# Confidential Computing ## See also ### - [[Confidential Computing Consortium]] ### - [[Open Confidential Computing Conference]] ### - [[Google Cloud Confidential Computing]] ### - [[AMD SEV|AMD Secure Encrypted Virtualization]] ## [The open-source landscape of confidential computing in 2021](https://blog.edgeless.systems/the-open-source-landscape-of-confidential-computing-in-2021-7f847ebfc0a9) By [[Edgeless Systems]] on [[2021-01-21]] ![[Pasted image 20220321232410.png]] On the lowest layer (“foundations”), we find the two well-known projects SGX SDK and Open Enclave. They take care of really low-level things like handling in-enclave exceptions and make enclaves programmable in C and subsets of C++. Except for EDP, Enarx, and Graphene, all projects are directly or indirectly based on one of the two. These projectes can roughly be categorized into language runtimes, library OSes, DevOps tools, app frameworks and actual apps. Here, Red Hat’s Enarx is again an outlier as it doesn’t really fit into this taxonomy. The circumstance that it runs [WebAssembly (WASM)](https://webassembly.org/) and that it has an enclave-specific implementation of the [WASI](https://wasi.dev/) makes it somewhat a hybrid between a language runtime and a library OS. It also has features that are normally found in app frameworks. **Observations** What’s interesting is that the landscape actually grew from the far ends towards the middle. Folks, including myself when I was still working at Microsoft, started building applications as soon as basic tooling was available. Signal was built on SGX SDK directly, CCF is based on Open Enclave and Project Oak evolved from the groundwork of Asylo. Meanwhile, tooling improved and support for more modern/high-level programming languages like Rust or Go was added by projects like the Rust SGX SDK or Edgeless RT. In parallel, the breed of library OSes appeared, which promise to run most code regardless of programming language at the cost of a more complicated trusted computing base (TCB). In essence, library OSes try to mimic a Linux-like environment inside enclaves. The SGX-LKL project even goes as far as actually running a full Linux kernel towards this end. Finally, we’re now seeing the appearance of the first DevOps tools, namely Inclavare and Marblerun. Both were released in the last couple of months. I see it as a great sign of maturity for confidential computing that more and more blank spots on the open-source map are closing. With our Marblerun, for instance, it is now possible to have secure _and_ scalable cloud-native confidential-computing apps running on vanilla Kubernetes. (Check out our recent [post](https://medium.com/edgelesssystems/why-we-need-a-service-mesh-for-confidential-computing-part-3-3-ffc00b2c3508) on “Marblerun — the service mesh for confidential computing” to learn more.) What is striking is that there are only very few apps built on the latest and greatest tools and frameworks. Our prediction for 2021 is that the now available tooling will set loose a wave of innovation in apps and that we’ll continue to see substantial improvements on the tooling side. At Edgeless, we have some great apps and tools in the pipeline and will share more soon. Our recently released [EGo framework](https://medium.com/edgelesssystems/ego-effortlessly-build-confidential-apps-in-go-dc2b1460e1bf) make the creation of confidential microservices as easy as > ego build my-service.go && ego sign my-service && ego run my-service In addition, the next release of Marblerun will add support for Graphene and Occlum-based services. This will make it easy to add confidential computing capabilities to existing microservice architectures. ## [How IBM Is Bringing Confidential Computing into the Mainstream](https://www.eweek.com/innovation/how-ibm-is-bringing-confidential-computing-to-the-mainstream/) [[2020-07-23]] (abridged) ### Summary of players and technologies (as of July 2020) So, what exactly is confidential computing? In short, the phrase describes services and solutions that fully protect information across the entire scope of its use in business, from the build process to management functions to data-driven services and functions. In August 2019, vendors including Alibaba, Arm, Baidu, IBM, Intel, Google Cloud, Microsoft and Red Hat announced the formation of the [Confidential Computing Consortium](https://www.linuxfoundation.org/uncategorized/2019/10/confidential-computing-consortium-establishes-formation-with-founding-members-and-open-governance-structure/). With the help of the Linux Foundation, members plan to substantially improve security for data in use.  How does one secure “data in use”? Think of it as a logical next step beyond conventional solutions, like encrypting data when it is at rest (in storage environments) and in transit (being moved across networks). In essence, the Confidential Computing Consortium aims to improve methodologies for keeping data continuously encrypted, including when it is being processed in memory for business applications and processes. Doing so keeps sensitive or valuable data from being exposed to the rest of the system (and possible intruders) while offering users greater security, transparency and control. Several consortium founders made initial contributions to the project, including IBM’s Red Hat sharing [Enarx](https://next.redhat.com/2019/08/16/trust-no-one-run-everywhere-introducing-enarx/) for running [Trusted Execution Environment](https://en.wikipedia.org/wiki/Trusted_execution_environment) (TEE) applications, Intel providing its [Software Guard Extensions](https://software.intel.com/content/www/us/en/develop/topics/software-guard-extensions.html) (SGX), an SDK for protecting code at the hardware layer and Microsoft offering its [Open Enclave SDK](https://openenclave.io/sdk/) for building TEE applications. Since its launch, Consortium members have continued their work on confidential computing technologies, and the group has attracted new members, including Accenture, AMD, Facebook and Nvidia.  