{"id":137,"date":"2015-05-01T09:23:37","date_gmt":"2015-05-01T00:23:37","guid":{"rendered":"http:\/\/cloudsecurityalliance.jp\/newblog\/?p=137"},"modified":"2015-05-01T20:29:13","modified_gmt":"2015-05-01T11:29:13","slug":"csa%e5%8b%89%e5%bc%b7%e4%bc%9a%e3%80%8cnist-draft-sp800-125a%e3%80%80security-recommendations-for-hypervisor-deployment%e3%81%ae%e8%a7%a3%e8%aa%ad%e3%80%8d","status":"publish","type":"post","link":"https:\/\/cloudsecurityalliance.jp\/newblog\/2015\/05\/01\/csa%e5%8b%89%e5%bc%b7%e4%bc%9a%e3%80%8cnist-draft-sp800-125a%e3%80%80security-recommendations-for-hypervisor-deployment%e3%81%ae%e8%a7%a3%e8%aa%ad%e3%80%8d\/","title":{"rendered":"\u7b2c11\u56deCSA\u52c9\u5f37\u4f1a\u300cNIST draft SP800-125a\u3000Security Recommendations for Hypervisor Deployment\u306e\u89e3\u8aad\u300d"},"content":{"rendered":"

2015\u5e745\u67081\u65e5
\n\u65e5\u672c\u30af\u30e9\u30a6\u30c9\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30e9\u30a4\u30a2\u30f3\u30b9\u3000\u7406\u4e8b
\n\u8af8\u89d2\u3000\u660c\u5b8f<\/p>\n

4\u670828\u65e5\u306b\u884c\u308f\u308c\u305fCSA\u52c9\u5f37\u4f1a\u300cNIST draft SP800-125a\u3000Security Recommendations for Hypervisor Deployment\u306e\u89e3\u8aad\u300d\u306b\u53c2\u52a0\u3057\u307e\u3057\u305f\u3002\u8b1b\u5e2b\u306f\u3001\u682a\u5f0f\u4f1a\u793e \u6771\u829d\u3000\u30a4\u30f3\u30c0\u30b9\u30c8\u30ea\u30a2\u30eb\uff29\uff23\uff34\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u793e\u306e\u5916\u5c71\u6625\u5f66\u6c0f\u3067\u3059\u3002<\/p>\n

\u305d\u3082\u305d\u3082\u30cf\u30a4\u30d1\u30fc\u30d0\u30a4\u30b6\u306e\u8105\u5a01\u3068\u306f\u4f55\u304b\u3068\u3044\u3046\u3053\u3068\u3067\u3059\u304c\u3001\u30cf\u30a4\u30d1\u30fc\u30d0\u30a4\u30b6\u306b\u5165\u308c\u308c\u3070\u306a\u3093\u3067\u3082\u3067\u304d\u3066\u3057\u307e\u3046\u3068\u3044\u3046\u3053\u3068\u3068\u30cf\u30fc\u30c9\u30a6\u30a8\u30a2\u30ea\u30bd\u30fc\u30b9\u306e\u5171\u6709\u306b\u3088\u308b\u53ef\u7528\u6027\u306e\u554f\u984c\u306e2\u70b9\u304c\u3042\u3052\u3089\u308c\u307e\u3059\u3002CAI\u306e\u89b3\u70b9\u304b\u3089\u3044\u3046\u3068\u3001VM\u306e\u64cd\u4f5c\u30fb\u60c5\u5831\u6f0f\u3048\u3044\u306b\u95a2\u308f\u308bCI\u3068VM\u306e\u53ef\u7528\u6027\u3092\u59a8\u5bb3\u3059\u308bA\u3068\u3044\u3046\u3053\u3068\u306b\u306a\u308a\u307e\u3059\u3002NIST SP800-125a\u3067\u306f\u3001\u30cf\u30a4\u30d1\u30fc\u30d0\u30a4\u30b6\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\u3092\u96c6\u3081\u305f\u5f62\u3067\u307e\u3068\u3081\u3089\u308c\u3066\u3044\u307e\u3059\u3002NIST SP800-125a\u306f\u30012011\u5e74\u306b\u51fa\u3055\u308c\u305f125\u306b\u6b21\u3044\u3067\u51fa\u3055\u308c\u308b\u5f62\u306b\u306a\u3063\u3066\u3044\u3066\u3001125\u3067\u306f\u4eee\u60f3\u5316\u5168\u4f53\u306b\u3064\u3044\u3066\u306e\u30cf\u30a4\u30ec\u30d9\u30eb\u306a\u8a18\u8f09\u306b\u306a\u3063\u3066\u3044\u305f\u306e\u306b\u5bfe\u3057\u3066\u3001125a\u3067\u306f\u30cf\u30a4\u30d1\u30fc\u30d0\u30a4\u30b6\u3092\u4f53\u7cfb\u7684\u306b\u6349\u3048\u308b\u3053\u3068\u3068\u904b\u7528\u306b\u7126\u70b9\u3092\u5f53\u3066\u305f\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306e\u63a8\u5968\u4e8b\u9805\u309222\u9805\u76ee\u306b\u308f\u305f\u3063\u3066\u307e\u3068\u3081\u3066\u3044\u307e\u3059\u3002\u7279\u306b\u3001\u4ee5\u4e0b\u306e3\u3064\u306e\u89b3\u70b9\u3067\u307e\u3068\u3081\u3089\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n

