The Linux Foundation Projects
Skip to main content
All Posts By

jshelby

The CIA Triad for Confidential Computing

By Blog No Comments

At the heart of cybersecurity, the CIA triad is a model designed to guide policies for information security within an organization. It consists of three fundamental principles:

Confidentiality: Ensures that sensitive information is accessed only by authorized parties and is protected against unauthorized access. Techniques such as data encryption, secure authentication, and access controls are employed to maintain confidentiality.

Integrity: Guarantees that information is reliable and accurate, safeguarding it from unauthorized modification. Integrity is upheld through mechanisms like checksums, cryptographic hashes, and digital signatures, ensuring that data remains unaltered from its original state unless modified by authorized entities.

Availability: Ensures that information and resources are available to authorized users when needed. This involves protecting against attacks that disrupt access to resources, such as DDoS attacks, and implementing disaster recovery plans to maintain service continuity.

Confidential Computing (CC) enhances the traditional CIA triad by focusing on protecting data in use—complementing existing measures that protect data at rest and in transit. By leveraging hardware-based security mechanisms such as Trusted Execution Environments (TEEs), CC enables sensitive data to be processed in isolated environments, thus offering a unique opportunity to reexamine and reinforce the principles of the CIA triad in modern computing scenarios.

Aligning with the CIA Triad

Confidentiality in Confidential Computing: The essence of Confidential Computing lies in its ability to ensure that data being processed remains confidential, even in shared or cloud environments. Through technologies like Intel SGX and TDX, AMD SEV-SNP, and ARM CCA provide hardware-based, attested Trusted Execution Environments (TEEs) which protect from unauthorized access, including operators of cloud services.

Integrity in Confidential Computing: CC technologies also play a crucial role in ensuring the integrity of data and code execution. Confidential Computing allows for the verification of software and data integrity before execution, ensuring that only authorized code runs within TEEs. This is instrumental in preventing unauthorized modifications and ensuring that computations are performed accurately.

Availability in Confidential Computing: While confidentiality and integrity are the primary focus of Confidential Computing, it also contributes to availability by enhancing the overall security posture. By mitigating the risk of data breaches and ensuring the integrity of computing processes, CC supports the uninterrupted availability of services, fostering trust and reliability in digital ecosystems.

Confidential Computing: A Journey Through the CIA Triad

Confidential Computing (CC) stands as a pivotal advancement in the realm of cybersecurity, offering robust mechanisms to protect data in use and reinforcing the principles of the CIA triad—Confidentiality, Integrity, and Availability—in novel and powerful ways. There are several key takeaways emerge:

Confidential Computing enhances the traditional CIA triad by introducing protections for data in use, alongside existing measures for data at rest and in transit. The evolution of CC technologies demonstrates a concerted effort to address the complexities of modern computing environments, ensuring that sensitive data can be processed securely and reliably.

Integrity and confidentiality are paramount in CC, with innovations providing mechanisms for verifying the authenticity and safeguarding the privacy of data during processing.

Availability, while indirectly impacted by CC, benefits from the improved security posture that CC technologies bring to digital infrastructures, supporting the reliability and accessibility of services.

As the landscape of digital threats continues to evolve, so too will the technologies and strategies employed to counter them. Confidential Computing represents a forward-thinking approach to cybersecurity, promising to play a crucial role in safeguarding the future of digital information processing.

Further Reading and Resources

To further explore the concepts and technologies discussed, the following resources serve as a starting point for those seeking to deepen their understanding of Confidential Computing and its significance in today’s cybersecurity landscape. By engaging with these materials, you’ll gain a more nuanced appreciation of the challenges and opportunities that Confidential Computing presents:

1. The Confidential Computing Consortium: An initiative by the Linux Foundation, this consortium brings together industry leaders to collaborate on open-source projects and standards for Confidential Computing.

2. NIST on Confidential Computing: The National Institute of Standards and Technology (NIST) provides resources and publications that address the technical aspects and standards related to Confidential Computing.

March 2024 Newsletter

By Newsletter No Comments

In Today’s Issue:

 

    1. Executive Director’s Corner
    2. TAC Community
    3. Outreach Engagement
    4. Join us at RSA

Spring greetings! March is the start of a lovely season. We’re continuing our momentum and bringing you the latest and greatest here at CCC. Let’s dive in.

