U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

White Paper NIST CSWP 14 ipd

Hardware-Enabled Security for Server Platforms: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases

Date Published: April 28, 2020


Michael Bartock (NIST), Murugiah Souppaya (NIST), Ryan Savino (Intel), Tim Knoll (Intel), Uttam Shetty (Intel), Mourad Cherfaoui (Intel), Raghuram Yeluri (Intel), Karen Scarfone (Scarfone Cybersecurity)


The foundation of any data center or edge computing security strategy should involve securing the platform on which data and workloads will be executed and accessed. The physical platform represents the first layer of a layered security approach and provides initial protections to help ensure that higher-layer security controls can be trusted. This white paper explains hardware-based security techniques and examples of technology that can improve platform security and data confidentiality for cloud data centers and edge computing.



confidential computing; container; hardware-enabled security; hardware security module (HSM); secure enclave; trusted execution environment (TEE); trusted platform module (TPM); virtualization
Control Families

Configuration Management; Identification and Authentication; System and Information Integrity


White Paper (DOI)

Supplemental Material:
Local Download (pdf)

Document History:
04/28/20: White Paper NIST CSWP 14 ipd
05/27/21: NISTIR 8320 (Draft)
10/27/21: NISTIR 8320 (Draft)
05/04/22: NISTIR 8320 (Final)


Security and Privacy
general security & privacy; roots of trust

biometrics; BIOS; hardware

Activities and Products
reference materials