Implementing Trusted Geolocation Services in the Cloud

Citation
Michael Bartock, Karen Scarfone & Larry Feldman, eds., Implementting Trusted Geolocation Services in the Cloud (Feb. 2016) (full-text).

Overview
Organizations that use Infrastructure as a Service (IaaS) cloud computing technologies sometimes need to take the geographic locations of cloud servers into account. For example, each country has its own laws regarding data security and privacy; some of these laws may require organizations to ensure that data on cloud servers remain within national borders. Enforcing geographic boundaries for IaaS cloud workloads requires new approaches. To address these challenges, the Information Technology Laboratory has released NIST Internal Report (NISTIR) 7904, Trusted Geolocation in the Cloud: Proof of Concept Implementation. This publication proposes the use of a hardware root of trust method for maintaining the integrity of geolocation information for cloud servers.