Executive Director’s Note

February was a busy month for the CCC, with appearances or attendance at FOSDEM, State of Open, Rocky Mountain Cyberspace Summit, and PET Summit Europe in London. The breadth of engagement – ranging from technical, open source, US government/federal/defense and European banking/compliance and beyond – shows how use cases for Confidential Computing are becoming increasingly relevant across multiple sectors and contexts. With new membership from Fujitsu and Tiktok moving to participate as a Premier Member, we are also seeing a broader global engagement, which we are keen to address with meetings at times that are appropriate for more members, so if you’re interested in attending any of our committees or SIGs, please get in touch and we can hopefully find a time that works for you.

From the TAC
In response to requests from the Cloud Security Alliance and others, the TAC is looking at defining additional terminology. Currently terms fundamental to Confidential Computing… like “Confidential Computing” 🙂 are defined in the A Technical Analysis of Confidential Computing. Confidential Computing artifacts like “Confidential Container” and “Confidential VM” are defined in “Common Terminology for Confidential Computing”. We received requests for clarification about what we might call operational terminology – concepts like “Trust Anchor”.

The TAC anticipates formalizing these definitions in a CCC-governed paper and then perhaps promoting them in other places like Wikipedia. If you would like to contribute, as always “All are Welcome” to contribute to our TAC meetings. Last month we announced the TAC goals defined across Projects, Ecosystem, and Community. TAC representatives from each of the premiere members are taking responsibility to lead one of these areas. Lily and Yash from Red Hat have gotten us off to a great start with their work in the Community objectives. Partnering with Riaan and Sal from our staff, they are well underway to make the internship and mentoring process an enriching experience for the CCC and for our new contributors. If you would like to hear more about the other objectives feel free to reach out to any of our TAC members in slack or on the mail list.

They will be excited to tell you what they are planning.Last but not least, we also announced our newest Special Interest Group last month. SIGs are sub-communities with a common topical interest. The Linux Kernel SIG is now underway working to develop common infrastructure and approaches to increase cross architecture reuse and reduce upstream Linux Kernel maintenance burden. Logistical information is making its way onto the CCC committees page.

Technical Community

March has seen significant developments in Confidential Computing, with a major focus on KubeCon. This event brought to light the advancements in container security and the integration of Kubernetes with confidential computing, setting new standards for cloud-native application security.

KubeCon Technical Highlights:
– Enhanced security features in container runtimes, notably with CRI-O’s next iteration.
– Greater Integration of TEEs with Kubernetes, marking a significant step in securing cloud-native ecosystems.
– The introduction of WebAssembly (WASM) for secure microservices, pushing the envelope for container runtime security.

For a full review of the technologies discussed at KubeCon, see our upcoming blog post on the topic.

March underscored the importance of Confidential Computing with key takeaways from KubeCon, focusing on security enhancements in container runtimes, Kubernetes’ integration with TEEs, and the role of WebAssembly in secure microservices. As we head into April, the CCC is gearing up for the IAPP Global Privacy Summit next week, aiming to share key updates on regulation around privacy and technology with our community.

A reminder for project maintainers: prioritize improving your OpenSSF Scorecard scores, we are currently on track to have all projects at a high or perfect security posture score by the end of Q2, great work everyone!

Outreach Engagement
 ———————–
Monthly Analytics
Recently, we’ve covered our monthly analytics report of the website, newsletter, and social in our Outreach Meeting. We’re seeing some positive growth and we’ll keep tracking monthly to improve the health of our activities.

Upcoming Events
RSA (May 6-9): All members exhibiting or planning to attend, 📣LET’S COLLABORATE. CCC will have a booth and we’d like to work with you. Here’s what you can do:
Submit Your Video Content: We’d love to display member content on our booth screen.
Provide Booth No.: Let’s cross-promote. We’ll promote your booth number on our passport card.
Showcase Demo: If you have something to show on the show floor, you can use the CCC booth to showcase your demo.
Identiverse (May 28-31): CCC is hosting a panel session “Confidential Computing: The Internet’s Missing Cryptography Engine
CC Summit (Jun 5-6): CFP for CCC breakout sessions will be available soon. Join the Outreach Committee call to discuss more.
PET APAC (July 16): Calling all our Confidential Computing Enthusiasts in APAC! Open opportunity to be announced soon.
For any questions regarding CCC events, email Events SIG.