    \n
  1. \u30cf\u30a4\u30d1\u30fc\u30d0\u30a4\u30b6\u306e\u30a2\u30fc\u30ad\u30c6\u30af\u30c1\u30e3\u304a\u3088\u3073\u305d\u306e\u9078\u629e<\/li>\n
  2. \u30cf\u30a4\u30d1\u30fc\u30d0\u30a4\u30b6\u306e\u30d9\u30fc\u30b9\u30e9\u30a4\u30f3\u306b\u5bfe\u3059\u308b\u8105\u5a01<\/li>\n
  3. \u30bb\u30ad\u30e5\u30a2\u30d6\u30fc\u30c8\u3092\u30b5\u30dd\u30fc\u30c8\u3057\u305f\u30a2\u30fc\u30ad\u30c6\u30af\u30c1\u30e3\u3092\u524d\u63d0<\/li>\n<\/ol>\n

    \u30a2\u30fc\u30ad\u30c6\u30af\u30c1\u30e3\u306e\u9078\u629e\u57fa\u6e96\u3068\u3057\u3066\u306f\u3001\u30d6\u30fc\u30c8\u30a4\u30f3\u30c6\u30b0\u30ea\u30c6\u30a3\u4fdd\u8a3c\u304c\u3042\u308b\u3053\u3068\u3084CPU\u306e\u4eee\u60f3\u5316\u6a5f\u80fd\u3092\u6301\u3063\u3066\u3044\u308b\u3053\u3068\u3092\u524d\u63d0\u3068\u3057\u3066\u3044\u308b\u306a\u3069\u3001\u305f\u3076\u3093\u306bIntel\u30a2\u30fc\u30ad\u30c6\u30af\u30c1\u30e3\u3001\u7279\u306b\u6700\u65b0\u306e\u3082\u306e\u3092\u524d\u63d0\u3068\u3057\u3066\u3044\u308b\u3088\u3046\u3067\u3059\u3002\u3053\u308c\u306b\u3088\u308a\u3001\u4eee\u60f3\u5316\u6a5f\u80fd\u306e\u5b9f\u73fe\u624b\u6bb5\u3068\u3057\u3066\u3001\u30cf\u30fc\u30c9\u30a6\u30a8\u30a2\u304b\u3089\u306e\u652f\u63f4\u3068\u30bd\u30d5\u30c8\u30a6\u30a8\u30a2\u306e\u4e21\u9762\u304b\u3089\u884c\u3063\u3066\u3044\u304f\u3053\u3068\u304c\u63a8\u5968\u3055\u308c\u307e\u3059\u3002\u30d9\u30fc\u30b9\u30e9\u30a4\u30f3\u306b\u5bfe\u3059\u308b\u8105\u5a01\u3068\u3057\u3066\u306f\u3001\u5883\u754c\u9762\u304b\u3089\u306e\u8105\u5a01\u304c\u3042\u3052\u3089\u308c\u3066\u3044\u307e\u3059\u3002\u8105\u5a01\u6e90\u3068\u3057\u3066\u3001\u30ea\u30bd\u30fc\u30b9\u3001\u30b2\u30b9\u30c8\u306b\u52a0\u3048\u3066\u7ba1\u7406\u30b3\u30f3\u30bd\u30fc\u30eb\u3078\u306e\u653b\u6483\u3092\u6ce8\u610f\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u30cf\u30a4\u30d1\u30fc\u30d0\u30a4\u30b6\u56fa\u6709\u306e\u653b\u6483\u3068\u3057\u3066\u306f\u3001\u60aa\u610f\u306e\u3042\u308bVM,\u901a\u4fe1\u306e\u306a\u308a\u3059\u307e\u3057\u3001\u30ea\u30bd\u30fc\u30b9\u306e\u98df\u3044\u3064\u3076\u3057\u3001\u7279\u6a29\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30fc\u30b9\u306e\u5229\u7528\u306e4\u70b9\u304c\u3042\u3052\u3089\u308c\u307e\u3059\u3002\u3057\u305f\u304c\u3063\u3066\u3001\u30d9\u30fc\u30b9\u30e9\u30a4\u30f3\u6a5f\u80fd\u306b\u5bfe\u3059\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u63a8\u5968\u3068\u3057\u3066\u306f\u3001\u5b9f\u884c\u306e\u30a2\u30a4\u30bd\u30ec\u30fc\u30b7\u30e7\u30f3\u3001\u30c7\u30d0\u30a4\u30b9\u30a8\u30df\u30e5\u30ec\u30fc\u30b7\u30e7\u30f3\u3068\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u3001VM\u306e\u7ba1\u7406\u3001\u30a2\u30c9\u30df\u30f3\u7ba1\u7406\u304c\u5fc5\u8981\u3068\u306e\u3053\u3068\u3067\u3057\u305f\u3002<\/p>\n

