Today, Google and AMD announced a new partnership, delivering beta availability of Confidential Virtual Machines for the Google Compute Engine platform. This platform is powered by 2nd Gen AMD EPYC processors, taking advantage of the CPU's advanced security features.
Confidential VMs is the first product of Google Confidential Computing portfolio. Unlike most VMs, Confidential VMs allow customers to encrypt data that is being used. Confidential VMs will be based on the N2D family of Google Compute Engine VMs, offering “high performance processing for the most demanding computational tasks” while allowing customers to encrypt any kind of data that is being processed in the cloud.
Vint Cerf, vice president at Google, says that “the future of cloud computing will increasingly shift to private, encrypted services” where confidentiality is controlled by the users. Additionally, Vint also stated that “by using advanced security technology in the AMD EPYC processors, we’ve created a breakthrough technology that allows customers to encrypt their data in the cloud while it’s being processed and unlock computing scenarios that had previously not been possible.”
Besides offering real encryption-in-use and N2d-based high-performance VMs, Confidential VMs also provide Secure Encrypted Virtualisation (SEV), which encrypts VM memory with a dedicated VM key generated by the security processor, and “Lift and shift Confidentiality”, allowing customers to transition to Confidential VMs without making changes to their applications.
Some scenarios that can be created through Confidential VMs include multi-party computation, where multiple organisations share their data with each other while keeping its confidentiality.
Google's Confidential VMs are available in the following GCP regions – asia-southeast1, europe-west1, europe-west4, us-central1 – and also in Google Compute Engine beta.
Discuss on our Facebook page, HERE.
KitGuru says: Have you ever used Google Cloud Platform services? How would you use Confidential VMs for your workloads?