Accountability; Configuration Management; Identification and Authentication; Incident Response; Risk Assessment; System and Communications Protection; System and Information Integrity

Documentation

Publication:
https://doi.org/10.6028/NIST.SP.800-190
Download URL

Supplemental Material:
Japanese translation (unofficial--from IPA, Japan) (pdf)

Related NIST Publications:
IR 8176
ITL Bulletin

Document History:
04/10/17: SP 800-190 (Draft)
07/13/17: SP 800-190 (Draft)
09/25/17: SP 800-190 (Final)

Topics

Security and Privacy

threats, vulnerability management

Technologies

cloud & virtualization, operating systems

Laws and Regulations

OMB Circular A-130