CHART YOUR COURSE TO CYBERSECURITY BRILLIANCE AT RSAC 2024
Join us for an unforgettable experience at RSAC 2024—the premier destination for cybersecurity professionals to come together for four days of learning, networking, and advancement! We’ve compiled the top agenda highlights that await you, from captivating Keynotes to cutting-edge innovation.

Register by April 5 to take advantage of our Discount Period pricing and use code 14UCCCFDto save $750* on your Full Conference Pass.

You can also use our FREE Expo Pass Code: 52ECONCOMPXO
VIEW FULL AGENDA

Collaborative Security: The Role of Open Source in Confidential Computing

By Blog No Comments

Blog Post:

As we continue our exploration of Confidential Computing, this week we focus on a crucial aspect that is often the unsung hero of technological advancement: open source. Specifically, we’ll examine how open-source initiatives are contributing significantly to the development and implementation of Confidential Computing.

Open Source: A Foundation for Innovation

Open-source software is built on the principle of collaboration and transparency. It allows developers from around the world to contribute to and review each other’s code, fostering innovation and rapid problem-solving. This collaborative approach is particularly beneficial in the realm of cybersecurity, where the sharing of knowledge and resources is key to staying ahead of threats.

Open Source in Confidential Computing

In the context of Confidential Computing, open source plays a pivotal role. Open-source projects provide the foundation for many Trusted Execution Environments (TEEs) and other secure computing technologies. By leveraging open-source software, developers can create more robust, secure, and versatile solutions for data protection.

Advantages of Open Source in Security

One of the main advantages of open source in the field of Confidential Computing is transparency. Open-source code can be inspected by anyone, which means vulnerabilities can be identified and addressed more quickly than in proprietary software. This transparency builds trust and reliability, essential components in any security solution.

Linux: A Testament to Open-Source Success

Reflecting on the impact of open source, we can’t overlook Linux, released in 1991 and now a cornerstone of open-source software. Linux’s success demonstrates how collaborative efforts can lead to robust and widely-used technology solutions. It’s a testament to the power of open-source communities in driving innovation.

Challenges and Opportunities

While open source offers many benefits, it also presents unique challenges, particularly in terms of coordination and quality control. However, these challenges are often outweighed by the opportunities for innovation and the rapid development cycle that open source enables.

Looking Ahead

As Confidential Computing continues to evolve, the role of open source will undoubtedly expand. Open-source communities will continue to be vital in developing secure, efficient, and adaptable solutions for data protection in an increasingly complex digital landscape.

Next Week’s Focus

Join us next week as we delve into the intricacies of data encryption in Confidential Computing. We’ll explore how encryption techniques are being enhanced and applied in new ways to protect data not just at rest and in transit, but also during processing.

TikTok Becomes Premier Member of Confidential Computing Consortium

By Announcement, Blog No Comments

In an era dominated by rapid technological advancements, the need for robust data security measures has become more critical than ever. Recognizing this imperative, TikTok has joined the Confidential Computing Consortium (CCC) as a Premier member, a collaborative effort dedicated to advancing the adoption of confidential computing technology.

The Confidential Computing Consortium is a community-driven initiative comprising industry leaders and organizations united in their mission to redefine data security standards. Our mission centers on promoting the widespread adoption of confidential computing, focusing on safeguarding sensitive information and cultivating a more robust computing landscape. Utilizing advanced computational techniques, such as hardware-based Trusted Execution Environments, confidential computing enhances security and privacy by protecting data in use. This approach complements existing encryption methods for data at rest and in transit, fostering comprehensive data protection measures.

As a platform, TikTok is used by billions of users worldwide on a global scale. When building products and features, securing the privacy of users is at the forefront of TikTok’s engineering strategy. TikTok’s Privacy Innovation is an open-source initiative dedicated to advancing data privacy through cutting-edge technological advancements and fostering collaboration and transparency. Their open-source initiatives aim to make technology readily available to researchers and practitioners, aligning with a shared vision to shape a safer, more privacy-centric future. By joining this global consortium, TikTok aligns with a community of like-minded entities dedicated to advancing secure computing solutions.

As technology evolves, robust data protection measures become increasingly paramount. Through initiatives like confidential computing, companies like TikTok are safeguarding their users’ information and contributing to the broader effort of establishing a more secure and trustworthy digital ecosystem. TikTok’s membership not only holds significance for the company itself but also serves as an inspiration for other technology companies to prioritize data security in an era where digital trust is of utmost importance.

