March’s Issue:

• From the Executive Director
• NEW! Outreach: Submit your talks & booth demos! 
• Upcoming Events
• From the TAC
• Recent News

Welcome to our latest newsletter! This month’s newsletter covers opportunities for members to staff CCC conference booths, upcoming CFP deadlines, newly approved SIG on Trustworthy Workload Identity, and recent developments in Confidential Computing, including ManaTEE and container security insights.

From the Executive Director (ED)

As conference season continues, it’s worth a reminder that whenever we (the CCC) have a booth at a conference or exhibition, that’s an opportunity for our members and open source projects to attend and staff that booth.  Usually, we get several free passes for booth staff, which means that all you need to do is volunteer (via the Outreach group) and turn up!  You’re welcome to bring your own swag and marketing materials, and while the main branding and messaging focus is, of course, on the CCC, we believe that one of the great benefits of membership is being able to promote not just the consortium, but also your own company or project’s work.  Upcoming events where we’ll have a booth include the RSA Conference and Confidential Computing Summit, so if you’re interested, please get in touch.

Outreach

The deadline is just around the corner! The Confidential Computing Consortium is excited to be sponsoring several upcoming events. As a valued member, you have the opportunity to share your ideas through CCC sponsored speaker sessions. We’re currently accepting submissions for speaker sessions and booth presentations. Whether you have a story to share, a project to demo, or an idea to inspire others, we encourage you to submit a proposal. Don’t miss out and check out the list of opportunities below!

• Confidential Computing Summit | CCC Breakout Session Call for Proposal (Due March 31)
• CFP Confidential Computing Mini Summit- OSS NA (Due March 31)
• RSAC Booth Demo Submission (April 28 – May 1)

Upcoming Events

• RSA Conference April 28-May 1, 2025
• Confidential Computing Summit June 17-18, 2025
• Confidential Computing Mini Summit June 26, 2025
• AI Infra Summit September 9-11, 2025
• OSFF October 21-22, 2025

From the TAC

Last month we talked about emerging interest across the Consortium to advance Trustworthy Workload Identity. In a nutshell, Confidential Computing can provide cryptographic evidence about the integrity and identity of a workload. However there are ease of use gaps in our common tooling and gaps in the ecosystem’s recognition of these capabilities.

I’m happy to say that a charter quickly came together and that across the TAC there was clear agreement and possibly more importantly commitment to contribute to the goals of the charter. We voted to approve TWI as the newest SIG. You can find the charter here.

We are still standing up some infrastructure for it including a mailing list. Meanwhile you can always check the CCC calendar to find where and when meetings are taking place. For now TWI contributors will meet Tuesdays. View the calendar here.

Recent News

• At FOSDEM 2025, Dayeol Lee introduced ManaTEE, an open source framework enabling secure, privacy-preserving data analytics. By leveraging Privacy-Enhancing Techniques (PETs) and Trusted Execution Environments (TEEs), ManaTEE empowers researchers to analyze sensitive data with confidence. Now part of the Confidential Computing Consortium, ManaTEE is shaping the future of secure data collaboration. Read the blog to learn more about the framework, its use cases, and how you can contribute:

• Does Confidential Computing work with containers? The short answer: Yes. But the real question is how it works and what level of security isolation fits your needs. In this blog, Dan Middleton breaks down different interpretations of “containers” and explores four key isolation patterns for protecting containerized applications with Confidential Computing. Read the blog.

Subscribe to our newsletter!

February’s Issue:

• From the Executive Director
• NEW! Outreach: Job Board Page Now Live!
• Upcoming Events
• From the TAC: Trustworthy Workload Identity
• Recent News

Hello Community Member, welcome to our latest newsletter, where we share some highlights from my February travels across Europe and exciting updates in Confidential Computing.

