NIST SPECIAL PUBLICATION 1800 -19B Trusted Cloud Security Practice Guide for VMware Hybrid Cloud Infrastructure as a Service (IaaS) Environments Volume B: Approach, Architecture, and Security Characteristics Michael Bartock, Murugiah Souppaya, and Kare n Scarfone, NIST Daniel Carroll and Robert Masten, Dell/EMC Gina Scinta and Paul Massis, Gemalto Hemma Prafullchandra and Jason Malnar, HyTrust Harmeet Singh, IBM Raghuram Yeluri, Intel Tim Shea and Michael Dalton, RSA Anthony Dukes, Carlos Phoenix, and Brenda Swarts, VMware November 2018 PRELIMINARY DRAFT This publication is available free of charge from: https://www.nccoe.nist.gov/projects/building -blocks/trusted -cloud DRAFT NIST SP 1800 -19B: Trusted Cloud : Security Practice Guide for VMware Hybrid Cloud IaaS Environments i DISCLAIMER Certain commercial entities, equipment, products, or materials may be identified in this document in order to describe an experimental procedure or concept adequately. Such identification is not intended to imply recommendation or endo rsement by NIST or NCCoE, nor is it intended to imply that the entities, equipment, products, or materials are necessarily the best available for the purpose. National Institute of Standards and Technology Special Publication 1800 -19B, Natl. Inst. Stand . Technol. Spec. Publ. 1800 -19B, 53 pages, (November 2018 ), CODEN: NSPUE2 FEEDBACK You can improve this document by contributing feedback. Comments on this publication may be submitted to: trusted -clou d-nccoe@nist.gov . Public comment period: November 20, 2018 through January 11, 2019 All comments are subject to release under the Freedom of Information Act (FOIA). National Cybersecurity Center of Excellence National Institute of Standards and Technol ogy 100 Bureau Drive Mailstop 2002 Gaithersburg, MD 20899 Email: nccoe@nist.gov DRAFT NIST SP 1800 -19B: Trusted Cloud : Security Practice Guide for VMware Hybrid Cloud IaaS Environments ii NATIONAL CYBERSECURITY CENTER OF EXCELLENCE The National Cybersecurity Center of Excellence (NCCoE), a part of the National Institute of Standards and Technology (NIST), is a collaborative hub where industry organizations, government agencies, and academic institutions work together to address businesses’ most pressing cybersecurity issues. This public -private partnership enables the creati on of practical cybersecurity solutions for specific industries, as well as for broad, cross -sector technology challenges. Through consortia under Cooperative Research and Development Agreements (CRADAs), including technology partners —from Fortune 50 marke t leaders to smaller companies specializing in IT security —the NCCoE applies standards and best practices to develop modular, easily adaptable example cybersecurity solutions using commercially available technology. The NCCoE documents these example soluti ons in the NIST Special Publication 1800 series, which maps capabilities to the NIST Cyber security Framework and details the steps needed for another entity to recreate the example solution. The NCCoE was established in 2012 by NIST in partnership with the State of Maryland and Montgomery County, Md. To learn more about the NCCoE, visi t https://www.nccoe.nist.gov/ . To learn more about NIST, visit https://www.nist.gov . NIST CYBE RSECURITY PRACTICE GUIDES NIST Cybersecurity Practice Guides (Special Publication Series 1800) target specific cybersecurity challenges in the public and private sectors. They are practical, user -friendly guides that facilitate the adoption of standards -based approaches to cybersecurity. They show members of the information security community how to implement example solutions that help them align more easily with relevant standards and best practices , and provide users with the materials lists, configurati on files, and other information they