Trusted Cloud: VMware Hybrid Cloud IaaS Environments

Current Status

This project is in the build phase. We have selected several technology collaborators who have signed a Cooperative Research and Development Agreement (CRADA; see an example) with NIST.  The NCCoE recently released a preliminary draft of Volume A: Executive Summary of the NIST Cybersecurity Practice Guide SP 1800-19, Trusted Cloud: Security Practice Guide for VMware Hybrid Cloud Infrastructure as a Service (IaaS) Environments. The NCCoE is incorporating feedback from the initial comment period, which closed on September 30, 2018. 

The other volumes of this practice guide will be released for review and comment on different schedules so that each volume is made available as soon as possible, rather than delaying the release of completed volumes until all other volumes are also completed. The guide will be available in three volumes:

  • SP 1800-19A: Executive Summary
  • SP 1800-19B: Approach, Architecture, and Security Characteristics (coming soon)
  • SP 1800-19C: How-To Guides (coming soon)


The National Cybersecurity Center of Excellence (NCCoE) at NIST recognizes the need to address security and privacy challenges for the use of shared cloud services in hybrid cloud architectures, and has launched this project. This project is using commercially available technologies to develop a cybersecurity reference design that can be implemented to increase security and privacy for cloud workloads on hybrid cloud platforms.

This project will demonstrate how the implementation and use of trusted compute pools not only will provide assurance that workloads in the cloud are running on trusted hardware and are in a trusted geolocation, but also will improve the protections for the data within workloads and flowing between workloads. This project will result in a NIST Cybersecurity Practice Guide—a publicly available description of the solution and practical steps needed to implement a cybersecurity reference design that addresses this challenge.

Questions? Comments? Contact us at

Collaborating Vendors

Organizations participating in this project submitted their capabilities in response to an open call in the Federal Register for all sources of relevant security capabilities from academia and industry (vendors and integrators). The following respondents with relevant capabilities or product components (identified as “Technology Partners/Collaborators” herein) signed a Cooperative Research and Development Agreement to collaborate with NIST in a consortium to build this example solution.

Dell EMC logo
Gemalto logo
HyTrust logo
IBM logo
Intel logo
RSA logo
VMware logo