Join us in welcoming TikTok to the Confidential Computing Consortium.

The Guide to Confidential Computing Sessions at KubeCon + CloudNativeCon Europe (March 20-21)

By Blog, Event No Comments

Confidential Computing is a transformative approach to protecting data in use, enabling computation in memory without exposing it to the rest of the system. As cloud-native technologies continue to evolve, KubeCon + CloudNativeCon Europe 2024 offers sessions at the forefront. This guide is your go-to resource for exploring the Confidential Computing offerings, ensuring you make the most of your conference experience.

Key Demos, Sessions and Posters 

Learn about Attested Containers for securing containerized workloads and other open source Confidential Computing demos at Intel’s booth, H5.

Poster Session: Kubernetes in the Confidential Computing Marvels: Unlocking SMPC Across Multi-Cloud Clusters

When: Wednesday, March 20 • 18:00 20:00

Who: Gilles Seghaier & Nayani Parameshwari, Astran

Find on KubeCon Schedule

Dive into the world of Secure Multiparty Computation (sMPC) with Kubernetes, exploring its application across multi-cloud clusters for enhanced data security.

Fortifying AI Security in Kubernetes with Confidential Containers (CoCo)

When: Thursday, March 21 • 14:30 15:05

Who: Suraj Deshmukh, Microsoft & Pradipta Banerjee, Red Hat

Find on KubeCon Schedule

A deep dive into securing AI models in Kubernetes using Confidential Containers, ensuring data privacy without sacrificing performance.

Memory Armor for SPIRE: Fortifying SPIRE with Confidential Containers (CoCo)

When: Thursday, March 21 • 17:25 18:00

Who: Matthew Bates, Stealth Security Startup & Suraj Deshmukh, Microsoft

Find on KubeCon Schedule 

Learn how Confidential Containers enhance the security of SPIRE servers, safeguarding sensitive signing keys against unauthorized access.

Confidential Containers for GPU Compute: Incorporating LLMs in a Lift-and-Shift Strategy for AI  

When: Thursday, March 21 • 16:30 17:05

Who: Zvonko Kaiser, NVIDIA

Find on KubeCon Schedule

An exploration of integrating confidential containers with GPU computing for AI/ML workloads, maintaining data confidentiality while leveraging computational power.

Additional Highlights

CRI-O Odyssey: Exploring New Frontiers in Container Runtimes

 An insight into the latest in container runtime technology, touching on Confidential Computing integration.

 Thursday, March 21 • 11:00 11:35

Towards a Cloud-Native, Scalable and Fault-Tolerant Platform for Digital Agriculture

A unique application of cloud-native technologies in agriculture, showcasing the potential of Kubernetes and Confidential Computing.

Wednesday, March 20 • 18:00 20:00

Confidential Computing at KubeCon

KubeCon + CloudNativeCon Europe 2024 offers an opportunity to immerse yourself in the world of Cloud and Compute. Whether you’re a developer, IT professional, or business leader, these sessions provide a wealth of knowledge and a unique chance to advance your understanding of the technology at the Confidential Computing Consortium and its critical role in the future of cloud-native technologies.

Bookmark this page and plan your schedule to make the most of the Confidential Computing sessions at KubeCon + CloudNativeCon Europe 2024. See you there!

Basics of Trusted Execution Environments (TEEs): The Heart of Confidential Computing

By Blog No Comments

As we delve deeper into our exploration of Confidential Computing, this week we turn our attention to a critical component that plays a central role in this technology: Trusted Execution Environments, or TEEs. Understanding TEEs is key to appreciating how Confidential Computing enhances data security.

What are Trusted Execution Environments (TEEs)?

At its simplest, a Trusted Execution Environment is a secure area within a processor. It guarantees that the code and data loaded inside it are protected with respect to confidentiality and integrity. Essentially, TEEs provide a kind of ‘safe room’ for sensitive operations, ensuring that even if a system is compromised, the data within the TEE remains secure.

How Do TEEs Work?

TEEs operate by isolating specific computations, data, or both, from the rest of the device or network. This isolation is hardware-based, which makes it highly resistant to external attacks, including those from the operating system itself. Within a TEE, code can run without risk of interference or snooping from other processes.

