Confidential Computing Consortium Sets the Scene
|
NEWS
|
In December 2022, the Confidential Computing Consortium (CCC) released its Common Terminology for Confidential Computing whitepaper. The paper seeks to position the CCC as the pioneer in confidential computing developments, and its members are heavyweights in the tech space—Accenture, Arm, Google, Huawei, Intel, Meta, Microsoft, and Red Hat are among the premier members. The term “confidential computing” has been gaining traction over the last couple of years and is driving interest in several different sectors, most notably in cloud computing. In some instances, it is being heralded as a novel technology implementation that can solve confidentiality concerns, but there is some debate about what constitutes confidential computing from a technology perspective.
Which Tech Will Rule?
|
IMPACT
|
The CCC has defined the term “confidential computing” as “the protection of data in use by performing computation in a hardware-based, attested Trusted Execution Environment [TEE].” TEE technology in itself is not new, having been leveraged in smartphones for over a decade now for payment and content protection applications. Today, usage extends to set-top boxes and video cameras, among other connected Internet of Things (IoT) devices. GlobalPlatform published a specification for a TEE standard back in 2014. TEE stands as a mature technology, having been around for more than a decade now. Popular TEE implementations, such as Arm’s TrustZone, which dominates the smartphone space and is making inroads into IoT devices (through Arm Cortex M23, M33, M35P, and M55 cores), have been around as early as 2004. From a desktop computing and server perspective, Intel offers its Software Guard Extensions (SGX) technology, available since 2015 in a number of Intel Central Processing Units (CPUs). Other commercial TEEs include AMD’s Platform Security Processor (PSP) and IBM’s Secure Service Container, available for IBM Z and LinuxONE servers. What these technologies offer is a hardware-backed secure enclave that can confidentially execute applications and run code.
In essence, TEEs have always provided confidential computing functionalities, but they have not been branded this way. What is emerging now is that such capabilities, rather than simply being a feature running on a device owned by the end user, are now being deployed remotely on infrastructure that is shared and public (i.e., the cloud). This is the primary evolution, as demand for confidentiality and privacy become key in multi-tenant environments. TEE is a suitable and effective technology solution that can answer that demand.
However, there is ambiguity surrounding TEE’s role in the CCC’s vision. GlobalPlatform’s TEE specification is not referenced in the CCC whitepaper. It’s unclear whether that is due to some of the founding members not being aligned with it, or simply because the CCC wants to consider alternative TEE approaches (albeit only hardware-based TEEs). In looking at the market, there are quite a few commercial TEEs that have not gone through GlobalPlatform’s TEE Security Certification Program. In fact, GlobalPlatform’s TEE definition is supported, by and large, by its most popular implementation, Arm’s TrustZone. It has become a de facto standard simply through Arm’s dominance in the space.
But with growing demand for TEEs beyond smartphones into the IoT and server infrastructure, commercial TEEs that are not aligned with GlobalPlatform’s specification are gaining in prominence, as are open-source implementations (e.g., RISC-V's MultiZone). This may erode the GlobalPlatform standard’s influence going forward. Compounding this is the fact that the CCC has chosen not to mention GlobalPlatform’s specification at all. And yet, the CCC has not defined its own specification either, which leaves room for interpretation as to what can constitute a TEE. This loose state of affairs also means that there is debate about what can effectively constitute a confidential computing technology beyond TEEs.
Confidentiality in a Changing World
|
RECOMMENDATIONS
|
There are potentially other technologies that could fit under the confidential computing umbrella, such as multi-party computation, homomorphic encryption, and zero-knowledge proofs. Known more commonly as privacy-preserving computation, there is a fine line as to what differentiates the two. For the CCC, it is the hardware-backed secure enclave element that is required for attestation. In order to convince the market, however, the CCC will need greater agreement from the broader tech community, including from Amazon Web Services (AWS), which has yet to weigh in on the matter. The most powerful way this can happen would be through the development of its own standard, and even that is not a guarantee of mass market adoption.
Ultimately, confidential computing remains a concept that has yet to be defined in the market. Regardless of whether it is based on existing technology, or new security methods, the impetus driving it forward cannot be ignored. Data protection, whether at rest, in transit, or in execution, must be feasible in any context. Today, those contexts are increasingly remote, shared, portable, and ephemeral. This makes confidentiality challenging, and resolving this should be the primary goal of confidential computing, however it is eventually delivered.
