In Today’s Issue:
-
- Executive Director’s Corner
- TAC Community
- Outreach Engagement
- Join us at RSA
Spring greetings! March is the start of a lovely season. We’re continuing our momentum and bringing you the latest and greatest here at CCC. Let’s dive in.
Executive Director’s Note
February was a busy month for the CCC, with appearances or attendance at FOSDEM, State of Open, Rocky Mountain Cyberspace Summit, and PET Summit Europe in London. The breadth of engagement – ranging from technical, open source, US government/federal/defense and European banking/compliance and beyond – shows how use cases for Confidential Computing are becoming increasingly relevant across multiple sectors and contexts. With new membership from Fujitsu and Tiktok moving to participate as a Premier Member, we are also seeing a broader global engagement, which we are keen to address with meetings at times that are appropriate for more members, so if you’re interested in attending any of our committees or SIGs, please get in touch and we can hopefully find a time that works for you.
From the TAC
In response to requests from the Cloud Security Alliance and others, the TAC is looking at defining additional terminology. Currently terms fundamental to Confidential Computing… like “Confidential Computing” 🙂 are defined in the A Technical Analysis of Confidential Computing. Confidential Computing artifacts like “Confidential Container” and “Confidential VM” are defined in “Common Terminology for Confidential Computing”. We received requests for clarification about what we might call operational terminology – concepts like “Trust Anchor”.
The TAC anticipates formalizing these definitions in a CCC-governed paper and then perhaps promoting them in other places like Wikipedia. If you would like to contribute, as always “All are Welcome” to contribute to our TAC meetings. Last month we announced the TAC goals defined across Projects, Ecosystem, and Community. TAC representatives from each of the premiere members are taking responsibility to lead one of these areas. Lily and Yash from Red Hat have gotten us off to a great start with their work in the Community objectives. Partnering with Riaan and Sal from our staff, they are well underway to make the internship and mentoring process an enriching experience for the CCC and for our new contributors. If you would like to hear more about the other objectives feel free to reach out to any of our TAC members in slack or on the mail list.
They will be excited to tell you what they are planning.Last but not least, we also announced our newest Special Interest Group last month. SIGs are sub-communities with a common topical interest. The Linux Kernel SIG is now underway working to develop common infrastructure and approaches to increase cross architecture reuse and reduce upstream Linux Kernel maintenance burden. Logistical information is making its way onto the CCC committees page.
Technical Community
March has seen significant developments in Confidential Computing, with a major focus on KubeCon. This event brought to light the advancements in container security and the integration of Kubernetes with confidential computing, setting new standards for cloud-native application security.
KubeCon Technical Highlights:
– Enhanced security features in container runtimes, notably with CRI-O’s next iteration.
– Greater Integration of TEEs with Kubernetes, marking a significant step in securing cloud-native ecosystems.
– The introduction of WebAssembly (WASM) for secure microservices, pushing the envelope for container runtime security.
For a full review of the technologies discussed at KubeCon, see our upcoming blog post on the topic.
March underscored the importance of Confidential Computing with key takeaways from KubeCon, focusing on security enhancements in container runtimes, Kubernetes’ integration with TEEs, and the role of WebAssembly in secure microservices. As we head into April, the CCC is gearing up for the IAPP Global Privacy Summit next week, aiming to share key updates on regulation around privacy and technology with our community.
A reminder for project maintainers: prioritize improving your OpenSSF Scorecard scores, we are currently on track to have all projects at a high or perfect security posture score by the end of Q2, great work everyone!
Outreach Engagement
———————–
Monthly Analytics
Recently, we’ve covered our monthly analytics report of the website, newsletter, and social in our Outreach Meeting. We’re seeing some positive growth and we’ll keep tracking monthly to improve the health of our activities.
Upcoming Events
RSA (May 6-9): All members exhibiting or planning to attend, 📣LET’S COLLABORATE. CCC will have a booth and we’d like to work with you. Here’s what you can do:
• Submit Your Video Content: We’d love to display member content on our booth screen.
• Provide Booth No.: Let’s cross-promote. We’ll promote your booth number on our passport card.
• Showcase Demo: If you have something to show on the show floor, you can use the CCC booth to showcase your demo.
Identiverse (May 28-31): CCC is hosting a panel session “Confidential Computing: The Internet’s Missing Cryptography Engine“
CC Summit (Jun 5-6): CFP for CCC breakout sessions will be available soon. Join the Outreach Committee call to discuss more.
PET APAC (July 16): Calling all our Confidential Computing Enthusiasts in APAC! Open opportunity to be announced soon.
For any questions regarding CCC events, email Events SIG.
CHART YOUR COURSE TO CYBERSECURITY BRILLIANCE AT RSAC 2024
Join us for an unforgettable experience at RSAC 2024—the premier destination for cybersecurity professionals to come together for four days of learning, networking, and advancement! We’ve compiled the top agenda highlights that await you, from captivating Keynotes to cutting-edge innovation.
Register by April 5 to take advantage of our Discount Period pricing and use code 14UCCCFDto save $750* on your Full Conference Pass.
You can also use our FREE Expo Pass Code: 52ECONCOMPXO
VIEW FULL AGENDA