From the Executive Director (ED)

February has been Europe-heavy for me, which  makes a change (and works for me as I’m based in the UK).  There were three different conferences – FOSDEM in Brussels, State of Open Con in London and the AI Security Summit in Paris.  FOSDEM was (as usual!) packed and chaotic, but with devrooms for Confidential Computing and Attestation both busy, and an extra pre-summit meeting around Attestation (there were just too many talks submitted to have them all in the official conference), the amount of interest at the developer level is clearly really picking up.

At State of Open Con, I presented at pun-heavy 15 minute session on PII (Personally Identifiable Information) and also appeared on a panel around Open Source Security, excellently moderated by Divya Mohan.  Sal Kimmich, our out-going Technical Community Arcthitect, presented a session on Secure Isolation and Trust Boundaries: A Crash Course for Engineers.  State of Open Con is now in its third year, and continues to be one of the best open source conferences of the year.

The AI Security Summit was held the day before the huge international AI summit in Paris, and was notable for me in that the number of people who had actually heard of Confidential Computing was much higher than I’m used to.  I gave an introduction to remote attestation and why it’s so important, and found myself able to dive deeper into the technical side than I’m used to: with FOSDEM and this, it really feels like the message is getting out there.

The last thing I’d like to do is mention a new Premier member to the CCC: Shielded Technologies joined us this month. We look forward to working with them and the various General and Associate members who have also recently joined.

Outreach: Job Board Page Now Live! 

We’re thrilled to announce that the CCC Job Board is now live! It features exciting career opportunities for professionals passionate about advancing secure computing technologies, with roles in research, development, and the implementation of cutting-edge confidential computing solutions. 

Check out the available positions and add your job postings to the board and connect with top talent! Visit the Job Board

Upcoming Events: 

• OC3 March 27, 2025
• RSA Conference April 28-May 1, 2025
• Confidential Computing Summit June 17-18, 2025
• Confidential Computing Mini Summit June 26, 2025
• AI Infra Summit September 9-11, 2025
• OSFF October 21-22, 2025

From the TAC: Trustworthy Workload Identity 

The ability to identify a workload across the internet with cryptographic certainty is one of the key capabilities of Confidential Computing. However, much of the ecosystem still relies on less secure mechanisms, such as using filenames or other easily spoofable features, to identify code. Identifying workloads with Confidential Computing techniques offers significant benefits, but we still face ease-of-use challenges. A new community effort is emerging to improve both industry standards for Workload Identity and its ease of use. Like our other open source initiatives, these meetings and documents are publicly accessible. If you’d like to get involved, you can find the latest updates on meetings and discussions on the TAC mailing list.

Recent News

• OC3 2025 Registrations are Open: The Open Confidential Computing Conference registrations are free and already open! Join us on March 27th, either online or on-site in Berlin, to learn all about the latest developments in confidential computing by thought leaders at Microsoft, Arm, NVIDIA and more!
  

• Intel Announces TEE-IO Support in Latest Xeon 6 Processors: On February 24, Intel launched the latest processors in the Intel Xeon 6 family and announced support for Trusted Execution Environment-IO (TEE-IO).  The Intel Xeon 6 processors with P-cores (formerly code-named “Granite Rapids”) include hardware support for Intel TDX Connect, Intel’s implementation of TEE-IO.  Intel TDX Connect will enhance the performance and flexibility of Confidential Computing use cases that include confidential operations on both the CPU and a PCIe-connected device such as GPU-accelerated confidential AI. Solutions based on Intel TDX Connect will require a capable CPU, an enabled host OS/hypervisor, and a TEE-IO capable device.  Intel is engaged throughout the ecosystem to accelerate enablement of complete solutions.

^{Image source: https://www.businesswire.com/news/home/20250224348229/en/}

Subscribe to our newsletter!

January’s Issue:

• From the TAC:  Path Forward for Confidential Computing in 2025
• Welcome 2025 Leadership
• NEW! Confidential Computing Messaging Guide
• Confidential Computing Summit Call for Papers
• Recent News

From the TAC

Confidential Computing in 2024: Growth, Security, and Collaboration Pave the Way for an Exciting 2025

In 2024 We did a great job working together on the TAC to make the world more secure with Confidential Computing, than any of us could have done as individuals or individual companies.

