Trusted Cloud: VMware Hybrid Cloud IaaS Environments

Current Status

This project is in the build phase. We have selected several technology collaborators who have signed a Cooperative Research and Development Agreement (CRADA; see an example) with NIST.  The NCCoE recently released a preliminary draft of Volume A: Executive Summary of the NIST Cybersecurity Practice Guide SP 1800-19, Trusted Cloud: Security Practice Guide for VMware Hybrid Cloud Infrastructure as a Service (IaaS) Environments. The NCCoE is incorporating feedback from the initial comment period, which closed on September 30, 2018. 

The other volumes of this practice guide will be released for review and comment on different schedules so that each volume is made available as soon as possible, rather than delaying the release of completed volumes until all other volumes are also completed. The guide will be available in three volumes:

  • SP 1800-19A: Executive Summary
  • SP 1800-19B: Approach, Architecture, and Security Characteristics (coming soon)
  • SP 1800-19C: How-To Guides (coming soon)

Summary

The National Cybersecurity Center of Excellence (NCCoE) at NIST recognizes the need to address security and privacy challenges for the use of shared cloud services in hybrid cloud architectures, and has launched this project. This project is using commercially available technologies to develop a cybersecurity reference design that can be implemented to increase security and privacy for cloud workloads on hybrid cloud platforms.

This project will demonstrate how the implementation and use of trusted compute pools not only will provide assurance that workloads in the cloud are running on trusted hardware and are in a trusted geolocation, but also will improve the protections for the data within workloads and flowing between workloads. This project will result in a NIST Cybersecurity Practice Guide—a publicly available description of the solution and practical steps needed to implement a cybersecurity reference design that addresses this challenge.

Questions? Comments? Contact us at trusted-cloud-nccoe@nist.gov.

Collaborating Vendors

Organizations participating in this project submitted their capabilities in response to an open call in the Federal Register for all sources of relevant security capabilities from academia and industry (vendors and integrators). The following respondents with relevant capabilities or product components (identified as “Technology Partners/Collaborators” herein) signed a Cooperative Research and Development Agreement to collaborate with NIST in a consortium to build this example solution.

Dell EMC logo
Gemalto logo
HyTrust logo
IBM logo
Intel logo
RSA logo
VMware logo
Certain commercial entities, equipment, products, or materials may be identified by name or company logo or other insignia in order to acknowledge their participation in this collaboration or to describe an experimental procedure or concept adequately. Such identification is not intended to imply special status or relationship with NIST or recommendation or endorsement by NIST or NCCoE; neither is it intended to imply that the entities, equipment, products, or materials are necessarily the best available for the purpose.

News and Events

Tech Companies to Help NIST Establish ‘Trusted Cloud’ to Support Workloads; Cameron Chehreh Quoted
September 17, 2018
NIST, Consortium Launch Project to Secure Cloud Workloads; Dell EMC’s Cameron Chehreh Quoted
September 11, 2018
NIST, Industry Consortium Building Trusted Cloud Model
September 10, 2018
NIST Requests Comments on Preliminary Cloud Security Practice Guide
August 27, 2018
RSA Conference 2018
April 16, 2018
View More