Confidential Computing Primer
Red Hat News, Tuesday, May 2,2023
This article is the first in a six-part series in which we present various usage models for confidential computing, a set of technologies designed to protect data in use-for example by using memory encryption-and the requirements to get the expected security and trust benefits from t​​he technology.
In the series, we will focus on four primary use cases: confidential virtual machines, confidential workloads, confidential containers and finally confidential clusters. In all use cases, we will see that establishing a solid chain of trust uses similar, if subtly different, attestation methods, which make it possible for a confidential platform to attest to some of its properties. We will discuss various implementations of this idea, as well as alternatives that were considered.
In this first article, we will provide some background about confidential computing and its history, and establish some terminology that we will need to cover the topic.