Support Encrypted Workloads

[alexlovelltroy]

Encrypted Workloads and Confidential Computing

As hardware advances, commodity processors are adding more effective support for per-workload memory encryption. This protection ensures that even if a workload snoops on the memory of another process, they will be unable to exfiltrate data without access to the appropriate key, which is held securely within the processor. This technology and many other innovations underpin “confidential computing.”

Security Assertions

In HPC, we often need to assert the level of protection available for a workload. At this point, we can assert that a small number of sysadmins with root access to a server have sufficient access to exfiltrate data. However, the technology exists to build a chain of trust that starts before the system boots and is carried through secure kernel boot and available to deliver fully encrypted workloads, even protecting data access from the root user.

Building trust from the root to the job

To achieve this objective, OpenCHAMI will need infrastructure for TPM enrollment and certificate-based authentication for all aspects of trusted boot. OpenCHAMI will also need to provide secure APIs to allow workload managers like SLURM to take advantage of the trust chain and fully verify it.

References

• Ansible-based TPM Manager
• [RFD] TPM Enrollment and secure secret delivery #40
• [RFD] Secure Boot #37
• https://github.com/google/go-attestation
• https://deeplineage.io
• https://spiffe.io/