As part of their data security initiatives, organizations are increasingly turning to Confidential Computing to assist safeguard their sensitive data. Google Cloud is presenting new Confidential Computing features that facilitate the adoption of this crucial privacy-preserving technology by businesses of all sizes.
Private GKE Nodes from the widely accessible general-purpose C3D machine family for GKE Standard mode
Data encryption is enforced by Confidential GKE Nodes for your Google Kubernetes Engine (GKE) workloads and nodes. AMD Secure Encryption Virtualisation (AMD SEV), which encrypts the memory contents of virtual machines (VMs) while they are in operation, is used to build Confidential GKE Nodes on top of Compute Engine Confidential VMs.
Confidential GKE Nodes were formerly limited to two machine types the compute optimized C2D machine series and the general-purpose N2D machine series that were powered by the second and third generation AMD EPYC processors. These days, the more recent and powerful C3D machine series with AMD SEV in GKE Standard mode also typically include Confidential GKE Nodes.
4th Gen AMD EPYC (Genoa) processors power the general-purpose C3D machine line, providing dependable, consistent, and optimum performance. Confidential GKE Nodes are frequently used by customers to allay worries about cloud provider risk, particularly because enabling them doesn’t need any code modifications.
Confidential GKE Nodes on GKE Autopilot mode, generally available
Standard and Autopilot are the two operating modes available for Google Kubernetes Engine (GKE). You control the underlying infrastructure in Standard mode, which includes setting up each node individually. GKE controls the underlying infrastructure in Autopilot mode, including baseline security setups, baseline networking configurations, autoscaling, auto upgrades, and node configuration.
Confidential GKE Nodes were formerly limited to GKE Standard mode. Currently, the general-purpose N2D machine series running AMD Secure Encryption Virtualisation (AMD SEV) may access Confidential GKE Nodes in GKE Autopilot mode. This implies that you no longer need to oversee the underlying infrastructure in order to safeguard your data while it’s being used with Confidential GKE Nodes.
Without modifying the code, new GKE Autopilot clusters can have Confidential GKE Nodes enabled. When creating a new cluster, just include the command –enable-confidential-nodes. This new option is accessible in all locations that offer the N2D machine series, and additional cost does apply.
Confidential Space with Intel TDX-based Confidential VMs, in preview
Multiple parties can safely work together on calculations utilising their combined data in Confidential Space without disclosing their separate datasets to one another or the operator who facilitates the cooperation. Data isolation within a Trusted Execution Environment (TEE) is how this is accomplished.
These features, which enable the private and compliant usage of sensitive data in a variety of businesses, including financial services and Web3, are becoming more and more popular.
Confidential VMs are the foundation of Confidential Space. Confidential Space was formerly limited to Confidential virtual machines (VMs) that had AMD Secure Encryption Virtualisation (AMD SEV) enabled. Confidential VMs that have Intel Trust Domain Extensions (Intel TDX) enabled in preview can now access Confidential Space as well.
To further improve security, Confidential Space with Intel TDX enabled provides hardware-rooted attestation, data secrecy, and data integrity. 4th Gen Intel Xeon Scalable CPUs power the general-purpose C3 machine line, which powers Confidential Space with Intel TDX.
Additionally, by default, these powerful C3 virtual machines contain Intel Advanced Matrix Extensions (Intel AMX), a new integrated accelerator that enhances deep learning training and inference performance on the CPU. The new private computing type that private Space supports gives consumers more options when it comes to choosing the best CPU platform for their needs in terms of cost, performance, and security.
Confidential VMs with NVIDIA H100 GPUs, in preview
When introduced Confidential VMs on the accelerator-optimized A3 machine series with NVIDIA H100 GPUs last year, increased they capacity for safe computing. The confidentiality and integrity of workloads involving artificial intelligence (AI), machine learning (ML), and scientific simulation may be preserved while data is being used with this service, which expands hardware-based data security from the CPU to GPUs.
These private GPUs are ready for preview today. The A3 machine series’ confidential virtual machines (VMs) safeguard data and code while it is being used. This means that even during compute-intensive processes like training, fine-tuning, or serving, sensitive training data or data labels, proprietary models or model weights, and top secret queries are safeguarded.
Customers can now fully utilise AI while maintaining high levels of data security and intellectual property protection with this innovative technology, which combines the power of accelerated computing and confidential computing. This can lead to new opportunities for innovation in regulated industries and collaborative AI development.
Prospects for 2025
It wants clients to have simple access to the newest security innovations, which is why Google Cloud is dedicated to extending Confidential Computing to other goods and services. Google Cloud wants to provide clients with a full range of Confidential Computing options, whether that means integrating Confidential Computing with modern hardware, accelerators, or services like GKE Autopilot.
They look forward to working with you to innovate in the field of confidential computing, which is a crucial technology for safeguarding private information in the cloud. The Confidential Computing products are available for exploration.