What are Confidential Containers?
Confidential Containers (CoCo) is a new sandbox project of the Cloud Native Computing Foundation (CNCF) that enables cloud-native confidential computing by taking advantage of a variety of hardware platforms and technologies. The project brings together software and hardware companies including Alibaba-cloud, AMD, ARM, IBM, Intel, Microsoft, Red Hat, Rivos and others.
The CoCo project builds on existing and emerging hardware security technologies such as Intel SGX, Intel TDX, AMD SEV and IBM Z Secure Execution, in combination with new software frameworks to help better secure user data in use. This will establish a new level of confidentiality, which does not rely on trust in the cloud providers and their employees, but on hardware-level cryptography. CoCo will support multiple environments including public clouds, on-premise and edge computing.
The goal of the CoCo project is to standardize confidential computing at the container level and simplify its consumption in Kubernetes. This is in order to enable Kubernetes users to deploy confidential container workloads using familiar workflows and tools without extensive knowledge of underlying confidential computing technologies.
Exploring the OpenShift confidential containers solution
September 1, 2024 - Ariel Adam, Pradipta Banerjee, Jens Freimann
Red Hat OpenShift sandboxed containers, built on Kata Containers, now provide the additional capability to run confidential containers (CoCo). Confidential Containers are containers deployed within an isolated hardware enclave protecting data and code from privileged users such as cloud or cluster administrators.…Read full post
Use cases and ecosystem for OpenShift confidential containers
September 8, 2024 - Ariel Adam, Pradipta Banerjee, Jens Freimann, Emanuele Giuseppe Esposito
Red Hat OpenShift sandboxed containers, built on Kata Containers, provide the additional capability to run confidential containers (CoCo). This article continues our previous one, Exploring the OpenShift confidential containers solution and looks at different CoCo use cases and the ecosystem around the confidential compute attestation operator..…Read full post
Deployment considerations for Red Hat OpenShift Confidential Containers solution
September 15, 2024 - David Hadas, Pradipta Banerjee, Jens Freimann, Ariel Adam
In our previous articles, we introduced the Red Hat OpenShift confidential containers (CoCo) solution and relevant use cases. We demonstrated how components of the CoCo solution, spread across trusted and untrusted environments, including confidential virtual machine (CVM), guest components, TEEs, Confidential compute attestation operator, Trustee agents, and more, work together as part of the solution. In this article, we take you a step further to discuss key deployment considerations for the Red Hat OpenShift CoCo solution and its components.…Read full post
Confidential Containers for Financial Services on Public Cloud
March 8, 2024 - Axel Sass, Malini Bhandaru, Eric Adams, Jens Freimann, Emanuele Giuseppe Esposito, Ariel Adam, Benny Fuhry, Magnus Kulke, Suraj Deshmukh
Public clouds provide geo resilience in addition to being cost-effective when compared to on-premise deployments. Regulated industries such as the Financial Services Industry (FSI) traditionally have been unable to take advantage of public clouds since FSI is highly regulated from a security and resiliency standpoint...Read full post
Introducing Confidential Containers Trustee: Attestation Services Solution Overview and Use Cases
April 4, 2024 - Ariel Adam, Pradipta Banerjee
We begin by introducing the RATS model and its components. After that, we discuss the Trustee project, its various components, and how they relate to the RATS model. Finally, we present a few use cases that demonstrate the usage of the CoCo Trustee and guest-components project....Read full post.
What is the Confidential Containers project?
October 7, 2022 - Pradipta Banerjee, Christophe de Dinechin, Ariel Adam, Jochen Schroder, Martin Tessun
Understanding the Confidential Containers Attestation Flow
December 2, 2022 - Pradipta Banerjee, Samuel Ortiz
How to use Confidential Containers without confidential hardware
March 6, 2023 - Wainer dos Santos Moschetta, Steve Horsman
Deploying confidential containers on the public cloud
April 14, 2023 - Jens Freimann, Suraj Deshmukh, Amar Gowda, Ariel Adam, Pradipta Banerjee
Confidential Containers on Azure with OpenShift: A technical deep dive
May 22, 2023 - Magnus Kulke, Pradipta Banerjee, Suraj Deshmukh, Jens Freimann
Confidential containers on Azure with OpenShift: setup guide
June 8, 2023 - Pradipta Banerjee, Snir Sheriber, Suraj Deshmukh, Jens Freimann, Magnus Kulke
Confidential containers with AMD SEV
June 19, 2023 - Wainer dos Santos Moschetta, Ryan Savino
Protecting your intellectual property and AI models using Confidential Containers
October 26, 2023 - Ariel Adam, Tanay Baswa, Pradipta Banerjee, Suraj Deshmukh, Jens Freimann, Magnus Kulke, Prashanth Harshangi
Confidential containers for enhancing AI workload security in the public cloud
November 3, 2023 - Ariel Adam, Malini Bhandaru, Pradipta Banerjee, Eric Adams, Fabiano Fidêncio, Suraj Deshmukh, Sean Pryor
Retrieving secrets from a confidential container with the Trustee operator
This demo shows how a confidential container created with the Openshift Sandboxed Containers Operator can retrieve secrets from the Trustee operator by performing remote attestation.)
Confidential Containers with OpenShift on Azure
This demo shows a spark workload deployed as confidential containers using the OpenShift sandboxed containers peer-pods approach. The confidential containers are using Azure Confidential Virtual Machine (CVM)
Securing AI Models with Intel TDX-based Containers on Red Hat OpenShift for Azure
This video demonstrates decrypting a sample LLM and running the inference using OpenShift AI inside an Intel TDX Trusted Execution Environment with OpenShift confidential containers on Azure
Red Hat OpenShift confidential containers environment on Azure
Overview of components constituting a confidential containers solution on OpenShift
Red Hat OpenShift confidential containers key retrieval demo
Key retrieval by a "hello-world" application deployed as confidential containers on Openshift in Azure
Deploying a confidential container having an encrypted container image
Deploying a confidential container having encrypted container image on Openshift. Shows image decryption key retrieval from the Key Broker Service, after successful verification of the claims sent by the trusted execution environment.
Confidential Containers for financial services on public cloud
Demonstrates usage of Red Hat OpenShift confidential containers with Intel TDX to protect financial services workload in public cloud.
A blog series on various forms of attestation for Confidential Computing use cases.
A blog series on Confidential Virtual Machines (CVMs) which are a set of hardware and software technologies providing additional measures for the confidentiality of the data processed within the VMs.
Sull'autore
Altri risultati simili a questo
Ricerca per canale
Automazione
Novità sull'automazione IT di tecnologie, team e ambienti
Intelligenza artificiale
Aggiornamenti sulle piattaforme che consentono alle aziende di eseguire carichi di lavoro IA ovunque
Hybrid cloud open source
Scopri come affrontare il futuro in modo più agile grazie al cloud ibrido
Sicurezza
Le ultime novità sulle nostre soluzioni per ridurre i rischi nelle tecnologie e negli ambienti
Edge computing
Aggiornamenti sulle piattaforme che semplificano l'operatività edge
Infrastruttura
Le ultime novità sulla piattaforma Linux aziendale leader a livello mondiale
Applicazioni
Approfondimenti sulle nostre soluzioni alle sfide applicative più difficili
Serie originali
Raccontiamo le interessanti storie di leader e creatori di tecnologie pensate per le aziende
Prodotti
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Servizi cloud
- Scopri tutti i prodotti
Strumenti
- Formazione e certificazioni
- Il mio account
- Supporto clienti
- Risorse per sviluppatori
- Trova un partner
- Red Hat Ecosystem Catalog
- Calcola il valore delle soluzioni Red Hat
- Documentazione
Prova, acquista, vendi
Comunica
- Contatta l'ufficio vendite
- Contatta l'assistenza clienti
- Contatta un esperto della formazione
- Social media
Informazioni su Red Hat
Red Hat è leader mondiale nella fornitura di soluzioni open source per le aziende, tra cui Linux, Kubernetes, container e soluzioni cloud. Le nostre soluzioni open source, rese sicure per un uso aziendale, consentono di operare su più piattaforme e ambienti, dal datacenter centrale all'edge della rete.
Seleziona la tua lingua
Red Hat legal and privacy links
- Informazioni su Red Hat
- Opportunità di lavoro
- Eventi
- Sedi
- Contattaci
- Blog di Red Hat
- Diversità, equità e inclusione
- Cool Stuff Store
- Red Hat Summit