📃
Confidential Computing 101
HomeTechnologyTry CC!
  • Welcome
  • Confidential Computing
    • What is Confidential Computing
    • What problems Confidential Computing solves
      • Bare Metal
      • Docker
      • Kubernetes
      • Knative
    • Why Confidential Computing
    • How Confidential Computing works
      • Memory Encryption
      • Workload Attestation
      • Confidential Boot
      • Sealing / Binding
      • Secret Provisioning
    • Technology Overview
    • Cloud Service Providers
  • Technology in depth
    • Intel SGX
      • Getting Started
        • Bare Metal Server Installation
        • Enclave Development Environment
        • Intel SGX SDK Setup
      • Technology
        • 🎭Features
        • 💂Threat Model
        • 🆚Versions
        • 🟦Concepts
          • 🏦Memory Encryption
          • 👮Local and Remote Attestation
          • 🖼️DCAP-Attestation Framework
          • 🔑Secret Key Provisioning
      • enclaive Development Kit
        • 🏢Architecture
        • 🌪️Workflow
        • 🌍Tutorials
          • Azure DCdsv3, DCsv2, or DCsv3 Setup
          • Redis in cK8s
          • MongoDB in cK8s
          • K8s + HashiCorp Vault on Azure DCsv3
      • Vault Remote Attestation Plug-In
        • 🏃‍♂️Initialization
        • 👮Attestation
        • ⚙️Configuration
    • Intel TDX
      • Getting Started
        • Azure
        • AWS
        • GCP
      • Technology
        • History
          • VT
          • TME/MKTME
          • SGX
        • Features
        • Threat Model
        • Concepts
          • Architecture
            • TDX Module
          • Memory Encryption
            • Confidentiality and Integrity
            • Keys and Key Management
          • TD Partitioning
          • DCAP-Attestation
            • Overview
            • Platform Registration
            • Attestation Report
    • AMD SEV
      • Getting Started
        • Azure
        • AWS
        • GCP
      • Technology
        • History
        • Threat Model
        • SME Concepts
          • Use Models
        • SEV-SNP Concepts
          • Features
            • Integrity Threats
            • Reverse Map Table
            • Page Validation
            • Page States
            • Virtual Machine Privilege Levels
            • Interrupt/Exception Protection
            • Trusted Platform Information
            • TCB Versioning
            • VM Launch & Attestation
            • VM Migration
            • Side Channels
          • Use Cases
          • Architecture
            • Encrypted Memory
            • Key Management
          • Software Implications
    • ARM CC
      • Technology
        • Introduction
        • Threat Model
        • Design
        • Comparison
    • Attestation Methods
      • Raw Attestation
      • Raw Attestation with Secure-Boot
      • Raw Attestation with a vTPM
        • AMD Secure VM Service Module and vTPMs
      • Raw Attestation with paravirtualized TPM
  • Resources
    • Youtube
    • Github
    • Products
Powered by GitBook
On this page
  • Issues
  • Solution

Was this helpful?

  1. Confidential Computing
  2. What problems Confidential Computing solves

Docker

Issues

Docker poses two primary concerns for application integrity: trust and secure execution.

Trust

Docker has faced significant criticism regarding trust issues related to container images and their sources. Inadequate mechanisms for verifying the authenticity and integrity of container images make it challenging to establish trust in the software supply chain. This vulnerability exposes organizations to the risk of deploying compromised or malicious container images, which can lead to security breaches, data loss, and unauthorized access. The lack of trust in container images becomes particularly concerning when relying on third-party or publicly available repositories, where the origin and integrity of the images are difficult to ascertain.

Secure Execution

Another critique directed at Docker is the need for enhanced security during container execution. Docker's default execution environment lacks strong isolation measures, leaving containers vulnerable to various runtime attacks. Without proper safeguards, adversaries can exploit vulnerabilities within containers or the host system to gain unauthorized access or execute malicious code. This becomes a critical concern for organizations that handle sensitive data or operate in regulated industries where secure execution and data confidentiality are paramount.

Solution

To address these concerns, enclaive leverages hardware secure enclave technology to enhance the trustworthiness and secure execution of Docker containers. This solution focuses on establishing trust in container images and providing a secure runtime environment for executing containers with strong isolation.

Our enhanced containers have been meticulously designed to simplify the deployment of trusted and securely executed Docker containers while ensuring straightforward operation and management. Our primary objective was to incorporate existing Docker workflows and practices familiar to DevOps professionals and engineers while leveraging hardware secure enclave technology to enhance security. The key components of this solution are as follows:

Trusted Container Images

Similar to standard Docker images, Trusted Container Images undergo a rigorous verification process to establish their authenticity and integrity. These images are signed using cryptographic techniques and can be validated against trusted registries or certificate authorities. By ensuring the trustworthiness of container images, organizations can mitigate the risk of deploying compromised or malicious software.

Secure Execution Environment

At the core of the container lies the Secure Execution Environment, powered by Intel SGX technology. This environment provides strong confidentiality guarantees, allowing Docker containers to execute securely without interference from the host system or other containers. The secure execution environment ensures that containers are protected from unauthorized access, runtime attacks, and data leakage.

To ensure simplicity for our customers (engineers, DevOps), we have adopted the following role model:

The Cloud Service Provider (CSP) offers a Docker environment with hardware secure enclave support, comprising: Docker hosts equipped with hardware secure enclave access to the Provisioning Certification Service (PCS) through the Datacenter Provisioning Certification Caching Service (PCCS)

The customer's responsibilities include:

  • Deploying and provisioning their own trusted container images within the Docker environment.

  • Use secure enclave supported hardware.

  • Adhering to best practices for secure containerization and image verification.

It is important to note that the trustworthiness and secure execution of containers rely on the proper validation of trusted attributes and the utilization of hardware secure enclave technology, which are integral to the security of the solution.

Last updated 1 year ago

Was this helpful?