The Role of TEEs in Confidential Computing

In the context of Confidential Computing, TEEs are invaluable. They allow sensitive data to be processed in a secure environment, ensuring that it remains encrypted and inaccessible to unauthorized users or processes. This is particularly crucial when handling personal data, intellectual property, or any information requiring strict confidentiality.

Applications of TEEs

The applications of TEEs are vast and varied. They are used in mobile device security, cloud computing, IoT devices, and more. In each case, TEEs provide a layer of security that is vital in today’s interconnected and often vulnerable digital landscape.

A Look Back at Computing History

As we discuss these advanced concepts, it’s fascinating to reflect on how far we’ve come. Consider the ENIAC, unveiled in 1946 and considered the first general-purpose electronic computer. The journey from such rudimentary computing to today’s sophisticated TEEs underscores the incredible advancements in technology.

Next Steps in Our Journey

Understanding TEEs is just the beginning. As we continue our series, we’ll explore how these environments are implemented and the various challenges and solutions associated with them. 

Stay Tuned

Next week, we’ll delve into the role of open source in Confidential Computing. Open source initiatives are pivotal in the development and adoption of TEEs, offering transparency and collaborative opportunities that are essential in today’s cybersecurity landscape.

The Evolution of Cybersecurity: From Early Threats to Modern Challenges

By Blog No Comments

As we continue our journey through the world of Confidential Computing, it’s essential to understand the backdrop against which this technology has emerged. This week, we delve into the evolution of cybersecurity, tracing its journey from the early days of computing to the sophisticated landscape we navigate today.

The Early Days of Cybersecurity

Cybersecurity, in its infancy, was a game of cat and mouse between emerging technologies and the threats that shadowed them. The earliest computers, massive and isolated, faced minimal security concerns. However, as technology advanced and computers became interconnected, the need for robust cybersecurity measures became apparent.

The Birth of Computer Viruses and Antivirus Software

The 1980s marked a significant turning point with the advent of the first computer viruses. Among these early threats was the Brain virus, which led to the creation of the first antivirus software in 1987. This was a pivotal moment, signaling the start of an ongoing battle against cyber threats.

The Internet Era and Its Challenges

The explosion of the internet in the 1990s and early 2000s brought cybersecurity to the forefront. The connectivity that empowered businesses and individuals also opened up new vulnerabilities. Viruses, worms, and later, sophisticated malware, posed significant risks, leading to the development of more advanced cybersecurity solutions.

The Rise of Cybercrime

As technology continued to evolve, so did the nature of threats. Cybercrime became a lucrative business, with hackers targeting not just computers but entire networks. Data breaches, identity theft, and ransomware attacks became common, causing significant financial and reputational damage to individuals and organizations.

The Current Landscape: A Complex Battlefield

Today, cybersecurity is an intricate field, encompassing everything from endpoint security to network defenses, and now, Confidential Computing. The threats have become more sophisticated, leveraging AI and machine learning, making proactive and advanced defense mechanisms essential.

Confidential Computing: A New Frontier in Cybersecurity

This brings us to Confidential Computing – a response to the modern need for enhanced data protection. As we’ve seen, cybersecurity is no longer just about preventing unauthorized access; it’s about ensuring data integrity and confidentiality at every stage, including during processing.

Looking Ahead

The evolution of cybersecurity is a testament to the ever-changing landscape of technology. As we continue to innovate, so too will the methods to protect our digital assets. Confidential Computing is part of this ongoing evolution, representing the next step in securing our digital future.

A Fun Reminder of Our Journey

Reflecting on this evolution, it’s fascinating to think that the journey from the Brain virus to today’s sophisticated cyber threats led to the birth of an entire industry. The first antivirus software in 1987 was just the beginning of what has become a critical and ever-evolving field.

Stay Tuned

Next week, we’ll dive deeper into the world of Trusted Execution Environments (TEEs), a cornerstone of Confidential Computing. Join us as we explore how TEEs provide a secure space for data processing, marking a significant advancement in our quest for cybersecurity.

Introduction to Confidential Computing: A Year-Long Exploration

By Blog No Comments

Welcome to the first blog Confidential Computing Consortium blog series to help new members navigate the transformative landscape of Confidential Computing, a crucial advancement in safeguarding data privacy and security.

What is Confidential Computing?

Confidential Computing is a cutting-edge approach that protects data in use by encrypting it within Trusted Execution Environments (TEEs). These secure areas of a processor ensure data is inaccessible to other applications, the operating system, and even cloud providers, safeguarding sensitive information from unauthorized access or leaks during processing. This technology is foundational in addressing the critical challenge of protecting data throughout its lifecycle, offering a new dimension of security for our digital world.

The Significance

In an era where data privacy concerns are paramount, Confidential Computing emerges as a vital solution. It enables businesses and individuals to compute with confidence, knowing their data remains secure and private, even in shared infrastructure environments. This technology fosters trust and facilitates secure data collaboration, unlocking new possibilities in cloud computing and beyond.

Our Journey Ahead

This blog series will explore these topics (and many more!):

1. The Evolution of Confidential Computing

2. Insights into Trusted Execution Environments (TEEs)

3. The Vital Role of Open Source in Confidential Computing

We’ll examine its transformative impact across industries, its pivotal role in emerging technologies, and how it underpins secure, data-driven innovations. This exploration is designed for tech enthusiasts, industry professionals, and anyone curious about the next frontier in digital security.

Learn more with Special Interest Groups (SIGs)

The Confidential Computing Consortium (CCC) champions this technology through collaborative efforts, including Special Interest Groups (SIGs). These SIGs are integral to: SIG meetings are open to everyone, emphasizing the consortium’s commitment to inclusivity and collaboration. There’s no membership requirement to join these discussions, making it an excellent opportunity for anyone interested in contributing to or learning more about confidential computing.

Be Part of the Movement

By joining our journey, you become a part of a community dedicated to advancing confidential computing. This series promises to deepen your understanding and provide resources that can be easily shared for collaborative efforts driving this technology forward.

Stay tuned as we reveal the fascinating world of Confidential Computing, and it’s critical role in privacy-enhancing technologies. If there is any topic you would love us to cover in this series, we’d love to hear from you! Reach out to skimmich@contractor.linuxfoundation.org

CCC Newsletter- February

By Newsletter No Comments

Hello Community Member,

We’re wrapping up a busy February with a lot of CCC engagements at industry events and various internal revamp processes.

A quick reminder of what we’re about: Confidential Computing Consortium is a community focused on open-source licensed projects securing DATA IN USE and accelerating the adoption of confidential computing through open collaboration. We welcome all members and projects to be involved and engaged. We’re all contributors to shaping the future of Confidential Computing.

Let’s go!

In February’s Issue:

  1. Executive Director’s Corner 
  2.  Outreach Activity – Your Opportunity to Get Involved
  3.  All Things Technical Community
  4. CCC Community Content

From the Executive Director

The conference season is heating up again, and Confidential Computing is becoming more visible in all kinds of areas. We started February with a whole afternoon track (“devroom”) on Confidential Computing at the developer-led FOSDEM in Brussels, followed by a talk by Sal Kimmich at State of Open UK in London. I’m at the Rocky Mountain Cyberspace Symposium in Colorado Springs during the week of the 19th of February, and we round off the month with the Privacy-Enhancing Summit in London (see below!).

We’re also having success in having an increasing number of sessions being accepted at major conferences including the Confidential Computing Summit and RSA Conference North America. What we’d love to do is make the most of these opportunities with members of the Consortium, so if you’re attending or exhibiting at any conferences, please let us know: we always look for ways to coordinate and amplify each others’ efforts.

CCC Outreach Activities

Kicking off the year with a bang! February was full of CCC activities at industry events. You’re invited.

Upcoming Events

  • PET EU (Feb 27-28): CCC is an Associate Partner for PET series. Use the discount code ‘CCC10‘ and join us in London!
    • [Presentation] Confidential Computing and AI: Securing Data and Driving Innovation by Simon Gallagher (Microsoft)
    • [Panel] Fortifying Privacy and Security: The Power of Confidential Computing Solutions with Simon Gallagher (Microsoft), Andreas Walbrodt (Enclaive), Bertrand Foing (Secretarium & Klave) moderated by Mike Bursell (CCC)
    • [Panel] Building an AI Toolbox: How to Utilise Regulated Data Enterprises with David Pollington (Bloc Ventures), Amir Tabakovic (Mobey Forum) moderated by Sal Kimmich (CCC)
    • [Roundtable] Protecting Privacy in AI and Emerging Technologies led by Sal Kimmich
    • [Welcome Reception Jeopardy!] Co-hosted with Partisia. Jeopardy led by Sal Kimmich
  • OC3 (Mar 13): Sal Kimmich speaking on “The road ahead: How confidential computing will evolve in the 2020s and beyond”
  • OSS NA, Seattle (Apr 16-18): Get ready for the CCC Mini-Summit.
  • RSA (May 6-9): All members who are exhibiting or planning to attend, LET’S COLLABORATE. CCC will have a booth and we’d like to support our members. Reach out to the Event SIG link below and let us know if you haven’t already! 
  • CC Summit (Jun 5-6): CFP for CCC breakout sessions will be available soon. Join the Outreach Committee call to discuss more.

