Kubernetes Podcast from Google

Confidential Computing, with Fabian Kammel

11 snips
Nov 23, 2023
Guest Fabian Kammel, Security Architect at ControlPlane, discusses confidential computing, trusted execution environments, and the differences between TPMs and HSMs. The chapter also explores the concept of confidential virtual machines and their use in sensitive industries like defense and healthcare.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
INSIGHT

Confidential Computing Overview

  • Confidential computing protects sensitive computations in untrusted environments, similar to credit cards or SIM cards.
  • It expands this concept to general server hardware and provides remote attestation for genuineness.
INSIGHT

Trusted Execution Environments (TEEs)

  • TEEs are hardware-protected environments where external observers cannot see or manipulate data.
  • Different implementations exist, like Intel SGX's process-based approach and AMD SEV's full VM shielding.
INSIGHT

HSMs vs. TPMs

  • TPMs are cheap and commonplace but have limited memory and cryptographic capabilities.
  • HSMs are expensive, offer strong physical tamper protection, but are unsuitable for average workloads.
Get the Snipd Podcast app to discover more snips from this episode
Get the app