Individual consortium members are also developing their own offerings. For example, at the recent Cloud Next conference [Google announced](https://cloud.google.com/blog/products/identity-security/introducing-google-cloud-confidential-computing-with-confidential-vms) a new cloud security program, Confidential VMs (virtual machines) that support processing of encrypted data. Google’s Confidential VMs use the [AMD EPYC secure encrypted virtualization (SEV)](https://developer.amd.com/sev/) technology. ### IBM's confidential computing initiatives Links: [[IBM]], [[IBM Confidential Computing]] While it’s great to see vendors cooperating on the development of important new technologies, IBM was developing and delivering confidential computing solutions and services long before the group effort was announced. Badlaney and Hunter’s blog discusses those efforts, as well as recent advances in some detail. For example, the pair noted that the company [announced its first confidential computing capabilities](https://newsroom.ibm.com/IBM-cloud?item=30335) in March 2018 at its annual Think conference with the launch of [Hyper Protect Services](https://www.ibm.com/cloud/hyper-protect-services).  ==Those IBM Cloud Hyper Protect Services are based on secure enclave technology that integrates hardware and software and leverages what the company calls “the industry’s first and only [FIPS 140-2 Level 4](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf) certified cloud [hardware security module (HSM)](https://www.ibm.com/cloud/hyper-protect-crypto).”== The portfolio now includes three services: IBM Cloud Hyper Protect Crypto Services, Hyper Protect DBaaS and Hyper Protect Virtual Servers. These provide customers complete authority over sensitive data, associated workloads and the cloud encryption keys.  ^6a5a20 Since that initial release, IBM Cloud has [continued to discuss the critical importance of securing customers’ sensitive data and workloads](https://www.ibm.com/blogs/systems/hyper-protect-your-sensitive-data-and-workloads-in-the-cloud/), and has added new features to Hyper Protect Services. These include advances that meet key compliance requirements for GDPR, ISO 27K, HIPAA Ready, IRAP Protected and SOC 2 Type 1 reports. Those are critical capabilities for global enterprises and companies working in compliance-focused industries.  Currently, IBM’s production-ready confidential computing solutions are being used by customers, including [Daimler](https://newsroom.ibm.com/2020-07-01-Daimler-Expands-Relationship-with-IBM-Adopts-IBM-public-cloud-for-its-security-capabilities). The company also brought this same technology to Apple CareKit via the [IBM Hyper Protect Software Development Kit (SDK) for iOS](https://www.ibm.com/blogs/systems/hyper-protect-your-sensitive-data-and-workloads-in-the-cloud/) available in the Apple CareKit open source GitHub community Badlaney and Hunter noted recent advances that demonstrate IBM’s continuing confidential computing momentum: - Announced in September 2019, [IBM’s z15](https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?subtype=ca&infotype=an&supplier=760&letternum=ENUSJG19-0039) next generation mainframe and [IBM LinuxONE III](https://www-01.ibm.com/common/ssi/ShowDoc.wss?docURL=/common/ssi/rep_ca/2/897/ENUS119-012/index.html&request_locale=ja) systems offer up to 16TB of secured memory that can support confidential computing workloads. Additionally, IBM’s [Pervasive Encryption](https://www.ibm.com/it-infrastructure/z/technologies/pervasive-encryption) features (which support the processing of encrypted data in memory) have a negligible impact on overall system performance. - [IBM and Bank of America are developing a financial services-ready public cloud](https://newsroom.ibm.com/2019-11-06-IBM-Developing-Worlds-First-Financial-Services-Ready-Public-Cloud-Bank-of-America-Joins-as-First-Collaborator), which is powered by the same confidential computing security found in IBM Z. Delivered via IBM Hyper Protect Services, the solution includes the Keep Your Own Key encryption capabilities. - Announced in April 2020, [IBM Secure Execution for Linux](https://www.ibm.com/downloads/cas/O158MBWG) enables clients to isolate large numbers of workloads with granularity and at scale, thus helping to protect them from internal and external threats across hybrid cloud infrastructures. - In June 2020, IBM announced new toolkits that allow MacOS and iOS developers to experiment with [Fully Homomorphic Encryption (FHE)](https://www.inpher.io/technology/what-is-fully-homomorphic-encryption#:~:text=Fully%20homomorphic%20encryption%20(FHE)%20is,functions%20were%20run%20on%20plaintext.) to keep data protected and processed simultaneously. Later in July, the company will announce a new FHE toolkit for Linux, bringing FHE to multiple Linux distributions for IBM Z and x86 architectures. ### IBM is the clear leader (at least, according to the article) Groups such as the Confidential Computing Consortium can help ensure that innovative new technologies are effectively developed and successfully adopted, delivering a broad range of benefits to companies, industries and markets. But it does not follow that the vendors involved in these groups will progress at the same pace. Oftentimes, some are up and running while others are still learning to walk. That is certainly the case when it comes to IBM’s efforts in confidential computing. The continuing evolution of its flagship IBM Z mainframe systems and LinuxONE servers have enabled the company to stay well ahead of the crowd when it comes to highly secure and resilient enterprise-class computing. Unsurprisingly, many of the trusted security features that first emerged on IBM Z are now fueling the company’s pioneering efforts in confidential computing.  Those innovations have long been appreciated and enjoyed by IBM’s customers and partners. As a host of vendors bring the benefits of confidential computing into broader markets, they will be following a path blazed by pioneers, like IBM.