For any questions regarding CCC events, email Events SIG.

Got Content?

You can submit your request via the CCC Content Request Form.

Covered content:

  • Blog post
  • Social post
  • Webinar
  • Newsletter
  • Case study
  • Meet up
  • Other

Submit content request

CCC Technical Advisory

The year is off to a strong start in the technical community. We are anchoring our contributions on a common view that by working together as a community we can make the world more secure with Confidential Computing than we could as individuals or individual companies. Our work is organized into three streams: Projects, Ecosystem, and Community. By the end of this year, we will be able to say: 

Projects: As an open-source organization, we helped our projects grow.

  • We coached our projects to adopt security best practices according to OpenSSF guidance (best practices badge).
  • We actively mentored our projects on how to gain adoption.
  • We facilitated collaboration for CCC projects including with the Linux Kernel 

Ecosystem: As security practitioners, we informed security and privacy compliance, standards, and research.

  • We identified influential compliance organizations & appropriately recommended CC in public documents.
  • We evolved understanding of attestation and aligned on protocols and formats.
  • We engaged with academia to encourage and publicize CC research and study.

Community: Our community is growing and healthy.

  • We encouraged our projects to take LF Inclusive Open Source training.
  • We have sought out and welcomed new contributors
    • by representing CCC at conferences
    • facilitating project issues and pull requests
    • by participating in mentorship programs such LFX Mentorship, Outreachy, and GSoC to ramp new people in our SIGs and committees

It’s a full year of work ahead of us, but with the active contributions of each of us, we’re going to accomplish each of these goals! 

Take LF Exclusive Training

Technical Community

Searchable Glossary of Confidential Computing Terms
We’re creating a glossary of the standardized terminology, and communicating with other regulatory bodies like the CSA to use this glossary as the field standard. We welcome contributions to the CCC Glossary Repository for review and discussion now. These terms will be available directly on the CCC website shortly following that process. 

Introducing the New Kernel SIG

The CCC is excited to announce the development of a new Special Interest Group (SIG) focused on the Kernel. 

This SIG aims to:

Facilitate dialog between Linux kernel and Confidential Computing subject matter experts:

  • to facilitate direction for topics that need formal collaboration,
  • to have an additional venue to facilitate direction for topics that are stalled on LKML, which would benefit from higher bandwidth communication,
  • to have a common place to record decisions and formalize the output for others to reference,

and to introduce new technical topics emerging in either domain, e.g., attestation mechanisms approaching standardization.

Learn more about the Kernel SIG and how you can contribute to its foundational goals. 

Kernel SIG Proposal

Engage Your Legal Teams in Our GRC Efforts

We’re calling on members to involve their legal teams in our Governance, Risk Management, and Compliance (GRC) initiatives: you can join the GRC mailing list to learn more. These efforts are focused on developing Patterns for Confidential Computing that align with common regulation standards, and sector-specific regulatory obligations. Your legal team’s input will be invaluable as we strive to ensure that confidential computing technologies meet and exceed regulatory requirements.

Join GRC mailing list.

Open Source Dashboards

Soon, all Linux Subfoundation Open Source Projects may be featured on the LFX Insights platform, integrated with new insights for projects from the amazing CLOMonitor. This advancement promises to provide CCC members with critical data on project documentation, cybersecurity readiness, and more. Here are just a few of the important metrics that projects will be evaluated by:


Comprehensive Documentation and Licensing Checks: Ensures projects have detailed README files and clear open-source licenses, facilitating easier adoption and compliance.

Security and Dependency Management: Offers vulnerability scanning and dependency analysis, helping projects identify and mitigate potential security risks before they become issues.

Diverse and Active Community Engagement: Measures contributor diversity and issue engagement, highlighting the project’s inclusivity and responsiveness to community feedback.

