Michael Bartock, Karen Scarfone & Larry Feldman, eds., Implementing Trusted Geolocation Services in the Cloud (Feb. 2016) (full-text).
Organizations that use Infrastructure as a Service (IaaS) cloud computing technologies sometimes need to take the geographic locations of cloud servers into account. For example, each country has its own laws regarding data security and privacy; some of these laws may require organizations to ensure that data on cloud servers remain within national borders. Enforcing geographic boundaries for IaaS cloud workloads requires new approaches. To address these challenges, the Information Technology Laboratory has released NIST Internal Report NISTIR 7904, Trusted Geolocation in the Cloud: Proof of Concept Implementation. This publication proposes the use of a hardware root of trust method for maintaining the integrity of geolocation information for cloud servers.