Skip to main content

Core Concepts

Confidential Computing

Confidential computing secures data in use by executing computations within a hardware-based trusted execution environment (TEE). The term "confidential computing" is often used interchangeably with "secure enclaves" and "trusted execution environments". The current page outlines the key aspects of confidential computing, its applications, functionalities, and the technologies implemented by leading providers like AWS Nitro Enclaves, Intel TDX, and AMD SEV-SNP. However, given the complexity of the topic, we encourage you to explore the links provided throughout the documentation for a deeper understanding.

What is Confidential Computing?

Confidential computing is a security paradigm designed to protect data while it is being processed. Unlike traditional data protection that focuses on data at rest and in transit, confidential computing specifically secures data in use. A TEE is a secure area of a main processor. It guarantees the protection of code and data loaded inside in terms of confidentiality and integrity. In simple terms, it’s like having a lockbox in the middle of an open room where the contents of the lockbox cannot be seen or altered, even though the box itself is accessible. This approach addresses the vulnerability of data being exposed in memory to unauthorised entities during computation.

Confidential computing is based on three main principles:

  • Isolation: Data and code are isolated in a TEE, ensuring that they are executed in a secure enclave separate from the main operating system and other applications. This isolation is maintained even for users with administrative privileges on the host machine.
  • Encryption: Memory allocated to the TEE is encrypted, making it unreadable to anyone outside the TEE, including the host operating system, hypervisor, and the hardware beneath it. This approach ensures data protection even in environments where multiple tenants share physical hardware resources.
  • Attestation: Attestation mechanisms verify the integrity of the TEE and the authenticity of the software running inside it. This process ensures that the TEE has not been tampered with and is running the expected code, thereby establishing a chain of trust from the hardware to the software layer.

To ensure these principles are satisfied, confidential computing uses processors with built-in support for creating secure enclaves. These processors perform cryptographic operations that underpin the security of the TEE. In addition, memory encryption prevents data from being read even if physical access to the server is obtained.

Use Cases

Confidential computing is applied across various sectors to secure critical and sensitive workloads:

  • Financial Services: Secure processing of transactions and sensitive financial data.
  • Healthcare: Management of personal health information with utmost confidentiality.
  • Government and Public Sector: Handling classified or sensitive government data.
  • Multi-party Computation: Enabling collaboration on data analysis among multiple parties without exposing individual datasets.

How Does Confidential Computing Work?

The implementation of confidential computing involves some core components:

  1. Hardware Support: Specialised hardware that establishes a secure enclave for data processing.
  2. Attestation Services: Validating the integrity and authenticity of the secure enclave and its code.

Each cloud provider has its own name and architecture to supply confidential computing solutions to its clients. In the following section, you find a brief overview of different options available on the market.

AWS Nitro Enclaves

AWS Nitro Enclaves uses the Nitro System to protect customer data from both external threats and privileged insiders. Key components include:

  • Nitro Cards: Handle specific virtualisation functions independently of the main server hardware.
  • Nitro Security Chip: Ensures the integrity and security of the hardware running customer workloads.
  • Nitro Hypervisor: Manages system resources while ensuring isolation between workloads.

Intel TDX

Intel TDX provides hardware-isolated Virtual Machines (VMs), known as Trust Domains (TDs), to enhance data security and intellectual property protection in cloud environments. TDX isolates TD VMs from the Virtual Machine Manager (VMM), the hypervisor, and other non-TD software on the host platform. It offers:

  • Memory and CPU State Confidentiality and Integrity: Protects sensitive information from software and some hardware attacks.
  • Secure Arbitration Mode (SEAM): Hosts a security-services module to enforce security policies and manage memory access.
  • Remote Attestation: Verifies that the workload is running on an Intel TDX-enabled platform before data is accessed.

AMD SEV-SNP

AMD SEV-SNP technology encrypts VM memory in multi-tenant environments to protect against cross-VM and hypervisor attacks. It provides protection from untrusted BIOS, the hypervisor, device drivers, and cloud management software.

Challenges of Confidential Computing

The additional security provided by confidential computing comes with some costs, particularly in terms of performance and complexity. Encrypting and managing secure enclaves can result in performance overhead. However, with careful implementation and deployment, this performance overhead can be minimised. Furthermore, the establishment and maintenance of secure enclaves entail significant management overhead, including the handling of encryption keys and attestation protocols.

OBLV Deploy Approach

OBLV Deploy uses AWS Nitro Enclaves to build a confidential computing solution that is easier to manage and includes additional services. On the What's OBLV Deploy page, you can find a comparison between the AWS Nitro Enclaves and OBLV Deploy solutions. OBLV Deploy team is working continuously to expand the supported cloud providers, including Microsoft Azure and Google Cloud Platform.

What's Next?

Refer to the Glossary page to find definitions and explanations for key terms and concepts used throughout this documentation.