Code Health Monitoring: Tracks codebase activity, including commit frequency and issue resolution times, to gauge ongoing development and maintainability.

Project Vitality Indicators: Analyzes release frequency and adoption rates, providing insights into the project’s momentum, popularity, and impact within the open-source ecosystem.

More from CCC Community

CCC Newsletter- January 2024

By Newsletter No Comments

Hello Community Member,

Welcome to the New Year. We’re excited to continue to connect with you and help drive innovation. You’ll hear from us on a monthly basis (at least) for any news and insightful information.

A quick reminder of what we’re about: Confidential Computing Consortium is a community focused on open-source licensed projects securing DATA IN USE and accelerating the adoption of confidential computing through open collaboration. We welcome all members and projects to be involved and engaged. We’re all contributors to shaping the future of Confidential Computing.

Without further ado, let’s get into the content.

CCC Presence in 2023

We wrapped up a busy year of growth and lots of activities. By bringing in the new Executive Director, Mike Bursell, along with our community members’ participation, we’ve increased our presence at industry conferences significantly.

You can hear from Mike on how his first year at CCC as the ED has been and where he is looking to take on in 2024 in his blog.

Technical Community

In 2023 we focused on growing three things: our projects, ecosystem recognition, and our community. Our technical community made great strides on each of these. Our open-source project portfolio is wider and more mature. Outside of the CCC, we contributed security expertise to public documents and standards organizations. As we grew to deliver these projects and papers, we maintained our emphasis on growing a positive community where everyone is welcome, and anyone can learn and contribute.

Read Open Source Highlights

Welcome, Sal Kimmich

We’ve started the year off strongly with the addition of Sal Kimmich to the CCC staff team as Technical Community Advisor. Sal has lots of experience in open source communities and security, and is already shaking up what we’re doing (in a number of excellent ways). Expect to hear lots more from Sal. Read more on Sal.

What’s New…

  1. Newsletter: We’ll be bringing you more insightful news from all across the CCC horizon. We’re going to have a regular segment update covering TAC news, Outreach news, Member/ED news, and Project/TCA news.
  2. Outreach SIG: Outreach has new SIGs! In 2024, we’ll be upleveling the outreach efforts across these 4 main focus areas:Events, Web Presence, Technical Documents, and Demos. Each SIG has a lead and participating members to streamline the process. Join us in our bi-weekly Outreach Meeting to participate.
  3. New Look, New Presence: CCC Outreach brought in Linux Foundation’s Sr. Marketing PM, Jen Shelby, to make CCC’s external presence to be cohesive and organized. She’ll be working closely with our Web Presence SIG to improve our website, external publication, social, graphic design, and so much more. 

Member Benefits: If you’re unclear about what you can get from participating in the CCC, check out the new benefits page on the website. We also want to encourage ecosystem growth, particularly around start-up participation. For any members, prospective members, or anyone with use cases for or interest in Confidential Computing who wants to get in touch, email Mike Bursell (ED) to see how we can help.

Upcoming Events

Take a look at our upcoming industry engagement and see where you and your team can participate.

  1. FOSDEM (Feb 3-4): CCC is hosting a social hour to support the Confidential Computing Devroom. Email Event SIG if you want to RSVP.
  2. State of Open Con (Feb 6-7): TCA Sal Kimmich is giving a talk.
  3. Rocky Mountain Cyberspace Summit (Feb 19): ED Mike Bursell is attending.
  4. PET EU (Feb 27-28): CCC is an Associate Partner and will host multiple sessions. 
  5. OC3 (Mar 13): CCC is hosting 15-min session.
  6. OSS NA (Apr 16-18): CCC is hosting a Mini-Summit.
  7. RSA (May 6-9): Come see us at the CCC booth. All member companies are welcome to collaborate with us. 
  8. CC Summit (Jun 5-6): CCC is co-hosting the conference.

**For your inquiry, please email Events SIG.

Member Content

Enclaive.io Enclaive.io cordially invites you to the public preview of the virtual Hardware Security Module (vHSM) – a breakthrough in key management for cloud environments. Leveraging advanced confidential compute and virtualization, Enclaive’s vHSMs offer unmatched scalability and flexibility, easily adapting to dynamic requirements in modern data centers. To sign up for the public preview, please contact Enclaive team

Industry Scoop