Confidential Containers

More and more of the world’s cloud computation is containerized, but these containers are not safe. From web servers to machine learning models, containerization empowers users to build functionality that can be effortlessly moved into the cloud. However, once an application moves from internal bare metal to containerization in the cloud many security guarantees are lost. Just as is the case when an intranet website is moved to the public web, new technology is required to ensure that functionality and data are safe and secure. Our aim with the confidential containers research project is to provide users with strong confidentiality and integrity guarantees for their containers so that, as HTTPS was to HTTP, their computation will be safe and secure in the public cloud.

Smaller Trusted Computing Base (TCB)

At present, all publicly hosted containerized compute requires including the Cloud Service Provider (CSP) in the TCB. This means that the operator can potentially compromise the functionality or data being embodied in those containers. One aim of the project is to reduce the size of the TCB to contain only the customer containers and an open-source OS. Many key workflows (computation over pooled user data, financial calculations) cannot currently be hosted in the public cloud due to regulatory or competitive restrictions. With a smaller TCB, customers with these workflows can reduce overall costs, make use of the high-quality software and hardware provided by public clouds, and obtain greatly increase flexibility for variable usage patterns.

Ease of use

Another key goal of the project is to make it as easy as possible to use confidential containers. While there are options currently for secure computation of this kind, it often requires extensive engineering work to rebuild and retarget existing code. In contrast, our approach allows users to deploy their unmodified containerized workload yet gain the full benefits of confidentiality.