An emerging technology called “confidential computing” promises to make it easier to develop new generations of cloud applications, including machine learning and artificial intelligence, that run securely across multiple cloud environments.
“Many people think of security as a tax, something you have to do. To some extent, that’s true,” Chris Ramming, VMware senior director of research and innovation, said in an interview. “But what I think is particularly compelling about confidential computing is that there’s a whole new set of workloads that confidential computing enables that you couldn’t implement without confidential computing under the hood.”
Confidential computing allows individuals and organizations to share data with applications while protecting that data’s secrecy. That’s important in applications such as ML and AI, which need access to vast data pools while maintaining the confidentiality of that data. Confidential computing works through “attestation,” verifying programs and the permissions and data those programs should have.
Confidential computing adds a new layer to the traditional two kinds of data security: “Data at rest” protects data on a server, end-user device, or edge device. “Data in motion” is data that’s on the network. The new layer, protected by confidential computing, is “data in use”—data in memory being acted on by a program.
It’s tee time
The technology works by building a hardware component, called a trusted execution environment (TEE), into the processor, along with application programming interfaces (APIs) to take advantage of that component. The TEE maintains the confidentiality and integrity of programs and data even when workloads are deployed in the cloud or infrastructure, such as the edge, that might be operated by others.
Cloud applications of all types will find confidential computing useful because the cloud generally involves sending data to servers operated by someone else and shared by multiple parties. Often, competitors share the same cloud infrastructure, as well as businesses and their customers and suppliers, making data privacy essential.
Confidential computing can secure workloads across on-premises and third-party infrastructure, including the telco edge, multi-cloud environments, and sovereign clouds.
“Many organizations have declined to migrate some of their most sensitive applications to the cloud because of concerns about potential data exposure,” according to a 2020 write-up about confidential computing in IEEE Spectrum. “Confidential computing makes it possible for different organizations to combine data sets for analysis without accessing each other’s data.”
The thrilling origin story
Confidential computing is the brainchild of the Confidential Computing Consortium, launched in 2019 under the auspices of the Linux Foundation. CCC members include Alibaba, AMD, Arm, Facebook, Fortanix, Google, Huawei, Intel, Microsoft, Oracle, Red at, Swisscom, Tencent and VMware.
Confidential computing took a step forward on June 29 in an announcement that VMware, AMD, Samsung and members of the RISC-V Keystone Community will collaborate on the open-source Certifier Framework for Confidential Computing project developed by VMware.
AMD brings X86 compatibility to the framework, while Samsung brings ARM support. Additionally, RISC-V is a standard processor architecture designed through an open, collaborative process as an alternative to X86 and ARM. And Keystone is an open-source project for building TEE enclaves based on RISC-V.
The framework specifies platform-independent APIs that make it easier for developers to write applications that utilize confidential computing.
“The promise of confidential computing is enormous, but until it becomes easier for developers to create programs and deploy programs that are easy to operate, it will be a challenge,” Ramming said.
VMware is looking to broaden the document’s support to other vendors, as well as finding a custodian organization, such as CCC, for the open source project, Ramming said.
“If we do this right, customers will have a choice of which cloud to operate in, and they won’t have to make changes to deal with security because of one cloud provider’s particular approach,” Ramming said. “I’m interested to see if we can leverage confidential computing to help users control the security of their workloads no matter where they’re running.”