This article was coauthored by Jerry Yu, Raghu Yeluri, Joshua Krstic, and Rene Kolga. Jerry Yu is a Confidential Computing and Security Architect at Intel. Raghu Yeluri is Intel's Lead Security Architect for Confidential AI and Confidential Computing Services. Joshua Krstic is a Senior Software Engineer on Google Cloud's Confidential Computing team. Rene Kolga is Product Leader on Google Cloud's Confidential Computing team.
Intel is excited to partner with Google Cloud to integrate Intel® Tiber™ Trust Authority with Google Cloud Confidential Space for customers seeking operator-independent attestation for applications focused on data privacy.
Google Cloud Confidential Space provides an isolated environment using a hardware-enabled Trusted Execution Environment (TEE) like Intel® Trust Domain Extensions (Intel® TDX) to operate on sensitive data. This environment processes data in a way that is inaccessible to anyone, including cloud service providers, project administrators, and data collaborators. After successful attestation, only a mutually agreed-upon workload can see the raw data.
An Attestation Service is a required component for Confidential Space to verify TEE evidence and release an OpenID Connect (OIDC) identity token. This token contains workload identity attributes needed to access resources protected by an authentication and authorization system. Google Cloud Attestation is the default attestation service for Confidential Space. However, customers in regulated industries like healthcare, financial services, etc., require third-party authentication that meets the “separation of duties” and zero-trust requirements for the infrastructure provider and attestation provider.
Intel collaborated with Google Cloud to incorporate Intel Tiber Trust Authority as an independent attestation service and workload identity provider in the Confidential Space stack.
The Highlights
- Intel Tiber Trust Authority provides a new dedicated API to verify the entire Confidential Space environment. This includes the workload, Confidential Space operating system, and hardware root of trust underpinning Intel TDX.
- Intel Tiber Trust Authority generates an OIDC-compatible token for Confidential Space to help guarantee interoperability with the authentication and authorization system (ex: Google Cloud workload identity pool, Amazon Web Services IAM identity provider).
- The workload (container) launcher in Confidential Space supports Intel Tiber Trust Authority as the attestation service provider.
- Confidential Space provides a dedicated endpoint for the workload to fetch an Intel Tiber Trust Authority token. Now any workload can fetch tokens for both Intel Tiber Trust Authority and Google Cloud Attestation.
- Google’s Reference Integrity Measurements (RIM) for the Confidential Space image and Confidential VM firmware are enforced as the default policy in Intel Tiber Trust Authority.
The support for Confidential Space in Intel Tiber Trust Authority is in private preview on Intel TDX machines (c3 type) in Google Cloud. You can now sign up for preview access to test this feature.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.