As an open source organization, seeing our projects grow is nearest and dearest to our hearts. Long standing projects like Gramine advanced with more and more adoption.

We grew our portfolio by 60% with new projects contributed by Intel, Samsung, Suse, and TikTok. These new projects span:

• Fundamental support for AI Accelerators to directly enable AI Cleanroom Capabilities. 
• As 2025 kicks off we already have a new project in the pipeline. Stay tuned for some news coming up real soon on that.

Our projects, already security focused, improved their security posture adopting best practices from the Open Source Security Foundation. All CCC projects have completed or initiated the OpenSSF Best Practice Badge. In 2025, we’ll help our projects get even more robust as we assess how Scorecards can identify additional improvements.  

Special Interest Groups

We revamped our mentorship program, welcoming a new cohort of mentees who are actively contributing to CCC projects and gaining security expertise—thanks to our dedicated maintainers who generously mentor them.

Our Special Interest Groups (SIGs) made great strides:

• The Kernel SIG is accelerating Confidential Computing feature upstreaming in the Linux Kernel.
• The Attestation SIG fosters collaboration on attestation data standards and protocols, with impactful developments expected in 2025.
• The Governance, Risk, and Compliance (GRC) SIG is driving awareness of critical concepts like Workload Identity, which the TAC will explore further this year.

Curious about Workload Identity? Come join us at a TAC or GRC SIG meeting or follow the discussion on our mailing lists.

Welcome to Our 2025 CCC Leaders

We’re excited to kick off 2025 by introducing our new leadership team:

Governing Board

Chair: Nelly Porter (Google)

Vice-Chair: Emily Fox (Red Hat)

TAC

Chair: Dan Middleton (Intel)

Vice-Chair Yash Mankad (Red Hat)

Outreach Committee

Chair: Rachel Wan (IBM)

Vice-Chair: Mike Ferron-Jones (Intel)

CCC Outreach

Driving Adoption and Engagement: Reflecting on 2024 and the Path Forward for Confidential Computing in 2025

Looking back at 2024, the Outreach Committee launched brand repositioning efforts, completed the Confidential Computing Messaging Guide, and shifted the focus from “What is Confidential Computing” to “Why Confidential Computing Matters.” The committee also proposed creative agency work, updates to the CCC website, and refinements to the logo and mascot. Additionally, we engaged IDC for a market analysis white paper to update market data and expand Confidential Computing coverage. We participated in key industry events, including FOSDEM, OC3, RSAC, CC Summit, and OSFF.

For 2025, our strategy focuses on enhancing CCC’s presence through creative agency work, market analysis, community outreach, events, and educational resources. These initiatives aim to strengthen our mission while increasing engagement and visibility across industries.

We invite the community to contribute by submitting use cases, sharing insights, and participating in upcoming events. Your involvement is vital to shaping the future of Confidential Computing and driving collective progress.

• Confidential Computing Messaging Guide was published on Jan 15, 2025.
• Upcoming events:
  • FOSDEM
  • OC3 (Open Confidential Computing Conference): OC3 2025 Registrations are Open!
  • RSAC
  • CC Summit
  • AI Infra Summit
  • FINOS/OSFF

The Confidential Computing Summit Returns for Year 3!

Mark your calendar for June 17-18 in San Francisco as the Confidential Computing Consortium collaborates with Opaque Systems for the third annual Confidential Computing Summit.

Bringing together the brightest minds in confidential computing, secure AI, and privacy-preserving technologies, the Summit will explore the transformative potential of generative AI across industries like finance, healthcare, and manufacturing while learning how to keep sensitive data secure.

Snag the Early Bird rate now and watch last year’s inspiring keynotes.

Call for Speakers: Deadline February 17

Have a real-world use case or breakthrough to share? Submit your session proposal and join the conversation shaping the future of confidential computing and trustworthy AI. Submit here.

Recent News

• IBM: Launched TDX Beta
• GCP: Expanded Confidential Computing capabilities
• Partisia Platform: Improving recovery of critical data in disaster zones

Subscribe to our newsletter

October Recap: Highlights include KubeCon + CloudNativeCon NA, new CCC project tech talks, and top community blog posts.

In this month’s issue:

1. Executive Director October Recap
2. KubeCon & CloudNativeCon NA
3. Tech Talks + New CCC Project
4. Community Blog Highlights

Executive Director Update

October/November is voting time at the Confidential Computing Consortium, and so if you are a member of the consortium, we welcome your application to stand as chair or vice chair of any of our three committees: Governing Board, Technical Advisory Committee, and Outreach Committee.  It is with sadness that we say goodbye to Ron Perez, who has served as Chair of the Governing Board with great wisdom and patience, providing his experience to all and sundry.  We wish him well and thank him for his work with the Consortium: I personally have benefited immensely from his counsel and advice during his tenure.

The CCC also appeared at OSS Japan again this year.  Mark Medum Bundgaard of Partisia and I hosted a Birds of a Feather session on Privacy-Enhancing Technologies (PETs) and presented a session on Confidential Computing for AI, Multi-Party Collaboration and Web3: as always, I’m very happy to share my slides and discuss with anybody with an interest.  Next month a number of members will be in Salt Lake City for Kubecon North America – if you can make it, we’d love to see you there.

Meet Us at KubeCon NA

Come Join Us For Some Fun!!

Stop by the CCC Booth (Q25) for various activities throughout the event.

We have prepared;

• Privacy Jeopardy during KubeCrawl
• CC Scavenger Hunt
• Mini Sessions
• Demos
• Fun Swags

You can use our 20% discount code to register: KCNA24TYKAN20

Can’t wait to see you there!!

Register Here

Tech Talks

Our Tech Talk series continued strong with a presentation from Caroline Perez-Vargas on Microsoft’s new OpenHCL project. Since Caroline’s talk the project has been made available on GitHub with an open source license. There’s a natural next step for this project but I just can’t put my finger on it. 😉   Oh well, we’ll just have to see what they have in mind to expand the contributor base with Confidential Computing subject matter experts.

We also heard from Chanda Nelogal on Extending Confidentiality to Data Storage. Chandra introduced us to intersections with Confidential Computing and Self Encrypting Drives. As we see Confidential Computing capable devices enter the market, some of us have focused on accelerators, but storage devices are an interesting and important category. We look forward to Chandra returning to take the conversation further.

TAC Tech Talk playlist 

CCC Welcomes New Open Source Project

We are excited to announce the addition of a new project to the Confidential Computing Consortium (CCC) portfolio: ManaTEE. This innovative platform creates secure data clean rooms, enabling privacy-compliant collaboration for industries like healthcare and finance. ManaTEE supports tools such as Jupyter Notebooks, providing a flexible environment for secure multi-party research and analysis.

Learn about ManaTEE Here

Hello Community!

Welcome to the 2024 September Newsletter

In Today’s Issue:

1. Executive Director September Recap
2. Recordings from the CC Mini Summit @ OSSEU
3. TAC Tech Talks & Upcoming Discussions
4. Community Blog Highlights

Welcome to the September edition of our newsletter – your guide to awesome happenings in our CCC community. Let’s go!

Executive Director Update

September saw us holding a Confidential Computing Mini-Summit, co-located with Open Source Summit Europe in Vienna.  Despite torrential rain and major flooding in the preceding days, all of the speakers and panel members made it and we had an interesting – and sometimes spirited! – set of discussions.  I particularly enjoyed moderating a panel on attestation – see below for more on that topic.  The slide decks from the speakers as well as the video recordings at the Mini-Summit will be available for you to watch.

I also popped over to Dublin for the Eyes Off Data Summit, where I appeared as a panel member in a session about the opportunities and challenges of Confidential Computing.

