The long and winding road towards secure Confidential Cloud Computing

Confidential Computing (CC) is an on the rise concept in the world of Cloud Computing that enables a powerful security model where cloud tenants are not required to trust the SW stack provided by Cloud Service Providers (CSPs), significantly reducing the risk that a vulnerability in such SW stack will affect the security of tenant’s workloads. Most CSPs are eager to adopt these new security technologies offered by CPU vendors (AMD SEV/SNP, Intel SGX, Intel TDX). However, to deploy such solutions in a truly secure way, CSPs must consider and address many aspects that the Confidential Computing technology brings.

This talk will cover the goals and the overall threat model for Confidential Computing, explain the main differences between Intel SGX and Intel TDX technologies, as well as give an overview of the main challenges that CSPs are facing now in order to deploy any of the CC technologies, how these challenges can be addressed and what we do at Intel to help CSPs on this journey.