| copyright | lastupdated | keywords | subcollection | ||
|---|---|---|---|---|---|
|
2025-01-14 |
sgx, intel sgx, software guard extension, confidential computing, trusted execution environment, TEE, data protection |
vpc |
{{site.data.keyword.attribute-definition-list}}
{: #about-sgx-vpc}
[Select availability]{: tag-green}
Confidential computing is a new technology that offers technical assurances that customer workloads and data are confidential and protected from everyone including the Cloud Service Provider(CSP). {: shortdesc}
Confidential computing with Intel SGX for VPC is available only in the Dallas (us-south) and Frankfurt (eu-de) regions. Confidential computing with Intel TDX for VPC is available for select customers. Contact IBM Sales if you are interested in being allowlisted and using this offering. Confidential computing with Intel TDX for VPC is available only in the Washington DC (us-east) region. Confidential computing is only available with select profiles. For more information, see SGX-compatible profiles. {: preview}
{: #confidential-computing-vpc-tdx}
Confidential computing with Intel Trust Domain Extensions(TDX) offers confidentiality to virtual machines by providing CPU enhancements that are leveraged by the firmware and hardware to provide confidentiality and integrity. Everything within these virtual machine is confidential and can't be eavesdropped. Also, everything within these virtual machine is integrity protected and can't be tampered. For more information about TDX, see Intel Trust Domain Extensions{: external}.
{: #confidential-computing-vpc-sgx}
Confidential computing with Intel® Software Guard Extensions (SGX) protects your data through hardware-based server security by using isolated memory regions that are known as encrypted enclaves. This hardware-based computation helps protect your data from disclosure or modification. Which means that your sensitive data is encrypted while it is in virtual server instance memory by allowing applications to run in private memory space. To use SGX, you must install the platform software on SGX-capable worker nodes. Then, design your app to run in an SGX environment. While your sensitive data is inside an encrypted enclave, your data is split into trusted and untrusted parts. While the trusted parts are used in the encrypted enclave, the CPU denies all other access to the enclave regardless of access privileges. The data is guarded from internal and external threats and can't be stolen or sabottaged.
When you use confidential computing with SGX, your data is protected through the entire compute lifecycle. Which means that your data is accessible only to authorized code and is invisible to anyone or anything else, including the operating system and {{site.data.keyword.cloud}}.
{: #tee-sgx-vpc}
Both SGX and TDX use a trusted execution environment (TEE). TEE is a secure area of the main processor that provides a higher level of data security for trusted data and applications.
A TEE sets up an isolated, secure area of the main processor on a device that is dedicated to processing and storing sensitive data. The secure environment is protected from unauthorized access - even if the system software is compromised.
So, all Intel SGXs and TDxs are TEEs, but not all TEEs are Intel SGXs or TDXs.
{: #attestation-sgx-vpc}
When you develop a confidential computing SGX application, you must design it so you can segment the information that needs confidentiality. At run time, the segmented information is kept in encrypted enclaves. The confidential information is loaded into the encrypted enclaves, only after the encrypted enclaves proves its authenticity through a process called attestation. For more information about attestation with Intel SGX and TDX, see Attestation with Intel SGX or TDX and Data Center Attestation Primitives (DCAP).
{: #scenarios-sgx-vpc}
The following are some of the use cases for confidential computing with SGX and TDX.
-
Confidentiality and Privacy of Workloads and Applications within a Confidential Computing environment make sure that data privacy and security applications are always protected.
-
Confidential AI and Analytics enable data and business analytics applications, machine learning models, and applications within secure enclaves. Includes SMPC applications that also help gain data insights.
-
Secure Multi-party Compute enables distributed SMPC that helps make sure that participant data and insights are protected even when calculated outside their direct control.
-
Digital Assets is the trusted platform for digital custody solutions, for storing and transferring high-value digital assets in highly secure wallets, reliable at scale.
{: #compatible-profiles-confidential-computing-vpc-sgx}
The following profiles support SGX.
- All Balanced bx3dc profiles
- All Compute cx3dc profiles
The following profiles support TDX.
- All Balanced bx3dc profiles with less than 160GB memory
- All Compute cx3dc profiles with less than 160GB memory
For these Gen3 profiles, secure-boot is enabled by default and can't be disabled.
SGX and TDX profiles might experience slightly longer start times, approximately in the range of 180-240 seconds, depending on profile memory size. {: note}
For more information about profiles, see x86-64 instance profiles.
{: #limitations-confidential-computing-vpc-sgx}
Keep the following limitations in mind if you want to use SGX or TDX.
-
Available on only third-generation Sapphire Rapids-based virtual servers.
-
SGX doesn't protect against side-channel attacks.
-
Only the following images support SGX and TDX. Keep in mind that images with kernel versions 5.11 and earlier don't support SGX and images with kernel version 6.5 and earlier don't support TDX.
- SGX
- Red Hat 8.6, 8.8, 9.0, 9.2
- Ubuntu 20.04, 22.04
- CentOS Stream 8, 9
- Rocky Linux 8.8, 9.2
- SLES 15 SP4, SP5
- TDX
- Ubuntu 24.04
- Red Hat 9.4
- CentOS Stream 9
- Rocky Linux 9.2, 9.4
- SLES 15.6
- SGX
-
TDX limitations
- When you reboot a TDX-enabled virtual server, the virtual server shuts down. The virtual server must be restarted by using the UI or CLI.
- Avoid rebooting the TDX-enabled virtual server from the UI or CLI because it might cause the virtual server to continually reboot. Instead, stop and then restart the virtual server.
- If the virtual server is continuously rebooting, force a stop of the virtual server and then start it.
- Except for Ubuntu 24.04, all TDX-supported images enter a stop state the first time you create a virtual server. In this case, restart the virtual server.
- Quotes generation is only supported by using the Linux virtual socket (vsock) interface.