Google Cloud is looking forward to covert computing but looking forward to hardware changes

The concept of covert computing.
Photo: Song_about_summer / Adobe Stock

Data protection in use is the short version of Covert Computing Target. However, this initiative is more complex than that. On Monday, November 14, representatives from Google Cloud, AMD and Intel met to discuss the state of confidential computing, where it is headed and the hurdles still to be overcome. What does covert computing mean for cloud and edge deployments? For hardware makers and software developers?

jump to:

Covert computing case

“Confidential computing is really the way a cloud vendor or host environment can tie their hands,” said Brent Hollingsworth, Epyc Software Ecosystem Manager at AMD. “They can prevent themselves from being able to see the data at a fundamental level in a way that they weren’t able to do before.”

Formally, confidential computing is an initiative to ensure that cloud computing technology can secure the data used at the hardware level. They use Trusted Execution Environments, which is a confined area inside a CPU.

We see: Hiring Tools: Cloud Engineer (TechRepublic Premium)

For chipmakers and software producers, it may be half the battle telling the story of this new capability to customers, said Anil Rao, vice president and general manager of Systems Engineering and Technology at Intel. Several panelists noted that, at present, covert computing is difficult to market. The goal is for it to be a necessity, but for now, it’s a feature.

Change that requires asking technical questions also determines whether or not customers will buy. Among the forward-looking questions asked by Vint Cerf, Senior Internet Evangelist at Google Cloud, is, “What happens if a CC server fails? How do you recover? How do you move partial results etc? What about scaling? How do you get CC to work in a multi-core environment?” Works with GPUs and TPUs? Are certifications available, from whom, and on what basis?”

Brent noted that the most interesting developments today come from large organizations that have the resources to rebuild the infrastructure based on the idea of ​​putting security first. For example, stop Project Zero, the white hat hacking team from Google.

Covert computing on the edge

Covert computing is an advantage for high-end applications because it may not have the same physical characteristics as a data center. For example, a cell tower with a server at the bottom is an extreme situation that requires special security. Unmanned or unsupervised facilities may also benefit greatly.

“When you push your IP over the edge and want to make sure your IP is handled with care, this is a great example,” said Rao. “We’re actually seeing some of our customers deploy covert computing for scenarios of this nature, whether it’s things like Google Antos or from their central location to their branch location.

“If it’s a lit infrastructure on their branch, those are all key ways in which the edge is a huge component of covert computing.”

Cerf pointed it out 6 g And the mobile edge is also relevant here. Although the design of 6G is still fluid, the overall application level has a say in how the communications system performs. This is another example of building security, a philosophy that shares many walls with covert computing. Customers may want to separate the application that controls the communications component.

What’s next for covert computing?

What should we expect from covert computing in the next five years? Cerf anticipates that it will continue to normalize, with the covert computing style, in a variety of computing environments. However, this is due to the capabilities and options of the chipset makers.

We see: Don’t Get Your Enthusiasm On: Trends and Challenges in Edge Computing (TechRepublic)

Similarly, Rao envisions a world in which covert computing is standard, where the term “private cloudbecomes obsolete. The committee members agreed that it should be assumed that the data used would not be visible to any outside observer.

What prevents covert computing?

However, there are a variety of technical challenges before this can happen. Not everything on the cloud is capable of covert computing yet. The chipsets that will provide them still need to be developed as well as specialized, so domain-specific computing can be done at the same time.

Nelly Porter, Group Director of Google Cloud Products, noted that issues such as live migration continue to be an issue for confidential computing. Rao said testimony is also a concern. He noted that customers generally don’t want to be an early adopter, and cloud computing is still in the early stage typical of few organizations wanting to make the first move.

Hollingsworth said that the development of virtual machine workloads needs to be improved, so security is built from the inside out, rather than organizations requiring or trying to bring a legacy system with a large attack surface to this level of security. As Rao referred to the Intel Amber Project, A.J Third party certification service.

However, some large organizations are trying to be a trendsetter. In February 2022, the Open Compute Project was launched calyptra, which is an open specification for chip devices made in collaboration with Microsoft, Google, and AMD. Its goal is to solve some of those covert computing problems that weren’t integrated from the start. A specific silicon block establishes a root of trust with which data can be secured at the chip level, making things more difficult for attackers trying to compromise the hardware.

Another area of ​​concern and possibility is isolation. Cerf suggested that certification persistence in volatile software environments might be possible because of the isolation afforded by covert computing; Although this, at the present stage, is speculation.

Authentication involves a software environment that guarantees that specific software on specific hardware or an execution environment is trusted. Rao agreed, stating that the purpose of covert computing is not to “excuse bad application behavior”, and that it may change the way application developers think about building security in their applications.

Cerf noted that Google Cloud is also working on the Trusted I/O specification, which along with domain-specific computing may contribute to covert computing becoming the norm. Porter is also looking forward to writing covert computing along with using GPUs as accelerators, as more customers will start working not just on CPUs but with training and models that need accelerators.

Covert computing is not yet a household name, but progress is being made to incorporate it into a variety of security strategies.

Looking for more on covert computing? paying off Our guideor see more about it Amber Project And the Covert computing update for Ubuntu.

Leave a Comment