The 3 levels of confidential computing
It's important to distinguish the different types of confidential-computing solutions. Some solutions only shield parts of your applications, while others make all of your data inaccessible to the infrastructure underneath. For this reason, we dissect the solutions space for confidential computing into three levels:
- Level 1 - Protect keys: Here, confidential computing is used to protect key management systems (KMS) and not actual workloads. This can be an alternative to costly and inflexible legacy hardware security modules (HSMs).
- Level 2 - Protect single apps or containers: Here, confidential computing is used to protect actual workloads. However, apps or containers are only protected individually - for example with CoCo. This approach does not ensure end-to-end protection when combining multiple components for example a web frontend and a database. Crucial aspects like remote attestation between components, key management, and recovery are left unaddressed.
- Level 3 - Protect entire deployments: Here, level 2 solutions are combined with deployment-wide mechanisms for remote attestation, key management, recovery, and others. As a result, the deployment (e.g., an entire Kubernetes cluster) is protected as a whole. Edgeless Systems focuses on Level 3 solutions, like Constellation, the Kubernetes engine that encrypts the whole cluster so that is shielded from the underlying cloud infrastructure.
The main takeaway here is that different confidential-computing solutions serve separate purposes. A solution that is designed to protect your keys (level 1) will not protect data at runtime. A solution that is designed to protect single containers, nodes, or apps (level 2) will not secure your data end-to-end in a setting where multiple of those are combined. For this, a level 3 solution is required.