AMD announced it has published the source code for AMD Secure Encrypted Virtualization (SEV) technology, the backbone of AMD EPYC processor-based confidential computing virtual machines (VMs) available from cloud service providers including Amazon Web Services (AWS), Google Cloud, Microsoft Azure and Oracle Compute Infrastructure (OCI).
CIO INFLUENCE: CIO Influence Interview with Russ Ernst, Chief Technology Officer at Blancco
This release from AMD will drive greater transparency for the security industry and provide customers the opportunity to thoroughly review the technology behind confidential computing VMs powered by AMD EPYC processors.
“As a leader in confidential computing, we are committed to a relentless pursuit of innovation and creating modern security features that complement our ecosystem partners’ most advanced cloud offerings,” said Mark Papermaster, executive vice president and chief technology officer, AMD. “By sharing the underpinnings of our SEV technology, we are delivering transparency for confidential computing and demonstrating our dedication to open source. Involving the open-source community will further strengthen this critical technology for our partners and customers who expect nothing less than the utmost protection for their most valuable asset – their data.”
“At Google Cloud, we are mission-focused on helping customers protect their data throughout its entire lifecycle,” said Jeff Reed, VP, Cloud Security, Google Cloud. “As the first cloud service provider to support AMD’s encryption in use capability, this release represents another significant milestone in our long-standing collaboration to enable transparent, robust, confidentiality of data in process at Google Cloud.”
“We applaud AMD’s decision to make portions of their security firmware available for public inspection. This is totally in line with Azure confidential computing’s philosophy of embracing open source and open sourcing our own code where practical.” Mark Russinovich, Azure CTO and Technical Fellow, Microsoft.
Expanding Capabilities of Cloud Service Providers with AMD Processors
AMD EPYC processors offer world-class performance and modern security features to guard data at rest, in motion and in use. The processors are at the heart of a growing portfolio of confidential computing-enabled VMs from major cloud service providers; giving customers the assurance they need to move the sensitive workloads into the cloud. Using the AMD EPYC processors and the AMD Infinity Guard suite of security features, AMD continues to be a leading technology partner of choice for confidential computing including:
- AWS supporting AMD EPYC powered confidential computing with SEV-SNP in the EC2 M6a, C6a and R6a instances.
- Google Cloud supports Confidential Computing with AMD EPYC processors in numerous ways. This includes Confidential Spaces for privacy-focused use cases such as joint data analysis and machine learning model training; General Availability of Confidential VMs and Confidential GKE as IAAS services, and confidential Dataflow and Confidential Dataflow based Analytics solutions.
- Microsoft Azure using AMD EPYC processors to power multiple confidential computing services, including confidential virtual machines, confidential Azure Container instances, confidential VM node pools for Azure Kubernetes Service, Confidential VMs for SQL on Azure VMs, confidential VM cluster nodes for both Azure Databricks and Azure Data Explorer, and confidential VMs for Windows 11 Azure Virtual Desktop. These services are designed to offer hardware-based trusted execution environments leveraging AMD SEV-SNP, which hardens guest protections, helping to guard against external threats operator access.
- Oracle Compute Infrastructure (OCI) provides its customers a high assurance of data control as customers transition their workloads to the cloud while delivering the modern security features and impressive performance of the EPYC CPU-powered of the OCI E3 and E4-based Confidential VMs.
CIO INFLUENCE: CIO Influence Interview with Lior Yaari, CEO and Co-Founder at Grip Security
Customers Advancing Security in the Public Cloud
Customers, including AstraZeneca and MonetaGo, are demonstrating robust adoption of AMD SEV technology to encrypt full system memory and individual VM memory to expand their offerings for customers. The modern data center requires workload optimization and the AMD EPYC processor portfolio provides an all-in feature set, with modern security features, to power the optimized compute infrastructure for workloads that demand the highest level of confidentiality.
CIO INFLUENCE: CIO Influence Interview with Bill Lobig, VP of Product Management at IBM Automation
[To share your insights with us, please write to sghosh@martechseries.com]