Blog Post

Azure Confidential Computing Blog
7 MIN READ

New innovations in confidential computing from Azure at Ignite 2023

VikasBhatia's avatar
VikasBhatia
Icon for Microsoft rankMicrosoft
Nov 15, 2023

Azure has been a pioneer and leader in the field of confidential computing, offering the most comprehensive portfolio of products and services that leverage hardware-based trusted execution environments (TEEs), as shown in a report that we published with O’Reilly Media.  Confidential computing is a technology that enables data to be protected while it is being processed in the cloud. Data exists in three stages in its lifecycle: in use (when it is created and computed upon), at rest (when stored), and in transit (when moved). Customers today already take measures to protect their data at rest and in transit with existing encryption technologies. However, they have not had the means to protect their data in use at scale. Confidential computing is an innovation and the missing third stage in protecting data when in use via hardware-based TEEs that can now provide assurance that the data is protected during its entire lifecycle.

 

Azure confidential computing provides customers with the choice and flexibility to run their workloads on different types of TEEs from Intel, AMD, and now NVIDIA GPUs in preview. Azure confidential computing adds to the foundation of Azure’s industry-leading security capabilities, which provide multi-layered protection across physical datacenters, infrastructure, and operations – driven by a global team of more than 8,500 cybersecurity experts that work to safeguard customer data and assets in the cloud. Azure is committed to transforming the cloud into the confidential cloud, and to delivering the highest level of security and privacy for our customers, without compromise.  As such, Azure confidential virtual machines come with no extra cost, making confidential computing more accessible and affordable for all customers.

 

Confidential computing can help bring more workloads to the cloud, including our own Microsoft Payment Card Vault, which processes $25B in credit card transactions.  Worldwide public sector applications that may require data residency and sovereignty can also benefit.  Last month, Microsoft announced a preview of the Microsoft Cloud for Sovereignty, enabling more customers and partners to bring innovations to the cloud in countries such as the Netherlands, United Arab Emirates, and Italy, leveraging Azure confidential computing as part of their sovereign cloud journey.

 

Azure confidential computing announcements and updates

Below you can find a summary of the announcements at the Ignite conference this year from Azure confidential computing (ACC).

 

Preview: Azure confidential VMs with NVIDIA H100 Tensor Core GPUs

Microsoft Azure is the first cloud provider to announce the preview of the NCCv5 series Azure confidential VMs with NVIDIA H100 Tensor Core GPUs. These VMs allow Azure customers to migrate their most sensitive GPU intensive workloads to Azure with minimal performance impact and without code changes. The VM CPU and GPU

  • Next-generation CPUs: AMD 4th Gen EPYC processors with SEV-SNP technology to meet CPU performance for AI training/inference with a verifiable HW-based root of trust.
  • AI state-of-the-art GPUs: NVIDIA H100 Tensor Core GPUs with 94GB of High Bandwidth Memory 3 (HBM3). NVIDIA created new secure firmware and microcode to enable confidential computing capable paths in the CUDA driver and established attestation verification flows.

Learn more about this announcement and sign-up for preview.

 

 

Public preview: Azure confidential VMs with Intel TDX

Microsoft announces that DCesv5 and ECesv5-series confidential virtual machines (VMs), based on Intel 4th Generation Xeon processors with TDX technology is launching in public preview in December. These VMs allow Azure customers to migrate their most sensitive workloads to Azure with minimal performance impact and without code changes.

 

These Confidential VMs provide the highest performance and flexibility for customers, offering up to 128 vCPUs, support for disk and diskless VM options, and flexibility for ephemeral and persistent workloads. This release offers support for OS disk encryption, enterprise grade FIPS 140-2 Level 3 key management, preview of disk integrity tool and guest attestation chained to an Intel hardware root-of-trust, along with Intel Trust Authority and Microsoft Azure Attestation options.

 

Learn more about this announcement.

 

 

New GA Regions and Preview Features for Azure confidential VMs with AMD SEV-SNP

AMD-based confidential VMs are now generally available in 12 Azure regions with more coming soon.  Microsoft is also announcing several new features for Azure confidential VMs based on AMD SEV-SNP.  Customers can now use a public preview of Red Hat Enterprise Linux (RHEL) 9.3 OS, and public preview of temp disk encryption.

 

Learn more about these updates.

 

 

Public preview: Confidential containers on AKS

The introduction of confidential containers on Azure Kubernetes Service (AKS) in preview, is an industry-first offering building on the open-source Kata Containers and enhancing with confidential computing to allow certain pods to run in their own trusted execution environment (TEE) with protection of data in use, in memory. Each pod has its own memory encryption key generated by the hardware and is unavailable to Azure operators. The update includes support for customer attestation of the HW and workload within the TEE, and support for an open-source and extensible sidecar container for managing secrets.

 

Learn more about this announcement.