    \u6700\u5f8c\u306b\u307e\u3068\u3081\u3068\u3057\u3066\u6319\u3052\u3089\u308c\u305f\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306e\u63a8\u5968\u4e8b\u9805\u3068\u3057\u3066\u4ee5\u4e0b\u306e3\u70b9\u304c\u3042\u308a\u307e\u3057\u305f\u3002<\/p>\n

      \n
    1. \u30cf\u30a4\u30d1\u30fc\u30d0\u30a4\u30b6\u30d7\u30e9\u30c3\u30c8\u30db\u30fc\u30e0\u9078\u629e<\/li>\n
    2. \u30db\u30b9\u30c8\u4e0a\u306e\u8907\u6570VM(\u8a2d\u5b9a\u30fb\u72b6\u614b\uff09\u3092\u7ba1\u7406\u3059\u308b\u5fc5\u8981\u6027<\/li>\n
    3. \u30cf\u30a4\u30d1\u30fc\u30d0\u30a4\u30b6\u30db\u30b9\u30c8\uff06\u30bd\u30d5\u30c8\u306e\u7ba1\u7406\u8005\u8a2d\u5b9a<\/li>\n<\/ol>\n

      \u30cf\u30a4\u30d1\u30fc\u30d0\u30a4\u30b6\u306e\u30ea\u30b9\u30af\u306f\u3001ENISA\u306e\u300c\u30af\u30e9\u30a6\u30c9\u30b3\u30f3\u30d4\u30e5\u30fc\u30c6\u30a3\u30f3\u30b0\u60c5\u5831\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u308f\u308b\u5229\u70b9\u3001\u30ea\u30b9\u30af\u304a\u3088\u3073\u63a8\u5968\u4e8b\u9805\u300d\u306e\u4e2d\u306e\u300cV5.\u30cf\u30a4\u30d1\u30fc\u30d0\u30a4\u30b6\u306e\u8106\u5f31\u6027\u300d\u3067\u307e\u3068\u3081\u3066\u8a18\u8ff0\u3055\u308c\u3066\u3044\u308b\u3088\u3046\u306a\u56fa\u6709\u306e\u8106\u5f31\u6027\u3092\u6301\u3063\u3066\u3044\u307e\u3059\u3002\u307e\u305f\u3001CSA\u306e\u30ac\u30a4\u30c0\u30f3\u30b9\u306b\u304a\u3044\u3066\u306f\u3001\u30cf\u30a4\u30d1\u30fc\u30d0\u30a4\u30b6\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56\u3068\u3057\u3066\u3001\u7b2c13\u7ae0\u300c\u4eee\u60f3\u5316\u300d\u3067\u8a73\u3057\u304f\u89e6\u308c\u3066\u3044\u307e\u3059\u3002\u307e\u305f\u3001\u30cf\u30a4\u30d1\u30fc\u30d0\u30a4\u30b6\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306f\u3001\u30cf\u30fc\u30c9\u30a6\u30a8\u30a2\u3084\u30bd\u30d5\u30c8\u30a6\u30a8\u30a2\u306e\u652f\u63f4\u306e\u4e0b\u306b\u5b9f\u73fe\u3057\u3066\u3044\u304f\u3053\u3068\u304c\u5927\u5207\u3067\u3042\u308b\u3068\u611f\u3058\u307e\u3057\u305f\u3002Intel\u30a2\u30fc\u30ad\u30c6\u30af\u30c1\u30e3\u306e\u30cf\u30fc\u30c9\u30a6\u30a8\u30a2\u652f\u63f4\u3084\u3001VMWare\u306evShield\u6a5f\u80fd\u306a\u3069\u3092\u5229\u7528\u3057\u3066\u5bfe\u7b56\u3092\u53d6\u3063\u3066\u3044\u304d\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002SP800-125a\u306f\u3001\u307e\u3060\u30c9\u30e9\u30d5\u30c8\u3067\u3059\u304c\u3001\u4eca\u5f8c\u306e\u30cf\u30a4\u30d1\u30fc\u30d0\u30a4\u30b6\/\u4eee\u60f3\u5316\u306e\u57fa\u6e96\u3068\u3057\u3066\u6291\u3048\u3066\u3044\u304f\u5fc5\u8981\u304c\u3042\u308a\u305d\u3046\u3067\u3059\u3002<\/p>\n

