As the pressure on developers continues to escalate, building security for code and data directly in the codebase should no longer be a concern, thanks to advances in confidential computing technology in the public cloud. The problem with encryption is how to distribute the keys, not the algorithms. Previously, most systems still required a secret to obtain keys from the key manager, and this secret is the root of trust. The problem of protecting code and operation secrets was solved by embedding the null secret—the master secret that protects all other secrets—directly into the code. Beyond the work involved in creating such a system of cascading secrets, and the length required to secure a null secret, the overall attempt left a significant single point of vulnerability or failure. If someone gains access to the secret zero, the rest is like a house of cards. Such a scenario is not purely hypothetical. This is exactly what happened in the case of the destructive breakthrough of the Solar Winds.
Secret Defense Zero
One way to protect the secret zero is to make the application code unreadable. Now this is more important than ever. Making this even more difficult, as applications must be designed for mobile and cloud deployment, full scalability, and multi-cloud agility. Achieving this was primarily achieved through obfuscation. But even when the code is obfuscated, a dedicated hacker can still read the code and find the secret zero. Blockchain technologists recognized this vulnerability and turned to Multi-Party Computing (MPC) to narrow the gap by distributing the private key across multiple computers, requiring an attacker to compromise each one at the same time to gain access. Even this approach is considered vulnerable, and organizations are moving MPCs to secure enclaves of confidential computing in public clouds to close the gap.
Confidential computing adds new hardware security capabilities to address these issues. A key is now built into each processor. Instead of embedding the null secret in the code, developers can have the CPU generate a hash of their code and digitally sign it. When the signature is verified, it confirms that the code has not been changed. The key issuance process, based on hardware attestation, allows the key to be used as a token. This approach combines key locking with valuable attestation so that developers essentially get two benefits with the same solution.
Confidential computing becomes practical
To compensate for the previous requirement to create or modify code and processes to run in today’s widely deployed confidential public cloud computing environments, the new technology makes its use transparent so no custom development is required. Some of these technologies can also make deployment fully portable across different sensitive computing environments used by different public cloud infrastructures. Thus, the ability to deploy to multiple clouds exists from the very beginning and does not require additional work. This portability is also extended so that the same code or workload can use secure enclaves in the private cloud and on-premises.
As other technologies such as microservices, libraries, dev centers, APIs, and dispatchers or API gateways help software developers, using confidential computing to secure code helps reduce the workload of developers. These technologies help drive innovation and force developers to focus more on features and functionality than on storage engines. Of course, other forces and requirements add stress and requirements to the developer, so having them to offset some of the pressure is a big advantage.
Fix gaps in encryption
Confidential computing also helps reduce complexity and reduce transaction volume. Nowadays, most organizations rely on encryption to protect data and even code while it is in storage (data at rest) or in transit (data in motion). While these measures are safe, have little to no impact on performance or scale, and are relatively easy to implement, they run into two major problems. First of all, they protect only two of the three states of data and code – at rest and in motion. While not generally discussed extensively, runtime (runtime) data is wide open to fraudulent insiders, third parties, or attackers because the data must be in the clear in order to take action. This breach in encryption has become an increasingly serious problem, and its existence has not escaped the attention of more experienced attackers and hackers. Second, most organizations face a complex and potentially confusing jungle of encryption schemes. Because of this, it is sometimes difficult to understand which encryption mechanism protects which assets. Questions such as key storage and protection and where encryption ends are sometimes difficult, if not impossible, to answer. One old saying about security is that complexity tends to undermine security: if security is too complex, it will be undermined or ineffective.
Confidential computing solves this problem in two ways. First, confidential computing can lock down data and code at runtime so that no unauthorized party has access to what’s in the CPU or memory, even if they have root access to the server. In addition to protecting the secret null and ensuring immutability and attestation, confidential computing can even prevent code viewing. This is especially important for high-value proprietary applications and applications that use high-value artificial intelligence or machine learning algorithms. Second, some related technologies that eliminate the requirement for sensitive computing code and process modifications can also be used to extend run-time encryption to data in transit and at rest. The result includes a single encryption mechanism for all data and code states. This approach frees both development and operations from the need to implement data and code protection.
To learn more: Another Encryption Algorithm Designed to Protect Against Quantum Attacks Fails
New protection is critical for AI, machine learning and MPC
Development requires testing and tuning using real datasets in the growing case of machine learning and artificial intelligence algorithms. Algorithms AI, ML can be protected and kept under the full control of their owner through the use of MPC in a confidential computing environment. Partners or customers can allow developers to test and tweak algorithms on their own data without losing control or without the developers actually seeing the data. Conversely, developers can open up their code to various parties to run and tweak real code without losing control of proprietary algorithms or without other parties being able to view the code.
Confidential computing environments in the public cloud can be a game-changer for development and operations, enabling more innovation and greater application availability. Instead of building security into the development and deployment process to ensure the immutability and protection of proprietary data and code, technologists can rely on the enhanced security of sensitive computing environments. The result can be a better work environment and faster application innovation.
How do you think the use of confidential computing could revolutionize SecDevOps? tell us on the facebook, Twitteras well as LinkedIn.