Protecting data in use is the short version of the purpose of confidential computing. However, this initiative is more complicated than that. On Monday, November 14, representatives from Google Cloud, AMD and Intel met to discuss the state of confidential computing, where it is headed and what hurdles still need to be overcome. What does confidential computing mean for cloud and edge deployments? For hardware makers and software developers?
The state of confidential computing
“Confidential computing is really the method by which a cloud vendor or a host environment can bind its own hands,” said Brent Hollingsworth, director of the Epyc software ecosystem at AMD. “They can avoid being able to see data at a fundamental level in a way that wasn’t possible before.”
Formally, confidential computing is an initiative to ensure that cloud computing technology can secure data in use at the hardware level. It uses trusted execution environments, a trusted enclave within a central processing unit.
TO SEE: Hiring Package: Cloud Engineer (Tech Republic Premium)
For chipmakers and software makers, explaining the story of this new capability to customers could be half the battle, said Anil Rao, vice president and general manager of systems architecture and engineering at Intel. Several panelists noted that confidential computing is currently difficult to market. The goal is that it is essential, but at the moment it is considered a perk.
Changing that requires asking technical questions that also determine whether customers buy. One of the forward-looking questions from Vint Cerf, chief Internet evangelist for Google Cloud, is, “What happens if a CC server goes down? How do you recover? How do you transfer partial results, etc.? What about scaling? How do you make CC work in a multicore environment? Does it work with GPUs and TPUs? Are certifications available and from whom and on what basis?”
Brent noted that the most interesting advanced developments today come from large organizations that have the resources to rebuild infrastructure based on the idea of putting security first. For example, he raided Project Zero, Google’s white hat hacking team.
Confidential computing on the edge
Confidential computing is an advantage for edge applications because they may not have the same physical properties as a data center. For example, a cell tower with a server at the bottom is an edge situation that requires special security. Unmanned or uncontrolled facilities can also be of great benefit.
“If you’re pushing your IP to the edge and want to make sure your IP is being handled with care, that’s a great example,” says Rao. “We actually see some of our customers deploying confidential computers for these types of scenarios, whether it’s things like Google Antos or moving from their central location to their branch location.
“If it’s a lights-out infrastructure in their industry, these are all fundamental ways that edge is a huge part of confidential computing.”
Cerf pointed it out 6G and mobile edge are also relevant here. While 6G’s design is still fluid, overall the application level has some say in how the communications system performs. This is another example of built-in security, a philosophy that shares several walls with confidential computing. Customers may want to isolate the application that controls the communications component.
What’s next for confidential computing?
What can we expect from confidential computing in the next five years? Cerf predicts it will remain normalized, with confidential computers in different computing environments. However, this comes down to the capabilities and choices of the chipset makers.
TO SEE: Don’t hold back your enthusiasm: Trends and challenges in edge computing (TechRepublic)
Similarly, Rao envisions a world where confidential computing is standard, where the term “private cloud”obsolete. It must be assumed that the data used will not be visible to outside observers, the panelists agreed.
What prevents confidential computer use?
However, there are several technical challenges before that happens. Not everything in the cloud is suitable for confidential computing yet. Chipsets that provide this and specialization have yet to be developed so that domain-specific computing can be performed at the same time.
Nelly Porter, group product manager for Google Cloud, pointed out that issues such as live migration are still a concern for confidential computing. Explanation is also a concern, Rao said. Customers generally don’t want to be early adopters, he stressed, and cloud computing is still in the typical early stages of few organizations willing to take the first step.
Virtual machine workload development needs to be improved, so security is built from the inside out, rather than organizations asking or trying to bring an older system with a large attack surface to this level of security, Hollingsworth said. Rao also pointed to Intel’s Project Amber, a third-party attestation service.
However, some large organizations try to be trendsetters. In February 2022, the Open Compute Project was released Caliptra, an open specification for chip hardware created in collaboration with Microsoft, Google and AMD. The goal is to solve some of those issues around confidential computing that wasn’t built in from the start. A specific silicon block forms a trust base that allows the data to be locked down at the chip level, making it more difficult for attackers trying to breach hardware.
Another concern and possibility is insulation. Cerf suggested that continued attestation in fluctuating software environments might be possible because of the isolation provided by confidential computing; although at the present stage this is speculation.
Attestation involves a software environment that guarantees a specific program on specific hardware or a trusted execution environment. Rao agreed, noting that the purpose of confidential computing is not to “forgive bad application behavior” and that it could change the way application developers think about building in security.
Cerf pointed out that Google Cloud is also working on trusted I/O specifications, which, along with domain-specific computing, could help make confidential computing the norm. Porter also looks forward to typing confidential computing along with the use of graphics processing units as accelerators as more customers will start working not only on CPUs but also with training and models that need accelerators.
Confidential computing is not yet a concept, but progress is being made to integrate it into various security strategies.