A curated list of resources about confidential computing on public cloud.
The main benefit of confidential computing on public cloud is that it enables organizations to process sensitive data and run confidential workloads in a secure and confidential environment, without having to worry about the security risks of running these workloads on shared infrastructure.
With confidential computing, sensitive data is processed within a Trusted Execution Environment (TEE), which provides hardware-level isolation and protection for data and applications. This means that sensitive data is never exposed to the host operating system or any other applications running on the same physical hardware, making it much harder for attackers to gain access to the data.
By enabling secure processing of sensitive data on public cloud, confidential computing makes it easier for organizations to take advantage of the scalability and flexibility of cloud computing while still maintaining the privacy and security of their data. This is especially important for organizations that handle sensitive data such as financial institutions, healthcare providers, and government agencies, which need to comply with data protection regulations and maintain the trust of their customers and citizens.
Confidential computing can be used to protect sensitive workloads and data in a variety of use cases, including financial services, healthcare, government, and machine learning. It enables secure processing of sensitive data such as personally identifiable information (PII), intellectual property (IP), and financial data, without exposing it to unauthorized access or tampering. Additionally, it can be used to ensure compliance with data protection regulations and to prevent data breaches.
Attestation is a critical concept of confidential computing. Attestation is the process of verifying the identity and integrity of a device or application. Attestation process helps to ensure that you are using a trustworthy system before you start processing your data.
- Project Amber by Intel - Intel's service/SaaS-based implementation of an independent trust authority that provides attestation of workloads in a public/private multi-cloud environment.
- Microsoft Azure Attestation Service - Helps to verify the identity and security posture of a platform before you interact with it.
- AWS Attestation - A Nitro enclave uses the attestation process to prove its identity and build trust with an external service.
- Scone CAS - Scone Configuration and Attestation Service
- AMD SEV-SNP Guest Attestation Examples - Open source tools to perform remote attestation of SEV-SNP guests.
A Trusted Execution Environment (TEE) is like a secure bubble within a device that protects sensitive information from malicious actors. It is a secure area of a device's hardware that runs trusted code and processes data in a secure and isolated environment.
- Intel SGX - Software Guard Extensions - offers hardware-based memory encryption that isolates specific application code and data in memory.
- Intel TDX - Trusted Domain Extensions - An architectural technology to deploy hardware-isolated, Virtual Machines (VMs) called Trust Domains (TDs)
- AMD SEV - Secure Encrypted Virtualization - Enables the memory for a VM to be encrypted with a key unique to the VM. SEV is particularly applicable to cloud computing since it can reduce the amount of trust VMs need to place in the hypervisor and administrator of their host system.
- AWS Nitro Enclaves - isolated compute environments to further protect and securely process highly sensitive data.
Azure Confidential Computing enables the secure processing of data and applications in the cloud through the use of hardware-level isolation and protection. This means that sensitive data and applications can be processed without being exposed to the underlying hypervisor. Azure offers two different types of solutions - enclave-based and VM-based - both of which provide a high level of security and confidentiality for sensitive workloads.
- Application Enclaves - Isolated environments that run on Intel SGX to protect specific code and data. DCsv3 VMs offer application isolation using Intel SGX.
- Confidential VMs - Provides a secure and isolated environment for running sensitive workloads in the cloud.
- AMD SEV-SNP - DCasv5 and ECasv5 series confidential VMs based on AMD processors with SEV-SNP technology.
- Intel TDX - Confidential computing on 4th Gen Intel Xeon Scalable processors with Intel Trusted Domain Extensions (Intel TDX).
- Confidential Containers - Provides a set of features and capabilities to further secure your standard container workloads to achieve higher data security, data privacy and runtime code integrity goals.
AWS Nitro Enclaves is a service that allows you to securely process and store sensitive data in the cloud using a hardware-based Trusted Execution Environment (TEE) called the Nitro Enclave. A Nitro Enclave is a small, isolated environment within an Amazon Elastic Compute Cloud (EC2) instance that provides hardware-level isolation and protection for your sensitive data and applications. It is completely separate from the host operating system and can only be accessed by authorized applications.
- AWS Perspective - The Nitro approach to confidential computing
- Nitro Enclaves - isolated compute environments to further protect and securely process highly sensitive data.
- Confidential Containers - an open source community working to enable cloud native confidential computing by leveraging Trusted Execution Environments to protect containers and data.
- Enarx - Application deployment system enabling applications to run within Trusted Execution Environments.
- Scone - A confidential computing platform to deploy applications to enclaves.
- Google Asylo - An open and flexible framework for developing enclave applications.
- Intel SGX SDK - Intel® Software Guard Extensions SDK
- AMD SEV API - AMD SEV API
- Gramine OS - A Library OS for unmodified confidential applications
- Occlum - A library OS to run every application in secure enclaves.
- Open Enclave - Hardware-agnostic open source library for developing applications that utilize enclaves.
- EGO - An open-source SDK to develop confidential apps in golang.
- Apache TeaClave - an open source universal secure computing platform
- Linux Stack for Intel TDX - TDX Tools for Linux