      \u306a\u304a\u3001\u672c\u52c9\u5f37\u4f1a\u306e\u8a73\u7d30\u306b\u3064\u3044\u3066\u306f\u3001\u6539\u3081\u3066\u516c\u958b\u3055\u308c\u308b\u52c9\u5f37\u4f1a\u8cc7\u6599\u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n

      \u4ee5\u4e0a<\/p>\n","protected":false},"excerpt":{"rendered":"

      2015\u5e745\u67081\u65e5 \u65e5\u672c\u30af\u30e9\u30a6\u30c9\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30e9\u30a4\u30a2\u30f3\u30b9\u3000\u7406\u4e8b \u8af8\u89d2\u3000\u660c\u5b8f 4\u670828\u65e5\u306b\u884c\u308f\u308c\u305fCSA\u52c9\u5f37\u4f1a\u300cNIST draft SP800-125a\u3000Security Recommendations for Hype […]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[5,19,17,18,6,7,8],"class_list":["post-137","post","type-post","status-publish","format-standard","hentry","category-1","tag-csa","tag-enisa","tag-nist","tag-sp800-125a","tag-6","tag-7","tag-8"],"_links":{"self":[{"href":"https:\/\/cloudsecurityalliance.jp\/newblog\/wp-json\/wp\/v2\/posts\/137","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudsecurityalliance.jp\/newblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudsecurityalliance.jp\/newblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudsecurityalliance.jp\/newblog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudsecurityalliance.jp\/newblog\/wp-json\/wp\/v2\/comments?post=137"}],"version-history":[{"count":4,"href":"https:\/\/cloudsecurityalliance.jp\/newblog\/wp-json\/wp\/v2\/posts\/137\/revisions"}],"predecessor-version":[{"id":141,"href":"https:\/\/cloudsecurityalliance.jp\/newblog\/wp-json\/wp\/v2\/posts\/137\/revisions\/141"}],"wp:attachment":[{"href":"https:\/\/cloudsecurityalliance.jp\/newblog\/wp-json\/wp\/v2\/media?parent=137"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudsecurityalliance.jp\/newblog\/wp-json\/wp\/v2\/categories?post=137"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudsecurityalliance.jp\/newblog\/wp-json\/wp\/v2\/tags?post=137"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}