Understanding a Confidential Computing Solution

If you are following the latest IT trends, you would have come across the mention of “confidential computing”. With the release of product offerings in this space from Intel, AMD, IBM, Microsoft, Google and many others, this promising technology is making way to real users.

In this blog, we’ll look at the constituents of a confidential computing solution that should help you use this technology for your business.

Before delving into the solution aspects, let’s start with the fundamental question of what confidential computing can give you for your business.

What do you get with Confidential Computing?

This key functionality gives you additional confidence to run your sensitive workloads in the public cloud and reap the benefits of the public cloud.

Protections enabled by confidential computing

A Trusted Execution Environment (TEE) is at the heart of a confidential computing solution. TEEs are secure and isolated environments provided by confidential computing (CC) enabled hardware that prevents unauthorised access or modification of applications and data while in use. You’ll also hear the terms “enclaves” or “secure enclaves”. “TEEs” and “enclaves” are used interchangeably.

So to reap the benefits of confidential computing, your application needs to run inside a TEE (secure enclave) for it to be protected.

We need to address two key questions here :

  1. How to run an application inside a TEE?
  2. How to be sure the application is running securely in a TEE?

Let’s take a closer look at these two questions.

How to run an application inside a TEE?

Currently, two variations of the CC software stack exist based on the different TEE types supported by the confidential computing hardware.

Process-based TEEs : In the process-based TEE model, you must modify the application into two components: trusted (secure) and untrusted. The trusted component runs in the TEE and is protected.

Solutions exist today, allowing you to use process-based TEE with limited or no modifications to existing applications. One such solution is Occulum; you can read more about it here.

Intel SGX (Software Guard eXtensions) is an example of a process-based TEE.

VM-based TEEs: There is no need for application modification in this model; consequently, you can get started quickly using your existing applications.

AMD SEV (SEV-ES/SEV-SNP), Intel TDX, IBM Secure Execution, and PEF are examples of VM-based TEEs.

A few years back, the only option was to use process-based TEEs, as the support for VM-based TEEs was not available commercially. However, today you have both the process-based and VM-based TEEs available commercially.

How to be sure the application is running securely in a TEE?

Attestation is how one software environment proves that a specific program is running on particular hardware.

The attestation can be performed by the TEE environment when it loads, and you can get a detailed report. Further, your application running in the TEE can perform attestation, establish a secure channel and retrieve the secrets by using the tooling available for specific TEEs.

Now let’s understand how a confidential computing solution addresses the two key questions we read above.

Conceptual View of a Confidential Computing Solution

Logical view of confidential computing solution

On the infrastructure side, you have the confidential computing hardware, operating system and hypervisor with the necessary support for confidential computing. Then we have the confidential computing software stack to help create and manage the TEEs and provide support for attestation. There is also an attestation service to help with attestation and a key management service to store secrets. There could be various add-on services like confidential container image build, hosting services, etc.

For an overview of different ready-to-use confidential computing offerings, take a look at this article.


  1. Type of TEEs supported (hardware)
  2. Means to run an application inside TEE (CC software stack)
  3. Means to prove that the application is running securely inside a TEE (attestation)
  4. Misc add-ons to serve different use cases (key management services, image build services, image storage services etc..)

And based on your requirements you can choose the vendor(s) providing the required hardware, software and services.

You also might be wondering if there is a possibility of “write once, deploy anywhere” with confidential computing. A promising technology to watch out in this space is Enarx.

Enarx is a framework for running applications in TEE instances — which we refer to as “Keeps”–without the need to trust lots of dependencies, without the need to rewrite the application, and without the need to implement attestation separately.

Please do not hesitate to reach out to me via comments or messages.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store