Skip to main content

39 posts tagged with "Event"

View All Tags

Nick Vidal

Title: WebAssembly + Confidential Computing
Author: Nick Vidal
Date: Saturday, February 5, 2022, 10:55 AM - 11:20 AM

The Enarx project reached a huge milestone: its first official release, featuring WebAssembly runtime. WebAssembly and Confidential Computing are a great match because WebAssembly offers developers a wide range of language choices, it works across silicon architectures, and it provides a sandboxed environment. This presentation will highlight the benefits of WebAssembly to Confidential Computing and showcase some demos.

Full Abstract

After 3 years since its inception, the Enarx project finally had its first official release, bringing WebAssembly to Confidential Computing.

Enarx is a deployment framework for running applications in TEE instances – which we refer to as “Keeps” – without the need to trust lots of dependencies, without the need to rewrite the application, and without the need to implement attestation separately.

The WebAssembly runtime, based on wasmtime, offers developers a wide range of language choices for implementation, including Rust, C, and C++. It is designed to work across silicon architectures transparently to the user so that the application can run equally simple on Intel platforms (SGX or the recently-announced TDX), AMD platforms (SEV) or forthcoming platforms such as Arms’ Realms and IBM’s PEF - all without having to recompile the application code. WebAssembly's sandbox model offers an extra layer of protection, isolating the application from the host.

Source: FOSDEM 2022

Link: https://fosdem.org/2022/schedule/track/hardware_aided_trusted_computing/

Mike Bursell

Title: Dr CloudLove, or how I learned to trust my CSP (not)
Author: Mike Bursell
Date: Tuesday, December 7, 2021, 11:00 AM - 11:45 AM

The Cloud is just somebody else’s computer. So when you run a workload on a cloud host, anyone who owns (or pwns) that system can look into it or change the data or event the application itself. You have no confidentiality or integrity protection from your Cloud Service Provider, rogue sysadmins or just anyone who compromises their machines. Confidential computing uses hardware-based trusted execution environment (e.g. Intel SGX, AMD SEV or Arm 9 Realms) to provide these protections, but it’s difficult to use and complex to understand.

This session will introduce the problem at a technical level, explain some of the solutions, and discuss why confidential computing is on its way – but not an easy fix (yet). Come and be amused, horrified, and excited; all in one presentation.

Source: SecurityWeekly Unlocked 2021

Link: https://events.securityweekly.com/unlocked2021

The Confidential Computing Consortium launched under the Linux Foundation umbrella two years ago. It continues to grow and thrive. This panel looks at why various partners joined and continue to join, the deal for partners, the challenges of managing a non-profit, and the importance of establishing culture early. It tackles it from multiple perspectives (start-ups and well established public companies, and levels of membership). The panel participants have broad experience across a number of non-profit organizations in the broad open source community. The group also represents a diversity of perspectives of the workings of the committees of the Consortium.

Source: Open Source Summit 2021

Link: https://osselc21.sched.com/event/lAUA/panel-discussion-evolving-the-confidential-computing-consortium-non-profit-collaboration-for-growth-stephen-walli-aeva-black-microsoft-mike-bursell-congruus?iframe=no

Mike Bursell

In the "arms race" of security, new defensive tactics are always needed. One significant approach is Confidential Computing: a technology that can isolate data and execution in a secure space on a system, which takes the concept of security to new levels. This SNIA Cloud Storage Technologies Initiative (CSTI) webcast provides an introduction and explanation of Confidential Computing and features a panel of industry architects responsible for defining Confidential Compute

Source: SNIA

Link: https://www.youtube.com/watch?v=HnLfKUI0_Y4

Mike Bursell
Nathaniel McCallum

How fully can organizations trust the host on which they run their applications? Not just the software stack, but the sysadmins, BIOS, firmware, and the rest? Project Enarx uses TEEs to allow companies to run sensitive applications on fundamentally untrusted hosts, with a minimum trusted compute base. Learn how Enarx combines TEEs, Rust, and WebAssembly to protect workloads.

Source: RSA Conference 2021

Link: https://www.youtube.com/watch?v=ajYWSAwIyPs

Mike Bursell
Nathaniel McCallum

If you’re designing a project where security is uppermost, but you want to make it easy to use and compatible with multiple platforms (existing and future), what principles should you follow, and how do they translate into an architecture and actual code. We’ll present the 10 security design principles of the Enarx project, and discuss why they led us to where we are today: a Rust-based open source project with a WebAssembly run-time.

Source: FOSDEM 2021

Link: https://fosdem.org/2021/schedule/event/tee_enarx/

Mike Bursell
Nathaniel McCallum

As the requirement for confidential computing increases, there is a need for portability of workloads between clouds, the Edge and beyond.Enter Enarx.  Coded in Rust from the ground up to provide confidential computing and portability. Enarx is a platform built to operate across hardware platforms and run any code compiled in WebAssembly. Enarx is a completely open source project, working across hardware solutions and welcoming contributors up and down the stack.  Find out about where we are now, what you might be able to help with next, and learn how it might fit in your deployment plans.

Source: Confidential Computing Consortium

Link: https://confidentialcomputing.io/webinar-enarx/

Mike Bursell
Nathaniel McCallum

Deploying applications to the Cloud (or IoT, or the Edge) is all very well ... until you start running sensitive workloads. Can you trust the OS? The hypervisor? The stack? The cloud provider? The host owner? We all know that the answer to all of these is not always "yes": Enarx is a project using the hardware-based secuirty of TEEs (Trusted Execution Environments), to reduce the number of components and parties you need to trust. Find out how it works, why it uses WebAssembly for your runtime, and how to contribute.

Source: DevConf 2020

Link: https://www.youtube.com/watch?v=y_eDNTIkBBE