NIST 1800-19

The National Cybersecurity Center of Excellence (NCCoE) developed this trusted cloud solution, published and made publicly available in April, 2022, demonstrating how compute pools, leveraging hardware roots of trust, can provide the necessary security capabilities. These capabilities not only provide assurance that cloud workloads are running on trusted hardware and in a trusted geolocation or logical boundary, but also improve the protections for the data in the workloads and data flows between workloads.

The example solution provided within uses technologies and security capabilities from a group of collaborators (Dell Technologies, Gemalto, HyTrust, IBM, Intel, RSA, and VMware). The technologies used in the solution support security and privacy standards and guidelines including the NIST Cybersecurity Framework, among others.

While the NCCoE used a suite of commercial products to address the challenge, the guide does not endorse any products, nor does it guarantee compliance with any specific regulatory initiatives. An organization can adopt the solution provided, either adhering to the guidelines provided as a whole or by simply using them as a starting point for tailoring and implementing parts of another solution.

Using the Guide – By Section

Split to address different roles found within each organization, the guide can be used in a few different ways:

• Business decision makers, including chief information security and technology officers can use NIST SP 1800-19A: Executive Summary, to understand the drivers for the guide, the cybersecurity challenges address, the approach to solving the challenges identified, and how the solution could benefit their organization.

• Technology, security, and privacy program managers who are concerned with how to identify, understand, assess, and mitigate risk can use NIST SP 1800-19B: Approach, Architecture, and Security Characteristics, which describes what was built and why, including the risk analysis performed and the security/privacy control mappings.

• IT professionals who want to implement a similar approach can make use of NIST SP 1800-19C: How-To Guides, which provides specific product installation, configuration, and integration instructions for building the example implementation, allowing replication of all or part of the project.