Internet-Draft | Abbreviated Title | July 2023 |
Deng | Expires 10 January 2024 | [Page] |
Confidential virtual machine (CVM) in the cloud environment is a use case of confidential computing where VM confidentiality is enabled by hardware. A cloud user’s CVM is isolated from the hypervisor provided by its cloud service provider, meaning the cloud service provider cannot access the workload and data in the CVM. This is used in the scenario where a cloud user intends to protect its sensitive workload and data from cloud service provider while at the same time desires to utilize the advantages of cloud technology. This document specifies the CVM provisioning in cloud environment including the provisioning process and protocol, and the security requirements.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 10 January 2024.¶
Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
Confidential computing allows for workload and data protection in use leveraging hardware-based security technology. Confidential virtual machine (CVM) in cloud environment is a use case of confidential computing. It allows a cloud user to migrate its sensitive workload and data onto cloud and still protect them from cloud service provider and the hosting environment, such as hypervisor, virtual machine manager, host OS. Moreover, another benefit of using CVM is that no changes are needed for an application to be able to run in a CVM. It has witnessed an increase in the CVM provisioning and deployment in cloud. This document illustrates the provisioning process and protocol of CVM in cloud environment and also the security requirements.¶
For a cloud user to create and manage CVM instance on cloud infrastructure, CVM provision process in cloud consists of the following steps:¶
There may be other steps including:¶
The rest of the clause in this section describes each step above and the required message exchange between a user side (using a client), resource manager in the cloud, and platform of the server. The following clauses mainly describes what is specific to CVM provision, and normal VM provision involved is not the focus.¶
For a server to be able to host CVM, certain booting parameters need to be configured to support the confidential computing feature for CVM. For example, to create a AMD CVM, the features, memory encryption and secure encrypted virtualization, need to be enabled. The server is then running with these features enabled.¶
This step is performed by the administrator of the server.¶
Cloud service providers need to provide to cloud users the option of CVM instance, and the underlying hardware choices supporting CVM.¶
In creating a CVM, cloud users need to set, among others, the VM type to be a CVM, and choose the hardware on which the CVM to be running.¶
A cloud user needs to be able to check whether a running VM is a CVM or not.¶
This memo includes no request to IANA.¶