acm-header
Sign In

Communications of the ACM

Practice

Confidential Computing: Elevating Cloud Security and Privacy


green lock on a watchface, illustration

Credit: Omelchenko

back to top 

In the ever-evolving landscape of digital security, a new technology—confidential computing9,11—is set to redefine our expectations of data safety and privacy. The advent of cloud computing has already resulted in a security infrastructure that surpasses most traditional on-premises systems. Confidential computing (CC) is poised to elevate these guarantees even further. It is a paradigm shift that marks the next stage in the evolution of cloud security, representing a leap forward that pushes the boundaries of what is achievable.

CC fundamentally improves our security posture by drastically reducing the attack surface of systems. While traditional systems encrypt data at rest and in transit, CC extends this protection to data in use. It provides a novel, clearly defined security boundary, isolating sensitive data within trusted execution environments during computation. This means services can be designed that segment data based on least-privilege access principles, that is, services where data is accessible only to the code that needs access to perform its function, while all other code in the system sees only encrypted data. Crucially, the isolation is rooted in novel hardware primitives, effectively rendering even the cloud-hosting infrastructure and its administrators incapable of accessing the data. This approach creates more resilient systems capable of withstanding increasingly sophisticated cyber threats, thereby reinforcing data protection and sovereignty in an unprecedented manner.

But CC is not just about fortifying defenses; it's also about unlocking potential. It opens a universe of possibilities, fostering innovation and empowering businesses and developers to build new kinds of services previously inhibited by security constraints. From privacy-enhanced personal AI services,4 to encrypted databases,8 to highly confidential decentralized business processes,2 to confidential data cleanrooms where multiple parties execute analytics and machine-learning workflows on combined data without revealing their data to the other parties,6 to trustworthy and transparent hardware and software supply chains,1 CC has the potential to revolutionize various domains.

CC is more than a technological innovation; it's a testament to our ability to collaborate and co-create solutions for the benefit of all. CC is the outcome of a confluence of expertise from leading research groups5,7,10 and major players throughout industry sectors.3 This includes a spectrum of hardware and software vendors, from processor and accelerator companies, such as Intel, AMD, ARM, and NVIDIA, to cloud service providers, including Microsoft, Google, and Oracle, plus an array of vibrant startups, each bringing fresh perspectives and radical thinking to the table. This cross-industry group is cooperating to ensure CC becomes the new norm for computing, notably by developing standards and practices that can ensure the interoperability of CC devices, protocols, and services. In 10 years, "confidential computing" will just be "computing."

The following articles focus on different aspects of CC. Written by leading industry experts and academic researchers, these articles aim to shed light on the technical underpinnings of CC, its practical applications, and its transformative potential. We invite you to join us on this journey through the world of CC. Together, we will explore, understand, and harness this technology to create a more secure and innovative future.

Back to Top

References

1. Birkholz, H., Delignat-Lavaud, A., Fournet, C., Deshpande, Y., and Lasker, S. An Architecture for Trustworthy and Transparent Digital Supply Chains. IETF SCITT Working Group, 2022; https://datatracker.ietf.org/doc/draft-ietf-scitt-architecture/.

2. CCF: A framework for building confidential verifiable replicated services. GitHub, 2019; https://github.com/microsoft/CCF.

3. Confidential Computing Consortium; https://confidentialcomputing.io.

4. Delignat-Lavaud, A., Russinovich, M., Vaswani, K. Unlocking the potential of privacy-preserving AI with Azure confidential computing on NVIDIA H100. Microsoft Azure Confidential Computing Blog, 2023; https://bit.ly/3r5OuKb

5. Lee, D., Kohlbrenner, D., Shinde, S., Asanovic, K., and Song, D. Keystone: an open framework for architecting trusted execution environments. In Proceedings of the 15th European Conf. Computer Systems 38, 2020, 1–16; https://dl.acm.org/doi/abs/10.1145/3342195.3387532.

6. Ohrimenko, O. et al. Oblivious multi-party machine learning on trusted processors. In Proceedings of the 25th Usenix Security Symp., 2016; https://bit.ly/3sOW7VI.

7. Opaque. RISE Lab, UC Berkeley, 2018; https://rise.cs.berkeley.edu/projects/opaque/.

8. Priebe, C., Vaswani, K., Costa, M. EnclaveDB: A secure database using SGX. In Proceedings of the IEEE Symp. Security and Privacy, 2018, 264–278; https://ieeexplore.ieee.org/document/8418608.

9. Russinovich, M. et al. Toward confidential cloud computing. Commun. ACM 64, 6 (2021), 54–61; https://dl.acm.org/doi/10.1145/3453930.

10. Sanctum Secure Processor. MIT CSAIL, 2017.

11. Schuster, F. et al. VC3: Trustworthy data analytics in the cloud. In Proceedings of the IEEE Symp. Security and Privacy, 2015, 38–54; https://ieeexplore.ieee.org/document/7163017.

Back to Top

Author

Mark Russinovich is chief technology officer of Microsoft Azure, Bellevue, WA, USA, where he leads technical strategy and architecture for Microsoft's cloud-computing platform.


© 2024 Copyright held by the owner/author(s).
Request permission to (re)publish from the owner/author

The Digital Library is published by the Association for Computing Machinery. Copyright © 2024 ACM, Inc.

 


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account
Article Contents: