Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NCCoE Releases Preliminary Draft of Trusted Cloud Security Practice Guide (Executive Summary)
August 24, 2018

NIST has released a preliminary draft of NIST Special Publication (SP) 1800-19A, Trusted Cloud: Security Practice Guide for VMWare Hybrid Cloud Infrastructure as a Service (IaaS) Environments (Executive Summary).

The National Cybersecurity Center of Excellence (NCCoE) at NIST recognizes the need to address security and privacy challenges for the use of shared cloud services in hybrid cloud architectures, and has launched this project. This project is using commercially available technologies to develop a cybersecurity reference design that can be implemented to increase security and privacy for cloud workloads on hybrid cloud platforms.

This project will demonstrate how the implementation and use of trusted compute pools not only will provide assurance that workloads in the cloud are running on trusted hardware and are in a trusted geolocation, but also will improve the protections for the data within workloads and flowing between workloads. This project will result in a NIST Cybersecurity Practice Guide - a publicly available description of the solution and practical steps needed to implement a cybersecurity reference design that addresses this challenge.

The NCCoE is requesting your feedback. Comments may be submitted anonymously to, and the initial comment period on this volume will close on September 30, 2018.

Parent Project

See: Hardware Security

Related Topics

Security and Privacy: audit & accountability, program management

Technologies: cloud & virtualization

Created August 24, 2018, Updated June 22, 2020