This project is currently seeking technology vendors and service providers to participate in the development of multiple implementations. Please see our Federal Register notice for more information. This was published on May 11, 2017 and will be open for 30 days.
Download the Trusted Geolocation in the Cloud project description (PDF) for full project details.
Building on the work done within NIST IR 7904 Trusted Geolocation in the Cloud: Proof of Concept Implementation, this project will expand upon the security capabilities provided by trusted compute pools and expand the build to include:
- Data Protection and Encryption Key Management Enforcement Based on Trust-Based and Geolocation-Based Homogeneous Secure Migration within a Single Cloud Platform
- Persistent Data Flow Segmentation Before and After the Trust-Based and Geolocation-Based Homogeneous Secure Migration within a Single Cloud Platform
- Industry Sector Compliance Enforcement for Regulated Workloads Before and After the Trust-Based and Geolocation-Based Homogeneous Secure Migration
- Trust-Based and Geolocation-Based Homogeneous and Policy Enforcement in a Secure Cloud Bursting across Two Cloud Platforms
These additional capabilities will not only provide assurances that workloads in the cloud on running on trusted hardware and in a trusted geolocation, but also improve the protections for the data in the workloads and flowing between workloads. The goal of the build is to also extend all of these capabilities into a hybrid cloud scenario.
If you have any questions or suggestions or interest in collaborating in this project, please email the team at firstname.lastname@example.org.