Understanding a Confidential Computing Solution

If you are following the latest IT trends, you would have come across the mention of “confidential computing”. With the release of product offerings in this space from Intel, AMD, IBM, Microsoft, Google and many others, this promising technology is making way to real users.

In this blog, we’ll look at the constituents of a confidential computing solution that should help you get a better understanding when evaluating the usage of this technology for your business.

Before delving into the solution aspects, let’s revisit the fundamental question of what confidential computing can give you for your business.

What do you get with Confidential Computing?

Confidential computing protects your workload from unauthorised entities — the host or hypervisor, system administrators, service providers, other VMs, and processes on the host. This key functionality gives you additional confidence to run your sensitive workloads in the public cloud and reap the benefits of the public cloud.

Confidential computing (CC) provides a Trusted Execution Environment (TEE) which are secure and isolated environments that prevent unauthorised access or modification of applications and data running within it. You’ll also hear the terms “enclaves” or “secure enclaves”. “TEEs” and “enclaves” are used interchangeably.

So to reap the benefits of confidential computing, your application needs to run inside a TEE (secure enclave) for it to be protected.

We need to address two key questions here :

1. How to run an application inside a TEE?
2. How to be sure the application is running securely in a TEE?

Let’s take a closer look at these two questions.

How to run an application inside a TEE?

Running an application inside a TEE is enabled by the confidential computing (CC) software stack. You’ll also hear the term enclave software stack meaning the same thing. The CC software stack is responsible for creating and running TEEs and performing attestation.?(I’ll discuss this later in the blog in the context of the second question).

Currently, two variations of the CC software stack exist based on the different TEE types supported by the confidential computing hardware.

Process-based TEEs:?In the process-based TEE model, you must modify the application into two components: trusted (secure) and untrusted. The trusted component runs in the TEE and is protected.

Solutions exist today, allowing you to use process-based TEE with limited or no modifications to existing applications. One such solution is?Occulum; you can read more about it?here.

Intel SGX?(Software Guard eXtensions) is an example of a process-based TEE.

VM-based TEEs:?There is no need for application modification in this model; consequently, you can get started quickly using your existing applications.

AMD SEV?(SEV-ES/SEV-SNP),?Intel TDX,?IBM Secure Execution, and?PEF?are examples of VM-based TEEs.

A few years back, the only option was to use process-based TEEs, as the support for VM-based TEEs was not available commercially. However, today you have both the process-based and VM-based TEEs available commercially.

How to be sure the application is running securely in a TEE?

Attestation is the process that answers this essential question in confidential computing. This is how one software environment proves that a specific program is running on particular hardware.

The attestation can be performed by the TEE environment when it loads, and you can get a detailed report for verification. Further, your application running in the TEE can perform attestation, establish a secure channel and retrieve the secrets by using the tooling available for specific TEEs.

Now let’s understand how a confidential computing solution addresses the two key questions we read above.

Conceptual View of a Confidential Computing Solution

The following diagram shows the logical components constituting a confidential computing solution.

On the infrastructure side, we have the confidential computing hardware, operating system and hypervisor with the necessary support for confidential computing. Then we have the confidential computing software stack to help create and manage the TEEs and provide support for attestation. There is also an attestation service to help with attestation and a key management service to store secrets. There could be various add-on services like confidential container image build, hosting services, etc.

For an overview of different ready-to-use confidential computing offerings, take a look at this?article.

Conclusion

As we saw, any confidential computing solution consists of the following key aspects:

1. Type of TEEs supported (hardware)
2. Means to run an application inside TEE (CC software stack)
3. Means to prove that the application is running securely inside a TEE (attestation)
4. Misc add-ons to serve different use cases (key management services, image build services, image storage services etc..)

And based on your requirements you can choose the vendor(s) providing the required hardware, software and services.

You also might be wondering if there is a possibility of “write once, deploy anywhere”?with confidential computing. A promising technology to watch out for in this space is?Enarx. Will explore Enarx in a future blog post.

Please do not hesitate to reach out to me via comments or DM.