"The present document addresses multi-layer administration use cases and technical approaches@ an issue identified in the Security Problem Statement@ ETSI GS NFV-SEC 001 [i.1]. Multi-layer administration seeks to provide methods@ capabilities@ procedures and assurances - of various strengths based on requirements and available technologies and techniques - that safeguard Virtual Machines or Containers running on a virtualisation host (""hosted applications"") - from interference (of various types) by the host system or platform (""hosting service""). The scope of the present document is generally the system comprising the hosting service@ associated hardware (including TPM@ GPU@ etc.)@ software and configuration@ and the hosted application. Some requirements and measures outside this context are also considered@ but not necessarily in equal depth."