With increasing cybersecurity threats, costly data leaks and privacy regulations worldwide, confidential computing is gaining momentum. Companies worldwide leverage the new paradigm that involves true end-to-end encryption, even for data in use. Thus, confidential technologies are coming up on all sides of the spectrum including hardware (AMD SEV-SNP, Arm Realms, NVIDIA GPUs), infrastructure (Azure confidential computing), and software (Constellation). Alongside the technological advancements, the community is growing as well.
Earlier this year, the community came together for the second Open Confidential Computing Conference (OC3), organized by Edgeless Systems and sponsored by Microsoft Azure. Almost 1,000 people signed up for OC3, making it the world’s leading event for confidential computing. The conference featured over 20 talks by security and cloud-native experts from companies including Microsoft, Intel, Apple, Baidu, Google, IBM, and more.
Confidential computing going mainstream
Dr. Felix Schuster, co-founder and CEO of Edgeless Systems gave the opening keynote of the evening. “We are at a tipping point where confidential computing is going mainstream”, Schuster said. “We’re heading to a place where everything is verifiable and encrypted, but there are still a few obstacles that we need to overcome. And we’ll learn about cool solutions to these obstacles today”. At the end of his keynote, Schuster introduced Constellation, a new confidential Kubernetes platform that leverages AMD SEV-SNP confidential VMs on Microsoft Azure, and is now available for enterprise customers.
Mark Russinovich, CTO at Microsoft Azure, gave a keynote that highlighted the most important concepts and pressing use cases for confidential computing, including banking and healthcare. He also formulated a strong vision for the technology, saying that “confidential computing will democratize on-prem on the public cloud”. Russinovich projects widespread adoption and compares the development to encryption of data in motion, which is a standard today. “We will see an expectation that data is always encrypted while it’s in use, regardless of how sensitive it might be”.
Expert sessions on low-level magic, apps & solutions, and cloud native
The three key topics of the conference were (1) technical foundations and new developments (“low-level magic”), (2) confidential applications and industry use cases, and (3) the fusion of confidential computing and cloud native. Please find a few highlights below:
(1) Low-level magic: Engineers from SUSE and Microsoft presented the technical developments around enabling the latest confidential VM hardware capabilities for the guest VM’s firmware and kernel. Microsoft Azure highlighted their roadmap for a fully verifiable open-source guest VM firmware as the foundation for confidential VM attestation. On the other side of the chain, the client-side verification and processing of remote attestation statements is getting more attention. Engineers from Google introduced a new concept for a transparent release process of verifiable binaries that allows checking claims about the binaries. In addition, engineers from ARM presented a verification service that brings consistency to the problems of appraising technology-specific attestation reports.
(2) Apps & solutions: In two independent sessions, architects from Microsoft, as well as from Bosch, Intel, and Edgeless Systems, presented end-to-end confidential apps running on Azure. In the presentations, it was shown how confidential computing enables new, exciting use cases for trustworthy data processing and sharing. In addition, a research expert from JP Morgan and a product manager from Microsoft Azure highlighted the importance of compliance around confidential computing. It became evident that frameworks need to be updated and that regulation is increasingly recognizing the importance of runtime memory encryption. A recent example was updated banking regulation in Singapore that recommends the use of confidential computing principles.
(3) Cloud native: Three talks independently discussed approaches towards confidential Kubernetes deployments. The common understanding was that for the mass-adoption of confidential computing, fusing runtime memory encryption with the cloud native stack and enabling true lift and shift is necessary. The solution space was divided into two orthogonal approaches. Protecting individual workloads (Intel SGX and Confidential Containers) on the one side. Protecting entire Kubernetes clusters (Constellation) on the other. It showed that the common vision is that confidential computing will not only be an additional protection for specific workloads but a new paradigm that fills the gap of protecting data in-use in the cloud native stack. With the developments around AMD SEV-SNP, Intel TDX, Arm Realms, this development will further accelerate.
The future of computing is confidential
As the Microsoft Azure CTO Mark Russinovich said at OC3, “the future of the cloud, the future of computing is confidential”. If you have questions or requirements around confidential cloud, feel free to reach out.