In a recent blog post, Google announced Confidential VMs, a new type of virtual machine that makes use of the company’s work around confidential computing to ensure that data isn’t just encrypted at rest but also while it is in memory.
Until recently, Google offered encryption at rest and in transit, like many other cloud providers - meaning data needs to be decrypted before it can be processed. Now with Confidential VMs, customers can encrypt data while it is being processed inside a virtual machine. The Confidential VMs are an evolution of Google’s Shielded VMs offering introduced in 2018, which allowed users to strip out most of the potentially vulnerable startup processes that trigger when attempting to create a new environment. Moreover, Confidential VMs hardens security further when processing sensitive data through second-generation Epyc processors from AMD, which generate and manage encryption keys that stay on the chips. In this way, customer VMs remain inaccessible for Google Cloud Services during decryption of data for processing.
Ryan Hurst, Google product manager, Public Trust services, stated in a tweet thread:
I am pretty excited about the Confidential VM work being done in GCP. It will enable so many interesting use cases, one simple use case I like is confidential document conversion and OCR. This combined with e2e document encryption will enable sensitive documents to be handled in the cloud without the cloud provider necessarily having direct access to the documents and associated data.
Furthermore, Google worked closely with AMD to ensure that VMs memory encryption does not interfere with workload performance. In the announcement blog post, Raghu Nambiar, corporate vice president, Data Center Ecosystem, AMD, even states that the performance of Confidential VMs shows similar levels of high performance, for various workloads, as the standard N2D VMs.
Next to hardware-based inline memory encryption, Google built Confidential VMs on top of Shielded VMs to harden the OS image of the customer and verify the integrity of the firmware, kernel binaries, and drivers. Currently, Google offers images such as Ubuntu v18.04, Ubuntu 20.04, Container Optimized OS (COS v81), and RHEL 8.2 – and are working with CentOS, Debian, and other distributors to offer additional confidential OS images. Furthermore, customers already running workloads in a VM on Google Cloud Platform will be able to shift these over to a Confidential VM using a checkbox.
Confidential VMs is the first product in Google Cloud’s Confidential Computing portfolio. Other prominent cloud vendors such as Microsoft and Amazon already initiated their confidential computing approaches. Earlier this year, Microsoft released the DCsv2-series VMs as a part of Azure confidential computing offering into general availability. And, Amazon introduced Nitro Enclaves last year during re:Invent 2019, which are now available as a preview. Furthermore, both Google and Microsoft are members of the Confidential Computing Consortium, who are committed to collaborating with the industry to deliver a more secure computing infrastructure.
Constellation Research Inc. analyst Holger Mueller told InfoQ:
Protection of intellectual capital through privacy tools is critical for enterprises in a knowledge economy. Confidential computing is one of those strategies. CxOs as always needs to weigh in benefits vs cost considerations. The challenge is to be able to operate a hybrid security infrastructure seamlessly for the integrated enterprise.
Confidential VMs are now available in beta, and pricing is based on usage of the machine types, persistent disks, and other resources that customers select for their virtual machines. More details on pricing for VMs are available on the pricing page.