Hello Community!
Welcome to the 2024 September Newsletter
In Today’s Issue:
- Executive Director September Recap
- Recordings from the CC Mini Summit @ OSSEU
- TAC Tech Talks & Upcoming Discussions
- Community Blog Highlights
Welcome to the September edition of our newsletter – your guide to awesome happenings in our CCC community. Let’s go!
Executive Director Update
September saw us holding a Confidential Computing Mini-Summit, co-located with Open Source Summit Europe in Vienna. Despite torrential rain and major flooding in the preceding days, all of the speakers and panel members made it and we had an interesting – and sometimes spirited! – set of discussions. I particularly enjoyed moderating a panel on attestation – see below for more on that topic. The slide decks from the speakers as well as the video recordings at the Mini-Summit will be available for you to watch.
I also popped over to Dublin for the Eyes Off Data Summit, where I appeared as a panel member in a session about the opportunities and challenges of Confidential Computing.
The main thing that I’m seeing at the moment in the community is a realization that while there’s still a lot of work to be done educating the wider world on the basics of Confidential Computing and TEEs, the really interesting work and the really exciting business opportunities are likely to revolve around attestation. This is reflected in the conversations we’re having at conferences and the work that we’re doing in the CCC. There are two main streams of work: the technical, where we’re looking at definitions, protocols and related areas; and business questions such as “who should run an attestation verification service?” and “what sorts of policies should we expect an attestation verification service to enforce?”. Spanning these streams is the work by the Governance, Risk and Compliance (GRC) SIG, which also considers issues around regulation.
If any of this sounds interesting to you, or you’d like to be involved in any way in the work of the CCC, we’d love to hear from you.
CC Mini Summit Recordings & Slides
On Demand Content is Available NOW!
Enjoy the recordings from the Confidential Computing Mini Summit at OSS EU.
TAC Update
This month we had three really deep tech talks. A couple are more on the advanced end of the spectrum but don’t let that scare you away from checking them out. They were all presented in really accessible formats. You’ll see the TAC Tech Talks playlist alongside our other playlists on the CCC YouTube channel:
Heading into October we’re in our final quarter to complete the goals we set for ourselves for the year. One of the big topics is getting Confidential Computing Features upstreamed into the Linux Kernel. The primary maintainers conference (The Linux Plumbers Conference) just concluded in late September so we’ll be getting some feedback from that in the TAC in October.
We’re also looking at starting some new work related to attestation verification. Feedback from another exercise showed us that there’s still areas that need a common definition. Among them, being able to identify entities that are in and out of the Trusted Computing Base (TCB), also informally called the trust boundary. Entities like CSPs are pretty big and we want to be more granular to more accurately reflect who is and isn’t trusted for a given deployment – or at least what sort of questions an adopter should think through.
Community Blog Highlights
-
- Confidential Computing for Secure AI Pipelines: Protecting the Full Model Lifecycle
- Strengthening Multi-Cloud Security: The Role of COCONUT-SVSM in Confidential Virtual Machines
- Exploring Enclave SDKs: Enhancing Confidential Computing
- Library OS for Confidential Computing: Enhancing Data Security with Cutting-Edge Projects
- Enabling Verifiable, User-Owned and Tradable AI Agents in Games – with Veriplay, Polygon, Immutable and Super Protocol
