ISO27k-aligned security awareness service
ISO/IEC 27070
Creative security awareness materials

Creative security awareness materials for your ISMS

Copyright © 2018 IsecT Ltd.

ISO/IEC 27070 — Information technology — Security techniques —
Security requirements for establishing virtualized roots of trust (DRAFT) Added to this page March 2018


Whereas trusted computing generally involves a hardware security module providing cryptographic functions in a physically secure enclosure, the architecture is not well suited to cloud computing. In the cloud, systems are virtualized, mobile and scaleable, hence they cannot readily access and rely upon fixed hardware.


Scope and purpose

The standard will specify the information security aspects needed to secure ‘virtualized roots of trust’.





The standard is at Working Draft stage.


Personal comments

‘Trusted computing’ typically refers to secure systems used for governmental and military/defense purposes, processing highly classified information.  I don’t know (yet!) what ‘virtualized roots of trust’ are.