AMD, Samsung, VMware and Members of RISC-V Keystone Community Team Up to Ease Development of Confidential Computing Apps by Supporting Open Source Certifier Framework
PALO ALTO, Calif. – June 29, 2023 – In conjunction with Confidential Computing Summit 2023, VMware, Inc. (NYSE: VMW) today announced that it is joining forces with AMD, Samsung, and members of the RISC-V Keystone community to simplify the development and operations of confidential computing applications. These industry and community leaders will work together to ease the transition to practical confidential computing by collaborating on and contributing to the open source Certifier Framework for Confidential Computing project.
Ecosystem Support Builds for Certifier Framework for Confidential Computing
To help democratize confidential computing, VMware researched, developed and open sourced the developer-focused Certifier Framework for Confidential Computing project. By standardizing on an easy-to-use, platform-independent API for creating and operating confidential computing applications, AMD, Samsung and VMware aim to address a significant barrier to the adoption of confidential computing.
Confidential computing is based on an emerging processor concept called a “trusted execution environment” that maintains the confidentiality and integrity of programs and data even when workloads are deployed in the cloud or infrastructure (such as the edge) that may be operated by others. Uniform security protections based on confidential computing are expected to be increasingly important in the context of multi-cloud deployments. Also, in the context of emerging workloads like machine learning, confidential computing can play a special role in protecting the intellectual property and proprietary data related to the foundation models and code, proprietary model derivatives, and private training data. Although confidential computing is an enormous advancement for security and privacy, like many hardware features, it will not be widely adopted until it becomes easier to develop applications in the new paradigm.
The Certifier Framework vastly simplifies the development of more secure cloud workloads, secret-keeping services, and privacy-preserving applications including an emerging class of machine learning and “data economy” workloads that are based on sensitive data and models aggregated from multiple sources. The framework provides platform-independent support for specifying and enforcing trust policies that can better secure workloads across on-prem and third-party infrastructure, including the telco edge, multi-cloud environments, and sovereign clouds. By collectively advancing and contributing to the open source Certifier Framework, the companies and community members aim to effectively standardize on a set of developer APIs that will benefit the entire industry by accelerating the adoption of confidential computing as it becomes available in the x86, Arm, and RISC-V ecosystems.
“Confidential Computing has the potential to secure workloads no matter where they run including in multi-cloud and edge settings,” said Kit Colbert, CTO, VMware. “The challenge has been to help customers adopt and implement the standard with ease. The collective efforts of the growing ecosystem of contributors to Certifier Framework will help bring those benefits to bear to ISVs, enterprise customers, and Sovereign Cloud providers—enabling them to use this emerging technology more easily and effectively.”
VMware at the Confidential Computing Summit 2023
The certifier’s capabilities, representative of VMware’s commitment to the future of multi-cloud security, are being highlighted at today’s Confidential Computing Summit. VMware along with other contributors to the Certifier Framework project will show demos of client/cloud confidential computing in compelling machine learning use cases. In particular, the demos will showcase “universal” client-cloud trust management across heterogeneous TEEs including AMD Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP), SGX, CCA, and RISC-V.
“AMD is a pioneer of advanced hardware-based security features such as AMD Infinity Guard, with built-in capabilities like Secure Encrypted Virtualization (SEV), in our EPYC data center processors,” said Raghu Nambiar, corporate vice president, Data Center Ecosystems and Solutions, AMD. “Collaborating with industry partners, like VMware, is critical for accelerating adoption of confidential computing and securing workloads in the cloud. No matter the size or technical sophistication of an organization, or where a workload is deployed, the Certifier Framework will help more customers realize the benefits of confidential computing.”
“Samsung is committed to extending confidential computing to endpoints through their Islet interface to the Arm CCA architecture,” said Yong Ho Hwang, VP and Head of Security & Privacy Team at Samsung Electronics. “We are pleased to be a supporter of the Certifier Framework and share the common goal of accelerating the adoption of confidential computing through a developer-friendly API for confidential computing trust management.”
“Keystone brings the benefits of open source to the confidential computing hardware community,” said Krste Asanovic, Professor, Computer Science Division, EECS Department, University of California, Berkeley. “We are pleased to leverage the Certifier Framework to help confidential computing developers maintain choice over platform selection as our capabilities evolve.”
- Learn more about the Certifier Framework for Confidential Computing on GitHub
- Read VMware’s blog post series on Confidential Computing and the Challenges of Multi-Cloud, Distributed Security at Scale
VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda. For more information, please visit www.vmware.com/company.
VMware is a registered trademark of VMware, Inc. in the United States and other jurisdictions. This article may contain hyperlinks to non-VMware websites that are created and maintained by third parties who are solely responsible for the content on such websites.
Media Contact: Eloy Ontiveros, VMware Global Communications, 1-650-427-6145, firstname.lastname@example.org