OC3 is the world’s premier event for confidential computing, where cloud security experts come together to showcase the latest developments and use cases.
Azure Confidential Virtual Machines (CVMs) offer a stronger isolation environment for a guest partition leveraging the TEE (Trusted Execution Environment), currently, AMD SEV-SNP based. There are multiple ways to deploy the CVMs in Azure, and in this talk, Swamy Nagaraju Shivaganaga and Chris Orsini discuss one of the deployment options referred to as “Customizable/Custom Firmware" CVM deployments. The deployment option is currently in private preview, where Azure offers customers the chance to choose what exactly constitutes their guest TCB (Trusted Computing Base). It enables customers to fully control the operational TCB of their CVMs such as using open-source components for the in-guest system firmware needs, optionally developing their own protection mechanisms (integrity, encryption, etc..) to the disks, and using the attestation provider/mechanism tied to any KMS (Key Management Service) they would like to.
Our website → [ Ссылка ]
GitHub → [ Ссылка ]
Subscribe!📤
[ Ссылка ]
Follow us to stay updated on the next OC3!
Twitter → [ Ссылка ]
LinkedIn →[ Ссылка ]
Discord → [ Ссылка ]
Mastodon → [ Ссылка ]
Ещё видео!