NISTIR 8176
Security Assurance Requirements for
Linux Application Container
Deployments
R
amaswamy Chandramouli
T
his publication is available free of charge from:
https://doi.org/10.6028/NIST.IR.8176
NISTIR 8176
Security Assurance Requirements for
Linux Application Container
Deployments
Ram
aswamy Chandramouli
Computer Security Division
Information Technology Laboratory
Thi
s publication is available free of charge from:
https://doi.org/10.6028/NIST.IR.8176
Oc
tober 2017
U.S. Dep
artment of Commerce
Wilbur L. Ross, Jr., Secretary
Na
tional Institute of Standards and Technology
Walter Copan , NIST Director and Under Secretary of Commerce for Standards and Technology NISTIR 8176 SECURITY ASSURANCE FOR LINUX CONTAINERS
i
This p ublication is available free of charge from: http s://doi.org/10.6028/ NIST.IR.8176 National Institute of Standards and Technology Internal Report 8176
37 pages (October 2017 )
T
his publication is available free of charge from:
https://doi.org/10.6028/ NIST.IR.8176
Certain commercial entities, equipment, or materials may be identified in this document in order to describe an
experimental procedure or concept adequately. Such identification is not intended to i mply recommendation or
endorsement by NIST, nor is it intended to imply that the entities, materials, or equipment are necessarily the best
available for the purpose.
There may be references in this publication to other publications currently under development by NIST in accordance
with its assigned statutory responsibilities. The information in this publication, including concepts and methodologies,
may be used by f ederal agencies even before the completion of such companion publications. Thus, until each
publication is completed, current requirements, guideline s, and procedures, where they exist, remain operative. For
planning and transition purposes, f ederal agencies may wish to closely follow the development of these new
publications by NIST.
Organiza tions are encouraged to review all draft publications during public comment periods and provide feedback to
NIST. Many NIST cybersecurity publications , ot her than the ones noted above, are available at
https://csrc.nist.gov/publications .
C
omments on this publication may be submitted to:
National Institute of Standards and Technology
Attn: Computer Security Division, Information Technology Laboratory
100 Bureau Drive (Mail Stop 8930) Gaithersburg, MD 20899 -8930
Email: NISTIR8176@nist.gov
All comments are subject to release under the Freedom of Information Act (FOIA). NISTIR 8176 SECURITY ASSURANCE FOR LINUX CONTAINERS
ii
This p ublication is available free of charge from: http s://doi.org/10.6028/ NIST.IR.8176 Reports on Computer Systems Technology
The Information Technology Laboratory (ITL) at the National Institute of Standards and
Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the Nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof-of- concept implementations, and technical analyses to advance the
development and productive use of information technology. ITL’s responsibilities include the
development of management, administrative, technical, and physical standards and guidelines for
the cost -effective security and privacy of other than national s ecurity -related information in f ederal
informa tion systems.
Abstract
Application Containers are slowly finding adoption in enterprise IT infrastructures. Security
guidelines and countermeasures have been proposed to address security concerns associated with the deployment of application container platforms. To assess the effectiveness of the security solutions implemented based on these recommendations , it is necessary to analyze those
solutions and outline the security assurance requirements they must satisfy to meet their intended objective
NIST.IR.8176
安全标准 >
NIST >
文档预览
中文文档
37 页
50 下载
1000 浏览
0 评论
0 收藏
3.0分
温馨提示:本文档共37页,可预览 3 页,如浏览全部内容或当前文档出现乱码,可开通会员下载原始文档
本文档由 思安 于 2022-12-05 09:19:28上传分享