 

 

Public preview: Azure Managed Confidential Consortium Framework (CCF)

Customers can now build and host decentralized governance applications in an Azure hosted, managed environment on top of Azure confidential computing infrastructure. These decentralized applications leverage the Confidential Consortium Framework’s principles: decoupling the transaction computations, executed within Trusted Execution Environments (TEEs), from the framework governance. This provides a framework where nodes executing the transactions cannot access the contents and are ideal for building applications with programmable confidentiality on data and information that might be needed between multiple parties. The product has applicable scenarios in financial services, banking, healthcare, and other regulated industries. 

 

Learn more about this announcement.

 

 

New Azure Confidential Ledger Features

Azure confidential ledger now provides a new Marketplace app for Azure Storage customers and feature enhancements to portal experience.  Storage customers will now be able to use a marketplace application to connect their immutable blobs with enhanced integrity protection from Azure confidential ledger. Signatures from blobs will be stored and validated, as needed. In addition, the Azure confidential ledger portal experience has been enhanced to allow exploring transactions and retrieving cryptographic proof.   

 

Learn more about these updates.

 

Azure confidential ledger is launching a Basic SKU in preview to serve customers of other Azure products needing higher integrity protection. The Basic SKU will allow customers to uplevel integrity protection by storing periodic data, blobs, and application signatures in Azure confidential ledger. 

 

Learn more about this announcement.

 

 

General Availability: Confidential VM option for Azure Databricks

Customers seeking to better ensure privacy of personally identifiable information (PII) or other sensitive data while analyzing data in Azure Databricks can now do so by specifying AMD-based confidential VMs when creating an Azure Databricks cluster, now generally available for use in regions where confidential VMs are supported. Running an Azure Databricks cluster on Azure confidential VMs enables customers to confidently analyze their sensitive data in Azure.

 

Learn more about this announcement.

 

 

General Availability: Larger SKUs for SQL AE with secure enclaves

Enable SQL Always Encrypted with secure enclaves that provide stronger security protection with hardware enclaves.  New DC-series databases support up to 40 vCores for memory-heavy workload requirements.

 

Learn more about this announcement.

 

 

Customer and Partner Successes

We continue to see customers and partners pushing the limits of what is possible in Azure and realizing valuable insights from applications and data previously not possible due to security or privacy concerns of having sensitive data exposed to others.  A few examples are included here.

 

Blockchain infrastructure provider, Fireblocks, wanted to create a proprietary ecosystem to remove the complexity of working with digital assets and cryptocurrencies and provide a higher level of security than ever achieved.  They have used Azure confidential computing to create more than 100 million digital wallets, while redefining the digital assets industry to provide secure entry points for a broad range of organizations. 

 

“With Azure confidential computing, we’ve processed more than $4 trillion worth of assets in the Fireblocks environment. That’s a big number, and we’re very proud knowing that 100 percent of it was processed so securely and reliably.”  - Idan Ofrat, Co-founder and Chief Product Officer, Fireblocks

Read the full story.

 

 

Companies that work with sensitive data are often sitting on a wealth of information they’re restricted from using, but Decentriq is helping these companies tap into the value of this data—without sharing it. With its data clean rooms, Decentriq is not only making data collaboration simpler, but in many cases, it’s also creating the opportunity for multiple groups to come together and use sensitive data for the first time—using Azure confidential computing.

 

“There are multiple categories of data clean rooms, but we differentiate ourselves by our use of Azure confidential computing, which makes our data clean rooms among the most secure and privacy-preserving clean rooms in the market.”   - Pierre Cholet, Head of Business Development, Decentriq

Read the full story.

 

 

Habu is another partner enhancing collaboration between companies and their stakeholders. They provide secure and compliant data clean rooms to help teams unlock business intelligence across decentralized datasets. With Habu’s software platform, customers can create their own data clean room and invite external partners to work with them more effectively and securely, while addressing changing privacy regulations for consumer datasets.

 

“We wanted to bring the power that Azure confidential computing provides around privacy, security, and governance into the framework of what we already supported, representing the next generation of our offering that we can take to customers with deep ties to Microsoft.”  - Ted Flanagan, Chief Customer Officer, Habu.

Read the full story.

 

 

BeeKeeperAI has developed EscrowAI, a solution that powers AI algorithm development within a zero trust framework. The solution allows the use of sensitive data, without deidentification, to be part of the AI testing process. It does this by creating a Trusted Execution Environment (TEE) that is not visible to either data stewards or AI developers, and which delivers verifiable results. By adding Azure Confidential Ledger to EscrowAI, BeeKeeperAI recently enhanced the solution’s ability to verify results to regulatory bodies. 

 

“We needed to provide a record that, by its very nature, could not be changed or tampered with. Azure Confidential Ledger met that need right away.  In our system, we can prove with absolute certainty that the algorithm owner has never seen the test data set before they ran their algorithm on it.  With Azure Confidential Ledger, we take that question off the table.”   - Alan Czeszynski, Vice President of Product, BeeKeeperAI

Read the full story.

 

 

Get Started with ACC

Documentation - https://aka.ms/accdocs

Blogs – https://aka.ms/accblogs

Customer and partner success – https://aka.ms/accstories

 

 

 

Updated Nov 15, 2023
Version 1.0
No CommentsBe the first to comment