The main thing that I’m seeing at the moment in the community is a realization that while there’s still a lot of work to be done educating the wider world on the basics of Confidential Computing and TEEs, the really interesting work and the really exciting business opportunities are likely to revolve around attestation.  This is reflected in the conversations we’re having at conferences and the work that we’re doing in the CCC.  There are two main streams of work: the technical, where we’re looking at definitions, protocols and related areas; and business questions such as “who should run an attestation verification service?” and “what sorts of policies should we expect an attestation verification service to enforce?”.  Spanning these streams is the work by the Governance, Risk and Compliance (GRC) SIG, which also considers issues around regulation.

If any of this sounds interesting to you, or you’d like to be involved in any way in the work of the CCC, we’d love to hear from you.

Get in touch

CC Mini Summit Recordings & Slides

On Demand Content is Available NOW!

Enjoy the recordings from the Confidential Computing Mini Summit at OSS EU.

Watch the Recording

TAC Update

This month we had three really deep tech talks. A couple are more on the advanced end of the spectrum but don’t let that scare you away from checking them out. They were all presented in really accessible formats. You’ll see the TAC Tech Talks playlist alongside our other playlists on the CCC YouTube channel:

TAC Tech Talk playlist 

Heading into October we’re in our final quarter to complete the goals we set for ourselves for the year. One of the big topics is getting Confidential Computing Features upstreamed into the Linux Kernel. The primary maintainers conference (The Linux Plumbers Conference) just concluded in late September so we’ll be getting some feedback from that in the TAC in October.

We’re also looking at starting some new work related to attestation verification. Feedback from another exercise showed us that there’s still areas that need a common definition. Among them, being able to identify entities that are in and out of the Trusted Computing Base (TCB), also informally called the trust boundary. Entities like CSPs are pretty big and we want to be more granular to more accurately reflect who is and isn’t trusted for a given deployment – or at least what sort of questions an adopter should think through.

Community Blog Highlights

• • Confidential Computing for Secure AI Pipelines: Protecting the Full Model Lifecycle
  • Strengthening Multi-Cloud Security: The Role of COCONUT-SVSM in Confidential Virtual Machines
  • Exploring Enclave SDKs: Enhancing Confidential Computing
  • Library OS for Confidential Computing: Enhancing Data Security with Cutting-Edge Projects
  • Enabling Verifiable, User-Owned and Tradable AI Agents in Games – with Veriplay, Polygon, Immutable and Super Protocol

In Today’s Issue:

1. Executive Director August Recap
2. Agenda Released! CC Mini Summit @ OSSEU
3. Post-Quantum Cryptography
4. Web3 Use Case
5. Community Blog Highlights

Welcome to the August edition of our newsletter – your guide to awesome happenings in our CCC community. Let’s go!

Executive Director August recap

While it’s holiday season in much of the Northern Hemisphere, the CCC’s work continues (uninterrupted even by the Olympics and Paralympics!), and as we’ve grown over the past few years, we’ve made the decision to continue Governing Board meetings throughout the year, instead of breaking for the (Northern) summer period.  The Governing Board manages the strategic and policy directions of the CCC, including budgetary decisions and the acceptance of new open-source projects into the Consortium.  Attendance is open to officers of the Consortium, Premier Member representatives, and the elected Governing Board representatives of the General Members.  Representatives from other committees typically attend and present the status of work in their respective areas and sometimes the Governing Board requests reports from other groups.

While keeping within the governance structure of the Consortium, we try to maintain a “minimal viable governance” approach.  Post-Covid (and changing travel budget constraints for many organizations), opportunities to meet in person have been reduced, so we are considering a face-to-face meeting (supplemented by video conferencing) at the Linux Foundation Member Summit in November: please let us know if you’re going to be there (even if you’re not a Premier member!).

One of the areas that the Governing Board has been keen to promote work on this year has been lowering barriers to the adoption of Confidential Computing.  One of these is the availability of Attestation Verification Services, which allow consumers of Confidential Computing services to gain the cryptographic assurances about the workloads they need.  Attestation is a core part of Confidential Computing, and the word “attested” was deliberately added to the CCC’s definition of Confidential Computing to reflect that:
“Confidential Computing is the protection of data in use by performing computation in a hardware-based, attested Trusted Execution Environment.”

The CCC has recently kicked off a piece of work to encourage discussion of business models around Attestation Verification Services and to help those considering providing or consuming them.  An initial discussion document has generated a great deal of input and the plan is to start a working group with online meetings later in August.  If you are interested in participating, please get in touch.

CC Mini Summit Agenda Announced!

Bringing EU Community Together

CCC is hosting the “Confidential Computing Mini Summit” at the Open Source Summit EU, Vienna Austria

• 📢 Mini Summit Agenda
• ⏰ Time: 13:30 – 17:00
• 📍 Room 0.14 (level 0) – see floor plan here
• 🎫 Mini Summit Registration Fee: $10
• 💰 20% Discount Code for Main Summit: OSSEUCOLOSPK20
  (*Note: Registration for the main conference is required to attend the Mini Summit.)
• Register Here

Post-Quantum Cryptography

Over the last few weeks at TAC meetings, we’ve been discussing the new evolution of cryptography called Post-Quantum Cryptography or PQC. As full-scale quantum computers become more and more likely, cryptographers have had to invent new algorithms that will remain secure against adversaries with new capabilities. In Confidential Computing, we rely on cryptography in a number of ways to protect workloads in use. As a trusted execution environment (TEE) starts we use cryptographic hash algorithms to fingerprint each component.

Later we use cryptographic signatures when the hardware attests to those measurements. While the workload is running the memory is protected with encryption and in some cases integrity provisions. Some of these algorithms are more impacted by quantum computing than others. Hardware vendors will need to update their algorithms. Software vendors may want to shield downstream adopters by carefully designing their APIs. If you are interested to learn more keep your eyes open for an upcoming blog on our Post Quantum Cryptography discussions or watch our Tech Talk.

TAC Tech Talk playlist 

Bringing EU Community Together

CCC is hosting the “Confidential Computing Mini Summit” at the Open Source Summit EU, Vienna Austria

• 📢 Mini Summit Agenda
• ⏰ Time: 13:30 – 17:00
• 📍 Room 0.14 (level 0) – see floor plan here
• 🎫 Mini Summit Registration Fee: $10
• 💰 20% Discount Code for Main Summit: OSSEUCOLOSPK20
  (*Note: Registration for the main conference is required to attend the Mini Summit.)
• Register Here

Web3 Use Case

Enabling Verifiable, User-Owned and Tradable AI Agents in Games – with Veriplay, Polygon, Immutable and Super Protocol

True Web3 Games, with their potential for rich gaming experiences, advanced AI agents, and genuine digital asset ownership, can only reach their full potential through the implementation of Confidential Computing in a truly decentralized manner. The Confidential Computing Consortium, alongside its member Super Protocol, is at the forefront of this revolution, demonstrating how these technologies can unlock new business opportunities.

Read the Full Use Case

Community Blog Highlights

• Attestation Libraries for Confidential Computing: Veraison and SPDM Tools
• End-User Devices for Confidential Computing: Exploring Islet
• Understanding Trusted Firmware in Confidential Computing: Coconut SVSM and VirTEE
• Catch the Exclusive Interview with Mike Bursell at the Confidential Computing Summit 2024

In Today’s Issue:

1. Executive Director July Recap
2. The Case for Confidential Computing
3. Community News
4. OSS EU 2024, Confidential Computing Mini Summit

Welcome to the July edition of our newsletter – your guide to awesome happenings in our CCC community. Let’s go!

Executive Director July recap

Following the announcement of a 12-month free subscription to the CCC for new members of under 100 employees, we’ve had a steady stream of new members and it’s continuously growing! If you are a start-up and would like to get involved in the CCC’s work (or you know another organization that might be interested), please get in touch. You can find information about many of the benefits on our website.

This month, I went back in Asia, meeting members (and potential members) in South Korea and Singapore. The CCC sponsored the Privacy-Enhancing Technology Summit Asia-Pacific again this year and we had a fantastic turnout. Read the full recap blog here.

Having had the CC Summit in North America and the PET Summit in Singapore, we’re not about to leave out Europe, where we’re seeing increasing interest and traction for Confidential Computing. I led a panel discussion on CC for the European Central Bank with Parviz Peiravi from Intel and Felix Schuster from Edgeless Systems recently. And we’re also running a CC Mini-Summit at Open Source Summit in Vienna on the 19th September. No waltzes are promised, but there are opportunities to speak: still few more days to submit your talk! Mini Summit CFP

CCC’s Use Case Report is LIVE

As the collection, storage, and analysis of data become increasingly important across industries, businesses are looking for solutions that keep data secure and processes compliant with regulations. Confidential computing is one of these solutions, involving the use of a trusted execution environment that runs on shared infrastructure but processes data away from unauthorized users.

This use case report interviewed members of the confidential computing community on the ways they have implemented the technology and what they believe its future holds.

Read the Full Report

Community News

• Homeland Security Awards Contracts to Hushmesh to Identify, Develop, and Implement Privacy-Enhancing Digital Wallets Technologies
• Highlights from Confidential Computing Summit 2024
• Intel + Opaque + ONCD on AI Implications f
  or Enterprise
• Intel Security Community blog on CCC’s Use Case

Meet us at Open Source Summit

Bringing EU Community Together

CCC is hosting the “Confidential Computing Mini Summit” at the Open Source Summit EU, Vienna Austria

• ⏰ Time: 13:30 – 17:00
• 🎫 Mini Summit Registration Fee: $10
• 💰 20% Discount Code for Main Summit: OSSEUCOLOSPK20
  (*Note: Registration for the main conference is required to attend the Mini Summit.)
• Register Here

In Today’s Issue:

1. Executive Director June Recap
2. NEW ANNOUNCEMENT!
3. Securing the Software Supply Chain
4. Community News
5. OSS EU 2024, Confidential Computing Mini Summit

Executive Director June recap

It was great to meet so many of you at the Confidential Computing Summit in San Francisco – both at the CCC sponsored meet-up at a local speakeasy and at the conference itself. I would like in particular like to thank everyone who engaged with and supported the work we’re doing at the CCC – by coming to the booth, talking to us in person and, of course, attending and speaking sessions. As well as a great deal of discussion around use cases (with a particular focus on AI), many people were interested in getting involved in discussions around business models for remote attestation, one of several topics I brought up in my keynote session (regulator and standards engagement was another popular one).  If you’re interested in getting involved, please let me know!

Combined with a number of podcasts, webinars and panel discussions at various conferences, interest in and visibility of Confidential Computing really seems to be picking up. We’ve got a working group on repositioning the CCC’s messaging to ensure that we’re able to respond to industry and ecosystem interest: we’d love more involvement in this as well.

Exciting News for Start-ups!

The Confidential Computing Consortium (CCC) has launched a new membership tier tailored for start-ups, offering a complimentary first-year membership. This initiative aims to empower emerging companies by providing access to vital resources, collaborative opportunities, and industry insights. Eligible start-ups can connect with leaders, gain educational materials, and influence industry standards. This is a fantastic chance to be part of the future of secure computing. 

 To learn more and apply, visit the Confidential Computing Consortium blog.

Securing the Software Supply Chain

In the wake of SolarWinds and other high-profile supply chain attacks, Confidential Computing offers new ways to protect the integrity of the software we all rely on. 
Recently we heard from Chad Kimes of Github and Marcela Melara from Intel on securing the software supply chain. They shared their work on SLSA, in-toto, & CI/CD for secure, attestable builds. You can watch their tech talk here.

Community News

• IBM Cloud Expands Confidential Computing Adoption with Intel SGX
• How Confidential Accelerators can boost AI workload security
• Confidential Computing at Identiverse: The Internet’s missing cryptography engine
• Intel Principal Engineer and CCC Advisory Chair Discuss Enhancing the Confidential Computing Ecosystem’s Value and Impact

Meet us at Open Source Summit

Bringing EU Community Together

CCC is hosting the “Confidential Computing Mini Summit” at the Open Source Summit EU, Vienna Austria.

