Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST Releases IR 8505, A Data Protection Approach for Cloud-Native Applications
October 01, 2024

NIST has published Internal Report (IR) 8505, A Data Protection Approach for Cloud-Native Applications, which outlines a practical framework for effective data protection using the capabilities of WebAssembly (WASM) — a platform-agnostic, in-proxy approach with compute and traffic processing capabilities that can be built and deployed to execute at native speed in a sandboxed and fault-tolerant manner.

In the constantly evolving landscape of cloud-native application architectures, where data can reside both on-premises and on the cloud, ensuring data security involves more than simply specifying and granting authorization during service requests. It also involves a comprehensive strategy to categorize and analyze access and leakage as data travels across various protocols (e.g., gRPC, REST-based), especially within ephemeral and scalable microservices applications.

Data in transit is one of the three states of digital data, according to the NIST Cyber Security Framework (CSF) 2.0. Hence, in addition to techniques for protecting data at rest (e.g., regular expressions), it has become essential to develop in-transit categorization that performs real-time analysis to actively monitor and secure data as it moves across services and network protocols.

Related Topics

Security and Privacy: general security & privacy, privacy

Technologies: cloud & virtualization

Created September 30, 2024, Updated October 01, 2024