Announcements
Cloud
Security
August 5, 2020 By Rob Spencer 2 min read

A collaboration between the U.S. federal government, IBM, Red Hat, and Intel shows how to automate security in containerized environments.

Greater efficiency. More adaptability. Limitless scalability. The benefits of modernizing an IT infrastructure and containerizing applications are well established, and all organizations like the sound of these results.

When it comes to regulated or sensitive workloads and data, however, organizations may resist the move to cloud in favor of on-premises security. This presents an important challenge for IT in all regulated industries—if you want to containerize sensitive data for a hybrid cloud or multicloud infrastructure, how can you verify that the containers run only on secure systems?

The National Institute of Standards and Technology (NIST) has an answer.

Modernized IT, with trust built in

A division of the U.S. Department of Commerce, NIST supports U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology. Essentially, it helps establish standards and best practices for U.S. industry.

As part of an ongoing collaboration, NIST, IBM, Red Hat, and Intel have defined a Trusted Container Platform for regulated applications and data. The platform provides an innovative solution, with policy-based governance, for automating processes to secure containerized workloads—so organizations handling such workloads can verify security and regulatory compliance.

NIST has posted the first in a series of blogs detailing the Trusted Container Platform. While the initial post provides an overview of the platform’s architecture, subsequent posts will delve into greater detail and provide steps for establishing the Trusted Container Platform.  

What is trust made of?

The Trusted Container Platform comprises three technologies, as outlined by NIST:

  • Intel Security Libraries for Data Center (Intel SecL – DC) is hardware root-of-trust technology to engage hardware-level security features and integrate them with cloud orchestration and services.
  • IBM Cloud Pak for Multicloud Management on Red Hat OpenShift orchestrates containerized workloads across platforms and clouds, with unified visibility into and control over security policy and governance.
  • Encrypted Container Images is a technology developed by IBM Research to allow encryption and decryption of containerized workloads, securing their content as they are ported between trusted systems.

Together, these technologies allow:

  • Organizations to encrypt their own container images, independent of MSPs or cloud vendors.
  • Decryption of container images only on secure, trusted systems.
  • Enforcement of these policies across managed clusters, on any cloud.

By building security from the hardware up and enabling centralized policy governance, the Trusted Container Platform is a viable way for organizations to gain the efficiencies of containerization while complying with security regulations.

Learn more

The full NIST blog, including a video demo of the Trusted Container Platform, can be viewed on the NIST website.

You can also check out a blog post from IBM Developer: “Policy-based governance in a trusted container platform.”

Rob Spencer
Client Reference Manager

More from Announcements
May 6, 2024

IBM and MuleSoft expand global relationship to accelerate modernization on IBM Power 

2 min read - As companies undergo digital transformation, they rely on APIs as the backbone for providing new services and customer experiences. While APIs can simplify application development and deliver integrated solutions, IT shops must have a robust solution to effectively manage and govern them to ensure that response times and costs are kept low for all applications. Many customers use Salesforce’s MuleSoft, named a leader by Gartner® in full lifecycle API management for seven consecutive times, to manage and secure APIs across…

April 19, 2024

IBM Consulting augments expertise with AWS Competencies: A win-win for clients 

3 min read - In today's dynamic economic landscape, businesses demand continuous innovation and speed of execution. At IBM Consulting®, our unwavering focus on partnerships and shared commitment to delivering enterprise-level solutions to mutual clients have been core to our success.   We are thrilled to announce that IBM® has recently gained five competencies from Amazon Web Services (AWS) in vital domains including Cloud Operations, Internet of Things (IoT), Life Sciences, Mainframe Modernization, and Telecommunications. With these credentials, IBM further establishes its position as a…

April 18, 2024

Probable Root Cause: Accelerating incident remediation with causal AI 

5 min read - It has been proven time and time again that a business application’s outages are very costly. The estimated cost of an average downtime can run USD 50,000 to 500,000 per hour, and more as businesses are actively moving to digitization. The complexity of applications is growing as well, so Site Reliability Engineers (SREs) require hours—and sometimes days—to identify and resolve problems.   To alleviate this problem, we have introduced the new feature Probable Root Cause as part of Intelligent Incident…

IBM Newsletters

 Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters