The Confidential Computing Consortium brings together hardware vendors, cloud providers, and software developers to accelerate the adoption of Trusted Execution Environment (TEE) technologies and standards.
Confidential Computing is the protection of data in use by performing computation in a hardware-based, attested Trusted Execution Environment.
Across industries computing is moving to span multiple environments, from on premises to public cloud to edge. As companies move to these environments, they need protection controls for sensitive IP and workload data and are increasingly seeking greater assurances and more transparency of these controls. Current approaches address data at rest and in transit; confidential computing will address data in use.
A common, cross-industry way of describing the security benefits, risks, and features of confidential computing will help users make better choices for how to protect their workloads in the cloud. Of the three data states, “in use” has been less addressed because it is arguably the most complicated and difficult. This is a major change to how computation is done at the hardware level and how we structure programs, operating systems, and virtual machines. Currently confidential computing solutions are manifesting in different ways in hardware, with different CPU features and capabilities, even from the same vendor.
There is a breadth of organizations in the industry focused on problems in security from a number of perspectives (standards and protocols, education, marketing, certification, etc.). The Confidential Computing Consortium focuses specifically on open source licensed implementation work with respect to data-in-use scenarios. The organization acts as a home for such open source projects to support their growth and success, as well as a place to document and share best practices and discuss new challenges. The industry can rally behind CCC for implementation and other related orgs for standards and certification.
It establishes open source software and standards, providing tools for developers working on securing data in use.
The Confidential Computing Consortium makes it easy for developers to add secure enclave technology to their applications. Specific examples include:
- Building secure multi-party dataset machine learning models.
- Allowing confidential query processing in database engines within secure enclaves.
- Protecting sensitive data in IoT edge devices such as patient information, billing/warranty activity, and ML model execution.
Can this technology/confidential computing be used for nefarious purposes? How will the CCC protect against this?
There are research experiments that have been probing Intel-based enclave technologies. But there are also best practices for securing enclaves, and the Confidential Computing Consortium will be a place to educate developers on new threat models and best practices to protect against them.
A TEE is a Trusted Execution Environment and is key to confidential computing.
What are the minimal number of entities that a data or workload owner must trust to protect their data in use?
Two: the entity responsible for the code running in the TEE, and the TEE hardware manufacturer. Some solutions or variations might require more than two, and the owner can always choose to trust more than the minimum. In practice, rather than personally vetting all code that runs in a TEE, one might choose to trust a security analyst firm to vouch for it, or one might even choose to trust the community at large to vet open source code, though that typically provides a much weaker level of assurance and so for highly sensitive data a stronger approach to source code vetting is recommended.
Can TPMs provide data integrity? If you're using a TPM, do you still need to use Confidential Computing?
Trusted Platform Modules (TPMs) provide basic functionality such as encryption, signing, and measuring, but are not general purpose computing environments.
TPMs can provide data integrity only for data which is recorded inside them, but not for the data that is passed to a TPM for purposes of encryption, signing, or measuring. Ensuring such integrity requires the component passing such data to the TPM to also have integrity protection, such as being implemented in ROM or a TEE.
Can homomorphic encryption provide data integrity? If you're using homomorphic encryption, do you still need to use Confidential Computing?
Homomorphic Encryption does not directly provide integrity of the ciphertext nor of the computation. It must be combined with other cryptographic or Confidential Computing techniques. Unlike Confidential Computing, Homomorphic Encryption is not a general purpose computing environment, but a cryptographic technique that can perform limited arithmetic and boolean operations on specially encrypted data.
Often Homomorphic Encryption is conflated with the more theoretic Functional Encryption which provides primitives closer to Trusted Execution Environments (TEEs). In fact, it has even been proposed to deliver Functional Encryption using TEEs.
The TCG publishes standard specifications for the TPM hardware, the various profiles for TPM use-cases (e.g., PC client, mobile, IoT), their attestation evidences, and specifications covering other forms of hardware-based roots of trust (e.g., DICE hardware latches). These specifications complement the effort in the CCC that make use of TEEs that may be reliant on other hardware-based roots of trust for booting the system into a safe state where the TEE can function correctly.
The TCG publishes general purpose standards specifications but does not produce implementations of the specifications. The CCC is a home for open source projects and so the organizations can be complementary if there are open source projects relevant to the use of TPMs for Confidential Computing.
The IETF publishes general purpose standards specifications but does not produce implementations of the specifications. The CCC does not publish standards specifications but is a home for open source projects, including ones implementing IETF specifications related to Confidential Computing. As such, the organizations are complementary. The Trusted Execution Environment Provisioning (TEEP) and Remote Attestation Procedures (RATS) working groups in the IETF are particularly relevant to Confidential Computing.
What is the relationship between the CCC and other open source organizations such as CNCF and OpenSSF?
Like the CCC, the Cloud Native Computing Foundation (CNCF), Open Source Security Foundation (OpenSSF), and Trusted Firmware (TrustedFirmware) are open source organizations. The CNCF, OpenSSF, TrustedFirmware, and similar open source organizations may contain projects that use or are used by open source projects in the CCC.
There are a variety of other open source projects and organizations that have a similar alignment of consuming CCC technologies and producing Confidential Computing requirements.