Google recently introduced Confidential Computing, with Confidential VM as the first product, and it’s powered by 2nd Gen AMD EPYC!
Here’s an overview of Confidential Computing and Confidential VM, and how they leverage the 2nd Gen AMD EPYC processor!
Google Cloud Confidential Computing : What Is It?
Google Cloud encrypts customer data while it’s “at-rest” and “in-transit“. But that data must be decrypted because it can be processed.
Confidential Computing addresses that problem by encrypting data in-use – while it’s being processed. This ensures that data is kept encrypted while in memory and outside the CPU.
Google Cloud Confidential VM, Powered By 2nd Gen AMD EPYC
The first product that Google is unveiling under its Confidential Computing portfolio is Confidential VM, now in beta.
Confidential VM basically adds memory encryption to the existing suite of isolation and sandboxing techniques Google Cloud uses to keep their virtual machines secure and isolated.
This will help customers, especially those in regulated industries, to better protect sensitive data by further isolating their workloads in the cloud.
Google Cloud Confidential VM : Key Features
Powered By 2nd Gen AMD EPYC
Google Cloud Confidential VM runs on N2D series virtual machines powered by the 2nd Gen AMD EPYC processors.
It leverages the Secure Encrypted Virtualisation (SEV) feature in 2nd Gen AMD EPYC processors to keep VM memory encrypted with a dedicated per-VM instance key.
These keys are generated and managed by the AMD Secure Processor inside the EPYC processor, during VM creation and reside only inside the VM – making them inaccessible to Google, or any other virtual machines running on the host.
Your data will stay encrypted while it’s being used, indexed, queried, or trained on. Encryption keys are generated in hardware, per virtual machine and are not exportable.
Confidential VM Performance
Google Cloud worked together with the AMD Cloud Solution team to minimise the performance impact of memory encryption on workloads.
They added support for new OSS drivers (name and gvnic) to handle storage traffic and network traffic with higher throughput than older protocols, thus ensuring that Confidential VM will perform almost as fast as non-confidential VM.
Easy Transition
According to Google, transitioning to Confidential VM is easy – all Google Cloud Platform (GCP) workloads can readily run as a Confidential VM whenever you want to.
Available OS Images
In addition to the hardware-based inline memory encryption, Google built Confidential VM on top of Shielded VM, to harden your OS image and verify the integrity of your firmware, kernel binaries and drivers.
Google currently offers images of Ubuntu v18.094, Ubuntu 20.04, Container Optimized OS (COS v81), and RHEL 8.2.
They are currently working with CentOS, Debian and other distributors to offer additional OS images for Confidential VM.
Recommended Reading
- AMD Ryzen Threadripper PRO 3000 Series : Full Details!
- Lenovo ThinkStation P620 : Threadripper PRO Workstation!
- Assassin’s Creed Valhalla : FREE With AMD Ryzen CPUs!
- AMD Ryzen 5 3600XT In-Depth Review : Seriously?
- AMD Ryzen XT CPUs : Not Turbocharged But Has Free Game!
- Pakistan Suspends PUBG Due To Children Suicide Risks!
- Die Young Prologue – How To Get This Game For FREE!
- AIM 2 : Clan Wars – Get This Game FREE For A Limited Time!
- How To Solve Locke Breacher + Get Cryptographer’s Color!
- AMD 25×20 Initiative : Goals FAR Exceeded!
- 2020 Lenovo ThinkPad E15 (AMD Ryzen) : First Look!
- 2020 Lenovo ThinkPad E14 (AMD Ryzen) : First Look!
- AMD EPYC : Four Supercomputers In Top 50, Ten In Top 500!
- Amazon EC2 C5a Now Runs On 2nd Gen AMD EPYC!
- Fact Check : AMD Ryzen 4000 Will Use 5nm TSMC Process?
- AMD Ryzen 4000 Mobile : Major Consumer Kick-Off In 2020!
- AMD Ryzen 3 3300X Review : Quite The Bargain @ $120!
- AMD Ryzen 3 3100 Review : A Steal At Just $99!
- AMD Ryzen 3 3300X vs Ryzen 3 3100 Comparison
- AMD B550 Chipset : What You Need To Know!
- Did AMD Just Spank ASUS For ROG Overheating Fiasco?
- Why ASUS Cannot Blame AMD For Overheating ROG Cards
- ASUS TUF RX 5700 Cards Are Also Overheating, Remember?
Go Back To > Computer | Business | Home
Support Tech ARP!
If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!