VMware has joined forces with AMD, Samsung, and members of the RISC-V Keystone community to simplify the development and operations of confidential computing applications.
These industry and community leaders will work together to ease the transition to practical confidential computing by collaborating on and contributing to the open source Certifier Framework for Confidential Computing project.
Ecosystem Support Builds for Certifier Framework for Confidential Computing
To help democratise confidential computing, VMware researched, developed and open sourced the developer-focused Certifier Framework for Confidential Computing project. By standardising on an easy-to-use, platform-independent API for creating and operating confidential computing applications, AMD, Samsung and VMware aim to address a significant barrier to the adoption of confidential computing.
Confidential computing is based on an emerging processor concept called a ‘trusted execution environment’ that maintains the confidentiality and integrity of programs and data even when workloads are deployed in the cloud or infrastructure (such as the edge) that may be operated by others. Uniform security protections based on confidential computing are expected to be increasingly important in the context of multi-cloud deployments. Also, in the context of emerging workloads like machine learning, confidential computing can play a special role in protecting the intellectual property and proprietary data related to the foundation models and code, proprietary model derivatives, and private training data. Although confidential computing is an enormous advancement for security and privacy, like many hardware features, it will not be widely adopted until it becomes easier to develop applications in the new paradigm.
The Certifier Framework vastly simplifies the development of more secure cloud workloads, secret-keeping services, and privacy-preserving applications including an emerging class of machine learning and “data economy” workloads that are based on sensitive data and models aggregated from multiple sources. The framework provides platform-independent support for specifying and enforcing trust policies that can better secure workloads across on-prem and third-party infrastructure, including the telco edge, multi-cloud environments, and sovereign clouds. By collectively advancing and contributing to the open source Certifier Framework, the companies and community members aim to effectively standardise on a set of developer APIs that will benefit the entire industry by accelerating the adoption of confidential computing as it becomes available in the x86, Arm, and RISC-V ecosystems.
“Confidential Computing has the potential to secure workloads no matter where they run including in multi-cloud and edge settings,” said Kit Colbert, CTO, VMware. “The challenge has been to help customers adopt and implement the standard with ease. The collective efforts of the growing ecosystem of contributors to Certifier Framework will help bring those benefits to bear to ISVs, enterprise customers, and Sovereign Cloud providers—enabling them to use this emerging technology more easily and effectively.”
VMware at the Confidential Computing Summit 2023
The certifier’s capabilities, representative of VMware’s commitment to the future of multi-cloud security, are being highlighted at today’s Confidential Computing Summit. VMware along with other contributors to the Certifier Framework project will show demos of client/cloud confidential computing in compelling machine learning use cases. In particular, the demos will showcase “universal” client-cloud trust management across heterogeneous TEEs including AMD Secure Encrypted Virtualisation-Secure Nested Paging (SEV-SNP), SGX, CCA, and RISC-V.
Raghu Nambiar, corporate VP, Data Center Ecosystems and Solutions, AMD, said: “AMD is a pioneer of advanced hardware-based security features such as AMD Infinity Guard, with built-in capabilities like Secure Encrypted Virtualisation (SEV), in our EPYC data center processors.
“Collaborating with industry partners, like VMware, is critical for accelerating adoption of confidential computing and securing workloads in the cloud. No matter the size or technical sophistication of an organisation, or where a workload is deployed, the Certifier Framework will help more customers realise the benefits of confidential computing.”
Yong Ho Hwang, VP and head of security & privacy team at Samsung Electronics, said: “Samsung is committed to extending confidential computing to endpoints through their Islet interface to the Arm CCA architecture. “We are pleased to be supporter of the Certifier Framework and share the common goal of accelerating the adoption of confidential computing through a developer-friendly API for confidential computing trust management.”
Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. Explore other upcoming enterprise technology events and webinars powered by TechForge here.