Monday, March 1, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Google’s Confidential VMs may change the public cloud market

July 15, 2020
in Internet Security
Google’s Confidential VMs may change the public cloud market
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

At Google Cloud’s virtual Cloud Next ’20 event, Google announced its newest cloud security program: Confidential VMs (virtual machines). The idea is simple: As we put more and more of our work and data on the cloud, we need data not just to be encrypted at-rest and in-transit but to be encrypted in memory while being processed. The results in the public cloud market may be profound. 

Encrypting data in and out of memory, as you might imagine, takes a lot of CPU power. Without sufficient processing power, encrypting and decrypting data in and out of memory would be prohibitively slow. To pull this off, Confidential VMs rely on second-generation AMD EPYC processors. 

You might also like

These four new hacking groups are targeting critical infrastructure, warns security company

Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

These chips were designed to be fast enough to loosen Intel’s heretofore iron grip on data center processors. AMD has pulled this off. In addition to being the foundation of Google’s secure Confidential VMs, Oracle’s new Cloud E3 platform and AWS’s Elastic Compute Cloud (EC2) C5a instances are both on top of the second-generation AMD EPYC CPUs. 

Google’s Confidential VMs use the AMD EPYC secure encrypted virtualization (SEV) to keep VM memory encryption while still delivering good performance. It locks down the memory with a dedicated per-VM instance key. This key is generated and managed by the EPYC processor. These keys, in turn, are generated by the AMD Secure Processor during VM creation and reside solely within it. This means neither Google nor any other VMs running on the host can read your data. 

Must read:

For this security, though, you do pay a performance penalty. How much of a hit, depends on your application. According to AMD benchmarks on Confidential VMs, you can expect to see slowdowns of between 1% and 6%. For example, the NGINX web server and load-balancer are slower by 1% to 4%, while the MySQL DBMS applications can expect to see less than a 5% performance slowdown. Google and the AMD Cloud Solution engineering team are working together to speed up workload performance. 

Raghu Nambiar, AMD’s corporate vice president for Data Center Ecosystem, said: “For the new Google Compute Engine Confidential VMs in the N2D series, we worked with Google to help customers both secure their data and achieve performance of their workloads. We’re thrilled to see the Confidential VMs demonstrate similar levels of high performance, for various workloads, as the standard N2D VMs.”

Besides tuning the interaction between Confidential VMs and the EYPC processors, the Google Cloud developers have added support for improved open-source storage and network traffic drivers: nvme and Google Virtual NIC (gVNIC). These help overall VM performance by offering higher throughput than older protocols.

Confidential VMs are built on top of Google’s Shielded VMs. These are hardened by security controls to help defend against rootkits and bootkits. This is done by hardening your operating system image and verifying your firmware, kernel binaries, and drivers’ integrity. Google-offered Shield VM images include Ubuntu v18.04, Ubuntu 20.04, Google’s own Linux/Chrome OS distro Container Optimized OS (COS v81), and Red Hat Enterprise Linux (RHEL) 8.2. Google is working with CentOS, Debian, and other Linux distributors to offer additional confidential OS images.

These secured VMs are built on the open-source, confidential computing Asylo framework. This Google project works with emerging trusted execution environments (TEEs) to lock down systems. Asylo provides:

  • The ability to execute trusted workloads in an untrusted environment, inheriting the confidentiality and integrity guarantees from the security backend, i.e., the underlying enclave technology.
  • Ready-to-use containers, an open-source API, libraries, and tools so you can develop and run applications that use one or more enclaves.
  • A choice of security backends.
  • Portability of your application’s source code across security backends.

All these technical security details are hidden. Google claims its goal is to: “Make Confidential Computing easy. The transition to Confidential VMs is seamless — all GCP workloads you run in VMs today can run as a Confidential VM. One checkbox — it’s that simple.”

While still a beta, Confidential VMs look very promising. Google is right when it states it’s the “first major cloud provider to offer this level of security and isolation while giving customers a simple, easy-to-use option for newly built as well as ‘lift and shift’ applications.”

Besides simply securing your data for yourself, it can also enable you to share confidential data sets and collaborate on research in the cloud while preserving confidentiality. Confidential VMs can also be useful for organizations that need to preserve privacy for HIPPA. CCPA, and GDPR, and other regulatory requirements.  

When it comes to public clouds, there’s seldom a single feature that makes one cloud stand above the others. Google Cloud with Confidential VMs has found such a standout feature.

Credit: Zdnet

Previous Post

Machine Learning in Communication Market

Next Post

Machine Learning Market 2020 – Driving Factors of Key Players, Emerging Technologies, Sales Revenue, Global Size, Share, and Forecast to 2024

Related Posts

These four new hacking groups are targeting critical infrastructure, warns security company
Internet Security

These four new hacking groups are targeting critical infrastructure, warns security company

February 28, 2021
Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill
Internet Security

Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill

February 28, 2021
TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit
Internet Security

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

February 28, 2021
Cybercrime groups are selling their hacking skills. Some countries are buying
Internet Security

Cybercrime groups are selling their hacking skills. Some countries are buying

February 28, 2021
Why would you ever trust Amazon’s Alexa after this?
Internet Security

Why would you ever trust Amazon’s Alexa after this?

February 28, 2021
Next Post
Global Big Data & Machine Learning in Telecom Market 2020 – Regional Analysis Covers Global Market Insights by Size & Share, Price, Revenue Forecast to 2026

Machine Learning Market 2020 – Driving Factors of Key Players, Emerging Technologies, Sales Revenue, Global Size, Share, and Forecast to 2024

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

AI And Automation In HR: The Changing Scenario Of The Business
Data Science

AI And Automation In HR: The Changing Scenario Of The Business

February 28, 2021
Machine learning could aid mental health diagnoses: Study
Machine Learning

Machine learning could aid mental health diagnoses: Study

February 28, 2021
Python vs R! Which one should you choose for data Science
Data Science

Python vs R! Which one should you choose for data Science

February 28, 2021
Can Java be used for machine learning and data science?
Machine Learning

Can Java be used for machine learning and data science?

February 28, 2021
These four new hacking groups are targeting critical infrastructure, warns security company
Internet Security

These four new hacking groups are targeting critical infrastructure, warns security company

February 28, 2021
The Time-Series Ecosystem – Data Science Central
Data Science

The Time-Series Ecosystem – Data Science Central

February 28, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • AI And Automation In HR: The Changing Scenario Of The Business February 28, 2021
  • Machine learning could aid mental health diagnoses: Study February 28, 2021
  • Python vs R! Which one should you choose for data Science February 28, 2021
  • Can Java be used for machine learning and data science? February 28, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates