In other words, a compromised host OS or an angry cloud administrator can no longer access your data nor alter your code’s execution. Your trusted computing base is dramatically reduced to your application and the platform’s underlying hardware CPU, and nothing else. They do this by allowing you to run your workload within a logically isolated hardware-rooted execution environment. ![]() Ubuntu CVMs are here to give you back control over the security guarantees of your VMs. The same could be said for any undue access to your VM and/or its platform by a malicious cloud administrator. Traditionally, any vulnerability within the millions of lines of code in the cloud’s privileged system software (OS, hypervisor, firmware) would systematically compromise the confidentiality and integrity of your running code and data. As such, they bring about a fundamental shift in the traditional threat model of public clouds. Ubuntu CVMs use the latest security extensions of the third generation of AMD CPUs, Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP). Ubuntu 20.04 is the first and only Linux distribution to support Confidential VMs on Azure. On behalf of all Canonical teams, I am happy to announce the general availability of Ubuntu Confidential VMs (CVMs) on Microsoft Azure! They are part of the Microsoft Azure DCasv5/ECasv5 series, and only take a few clicks to enable and use.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |