WEBVTT 00:00.000 --> 00:10.560 Okay, it's now in the morning, again, we can start, can you please take a seat? 00:10.560 --> 00:15.560 Welcome everybody, first of all, I would like to thank you for being here so early. 00:15.560 --> 00:19.560 Much appreciated, it's Sunday and in the morning everybody's probably tired and hungover 00:19.560 --> 00:22.000 but you made it. 00:22.000 --> 00:25.840 Welcome to our nevroom, this is the Confidational Computing Devroom, as you probably 00:25.920 --> 00:30.480 know already and before we start, I would like to give you a quick introduction of 00:30.480 --> 00:35.520 the schedule and Confidational Computing in general and our people of the organizer itself. 00:35.520 --> 00:41.920 So I am Ilaria, as you probably figured out and we also have two other Devroom manager 00:41.920 --> 00:47.600 here, one is Paul and then there is your who happens to be probably on the bus right now, 00:47.600 --> 00:52.960 so he will make it here very, very soon, hopefully and then there are three more people 00:53.040 --> 00:58.400 who are unfortunately not here because they could make it for personal reasons, but regardless, 00:58.400 --> 01:03.440 I would love to give them a very big shoutout in case they watch the recording and so there 01:03.440 --> 01:11.840 would be free since Stefan and Fabiano and moving on, just a very quick introduction of Confidational 01:11.840 --> 01:16.800 Computing because we want to keep this beginner friendly as well, so there are many definitions 01:16.800 --> 01:21.840 of Confidational Computing but here I am going to use the one from the Confidational Computing 01:22.800 --> 01:28.320 which is this organization under the Linux Foundation that brings together vendors, 01:28.320 --> 01:33.120 the cloud providers and software developers to accelerate and standardize the user computer 01:33.120 --> 01:41.280 computing and the third definition is actually the protection of data in use by performing 01:41.280 --> 01:48.000 computation in a hardware base that has the trusted execution environment. So key phrase here is data 01:48.000 --> 01:52.080 in use because we know already how to protect data and rest, we can use encryption or data over 01:52.080 --> 02:00.880 the network with good break, all good, all good, all good. So I was saying if we want to protect 02:00.880 --> 02:05.760 data and rest, the data over the network we can use encryption or TLS, but we also want to protect 02:05.760 --> 02:11.280 data in use because if we are processing the data it is generally encrypted which means that 02:11.280 --> 02:18.960 an admin and server can actually see the data. Confidational Computing is targeting exactly 02:18.960 --> 02:25.120 this gap so it protects data while it is being processed by isolating part of the memory 02:25.120 --> 02:30.480 in a trusted execution environment. This means that memory inside the trusted execution environment 02:30.480 --> 02:37.120 is encrypted and even the US and the hypervisor are not able to access it. Of course this requires 02:37.120 --> 02:42.400 a shift in trust so we don't have to trust the cloud provider but we have to trust the hardware 02:42.400 --> 02:49.680 now. And of course we can also increase this trust by attestation. Now on the left there are 02:49.680 --> 02:54.880 some common properties and on the right here we have context dependent properties. So the common 02:54.880 --> 02:59.840 properties across all the trusted execution environments are confidentiality, integrity, data integrity 02:59.840 --> 03:05.040 in code integrity and then we have some other properties that are not provided by all platforms. 03:05.040 --> 03:11.280 For example, code confidentiality, alternative launches, programmability, attestability and recoverability. 03:12.080 --> 03:16.960 And now to give you a quick overview of the timeline of the technical evolution of Confidational 03:16.960 --> 03:23.120 Computing. It started around 2015 with workload isolations within TLS GX which is one of the 03:23.120 --> 03:29.520 first technologies that was invented and then it shifted towards virtual machine isolation with 03:29.520 --> 03:38.400 SIV, TDX, CCI and so on. And the current phase is actually about accelerators so GPUs, 03:39.280 --> 03:44.880 full system rock solutions and so on and the other a different perspective in the same timeline. 03:44.880 --> 03:50.240 Of course Confidational Computing started as an academic project and then slowly became a 03:50.240 --> 03:56.240 false project. And now of course it's also a matter of adoption. So large scale read world 03:56.240 --> 04:03.440 deployments. Of course this come with new set of technical challenges. But so feasibility is 04:03.440 --> 04:08.160 done already. So now it's also a matter of improving reliability of Confidational Computing 04:08.160 --> 04:14.640 and putting it in infrastructure. Now a quick overview of how the Devram is going to look 04:14.640 --> 04:19.280 like today. So we have a lot of talks. So thank you everybody for submitting and thank you so 04:19.280 --> 04:25.600 much for all our speakers. And our talks are going to encompass both firmware, hypervisor, 04:25.600 --> 04:31.920 technologies, hardware platform and last but not least at the station. And if you want to take 04:31.920 --> 04:37.040 a deeper look on our schedule this is how it's going to look like. I just want to I want to 04:37.040 --> 04:41.760 to notice that there will be a five minutes between breaks so you can come and go and the speaker 04:41.760 --> 04:46.160 can set up. I don't think we will do introductions of the speaker. So if you want to speak just 04:46.160 --> 04:55.360 come with your laptop and put set it up. And yeah we will finish at 1245. Our schedule is kind of tight. 04:55.360 --> 05:00.880 So I ask everybody in this room to keep the if you're speaking please keep it in time and if you 05:00.880 --> 05:07.040 have questions and you don't have time for your questions please go to the hallway and move to the 05:07.040 --> 05:13.600 hallway track. And at the inside of course enjoy the Devram. Thank you again for coming and I will 05:13.600 --> 05:19.600 now give five minutes break and give time to the next speaker to come and present. Thank you.