• ⏰ Time: 13:30 – 17:00
• 🎫 Mini Summit Registration Fee: $10
• 💰 20% Discount Code for Main Summit: OSSEUCOLOSPK20
  (*Note: Registration for the main conference is required to attend the Mini Summit.)
• Register Here

Have a topic you want to present at the Mini Summit? Submit CFP Here

Welcome to the 2024 CCC Newsletter- your guide to awesome happenings in our CCC community.

In Today’s Issue:

1. Welcome New Members from the Confidential Computing Consortium
2. New SIG to Bridging the Gap Between Linux Kernel and Confidential Computing Developers
3. Meet us at RSAC
4. Outreach Engagement

From the Executive Director

The conference season is well and truly upon us and I’m pleased to be speaking at a number of them during the next few months.  It’s also great to see more sessions on Confidential Computing being accepted by program committees: if you or a colleague is presenting at a conference session, please let the Outreach committee know so that we can spread the word via the newsletter, social media and beyond.

NVIDIA Premier Membership

I’m also very glad to be able to welcome NVIDIA as a Premier Member.  They have been with the CCC for a while, but have recently moved up to Premier, with Michael O’Connor serving as their GB representative.  In fact, we’re beginning to see an uptick in engagement by members across the committees, SIGs and beyond: this can only help the goals of the CCC as we make the most of the opportunities that are arising as the ecosystem realizes the benefits that Confidential Computing can bring.

I hope to see you at one of the conferences we’re attending: please let us know if you’re going to be at any of them – details available on the website under Events.

Read about NVIDIA and our upcoming Events.

I

FROM The TAC

Announcing Our New SIG: Bridging the Gap Between Linux Kernel and Confidential Computing Developers

We’re thrilled to unite two groups within the same company who haven’t always been in communication: Linux Kernel developers and Confidential Computing developers. While some individuals may straddle both roles, often they represent distinct disciplines.

Read about the SIG and upcoming meetings.

Bringing Confidential Computing to RSAC 2024

Membership Has Its Benefits. Get an Extra $150 off RSAC 2024.

Join us May 6 – 9 at RSAC 2024, the ultimate cybersecurity destination. Immerse yourself in expert-led sessions, connect with industry leaders, and discover the latest trends and best practices. Elevate your cybersecurity game and be a part of shaping the industry’s future. Don’t miss this opportunity to advance your skills and network with the best in the field. 

CCC members save an additional $150 when registering with code 14UCCCFD. Register now. 

Visit us at Booth #2161 (South Expo)

CCC $150 Discount Code: 14UCCCFD

CCC FREE Expo Pass Code: 52ECONCOMPXO 

VIEW FULL AGENDA

Outreach Engagement

CCC at Industry Conferences

• RSAC (May 6 – 9)
  • Come visit us at our Booth #2161
  • Speaking:
    • So You Want to Open Source Your Project?  Hold Your Horses
    • Data-in-Use Protection: Privacy-Enhancing Technologies (PETs) for Business
    • The Mesh is the new Web.  Time to move beyond 35-year-old vintage Web tech.
• Identiverse (May 28 – 31)
  • Panel: Confidential Computing: The Internet’s missing cryptography engine
• Hardwear io (May 28 – Jun 1)
  • Panel: A new root of trust: changing computing with Trusted Execution Environments
• Confidential Computing Summit (Jun 5 – 6)
  • Keynote & Breakout sessions

New Blog Series to Add to Your Favorite

• The CIA Triad for Confidential Computing
• Collaborative Security: The Role of Open Source in Confidential Computing
• Basics of Trusted Execution Environments (TEEs): The Heart of Confidential Computing
• The Evolution of Cybersecurity: From Early Threats to Modern Challenges
• Introduction to Confidential Computing: A Year-Long Exploration

Register for CC Summit