Confidential Computing is an emerging field that aims to protect running workloads (“data in use“) from their environment, thus reducing the Trusted Computing Base (TCB). For VMs, this means that the threat model is updated to not trust the hypervisor. The main push is from the public cloud vendors to enable running more sensitive workloads. In short, the CPU is trusted and creates a clean VM/enclave that can be measured and attested. The attestation can be sent off to a trusted environment that can exchange it for the secrets needed to perform the work.
The Open Secret about Confidential Computing
The Open Secret about Confidential Computing
The Open Secret about Confidential Computing
Confidential Computing is an emerging field that aims to protect running workloads (“data in use“) from their environment, thus reducing the Trusted Computing Base (TCB). For VMs, this means that the threat model is updated to not trust the hypervisor. The main push is from the public cloud vendors to enable running more sensitive workloads. In short, the CPU is trusted and creates a clean VM/enclave that can be measured and attested. The attestation can be sent off to a trusted environment that can exchange it for the secrets needed to perform the work.