4 Key Security Challenges to Address with Confidential Computing

Confidential Computing delivers a variety of security benefits and helps deliver a platform for controlled, compliant activation of sensitive data

By Simon Johnson, Senior Principal Engineer at Intel

Over the last decade, businesses have become increasingly reliant on data monetization, especially as workloads have moved to the cloud. But the rise in number and size of data breaches continues to highlight how much the datafication of personal information is being monetized by companies and threat actors alike. As a result, privacy preserving data services are growing in customer demand and increasingly becoming a regulatory requirement. Meeting that demand requires additional layers of protection that can help separate the processing of user data from the platform owner or administrator.

Meeting that challenge has been the driving force for Confidential Computing. At a high level, Confidential Computing protects data in use during processing, with sensitive data isolated in the CPU and encrypted in memory while it’s processed. The main premise behind separating user data from platform owner control (whether through a service or on-prem) is that those controlling the platform and those accessing data on the platform being processed are two separate entities.

Confidential Computing delivers a variety of security benefits associated with hardware-based enforcement of data and IP access policies. For example, protecting against un-permissioned data access (even with escalated privileges), containing the “blast radius” of compromised software or unauthorized users, and protecting data and IP deployed at partner or remote sites. But Confidential Computing is also transforming businesses by helping to deliver a platform for controlled, compliant activation of sensitive data. That might include compliant multi-party or inter-department collaboration, privacy-preserving data services, confidential and compliant AI, and more.

In order for this technology to become more pervasive, it must be usable, deployable, and not detrimental to either the data owner’s or the platform owner’s cost models – all while delivering security value. Finding this balance is what both drives and constrains progress in this field. What are some of the new security challenges the industry faces as we continue to advance in Confidential Computing? Here are four:

• Post-Quantum Crypto (PQC) Hardening – The entire computing industry is amid what will be a decade-long transition (or more) to post-quantum safe computing. This transition is where the cryptographic algorithms used in the modern era must change to prevent attacks from quantum computer-based attacks. In some instances, the transition efforts may require that we encrypt data with a change of key length. However, in other cases, new PQC algorithms need to be invented and standardized. There is a lot of working happening in this area.
• Attestation Complexities – Part of the element of a Confidential Computing model is understanding the state of the security posture of platforms to which execution is deployed. This process is known as attestation, and it is still in its infancy. Developing and appraising policies to determine actions when platforms are out of update or configuration isn’t up to standard is still a developing area. Finding ways of making these processes more understandable, digestible, and automated continue to develop.

In addition, we have seen many users of Confidential Computing request heterogeneity in the platforms, clouds, and software stacks. This introduces other challenges in making cross-platform, cross-cloud, and cross-trust authority assessments more complex.

• Side-Channel Attacks – A side-channel attack, or an attempt to extract secrets from a chip or a system, can happen in any digital system. For example, CPU vulnerabilities (such as Meltdown and Spectre) allowed unauthorized reads of data in running programs and illustrated the challenges of side-channel attacks. While many side-channel attacks are shown in academic or laboratory scenarios, the risks are increased in cloud computing environments that rely on co-resident virtual machines. As hardware and software solutions improve to supply mitigations in this space, IT departments can benefit by establishing best practices and mitigations to combat side-channel attacks.
• Physical Attacks – A Confidential Computing model emphasizes the separation of platform administrator from user data being operated on it. But as the processing locations become more remote, or platform administration is further subdivided, or third parties become responsible for platform operations, protections from the individual with platform proximity are necessary.

Confidential Computing solutions combines a robust set of hardware features and a rich, vibrant software ecosystem that is in place today and continued growth is expected. The Confidential Computing software ecosystem includes containerized software development kits (SDKs) and shim layers or library operating systems that allow either partial or full applications to be included within the trust boundary. It also includes middleware that allows multiple applications to be brought together securely and orchestrated across an infrastructure provider’s network. Finally, the market needs software services for attestation of Confidential Computing instances on a variety of devices so they can be verified at the time of use.

Unfortunately, bad actors will continue to try and exploit cloud security vulnerabilities. Implementing a Confidential Computing ecosystem can help combat these cloud security threats, working not as a one-off CPU feature, but as a larger infrastructure that brings secure computing to the masses. It can help ensure the strongest protections are enacted anytime, anywhere on any computing device, reducing risks and concerns for both suppliers and users. To learn more about Confidential Computing advances, check out OC3 and the Confidential Computing Consortium.

About the Author

Simon Johnson is a Senior Principal Engineer and Confidential Compute Technical Director for the SGX and TDX programs at Intel Corporation. As a confidential computing technical evangelist, Simon engages with partner organizations on how to deliver world-class experiences and identify and accelerate the next generation of hardware capabilities in the confidential computing space. Simon has been in the information security space over 25 years, previously working for the UK Government as an information security specialist developing capabilities and advising a number of national scale projects. He holds a bachelor’s degree in computer science from the University of York, UK.

For more, visit the Intel Corporation company website at https://www.intel.com/.