I believe that cloud computing will increasingly shift to private, encrypted services where users can be confident that their software and data are not being exposed to cloud providers or unauthorized actors inside their own organizations. This approach will foster innovation, allowing organizations to adopt the latest cloud technologies and alleviate concerns when it comes to data privacy and compliance. When organizations, especially those in regulated industries, are ready to move workloads to the cloud, one of the biggest challenges is how to process sensitive data while still keeping it private. However, when data is being processed, there hasn't been an easy solution to keep it encrypted. Now there is. Confidential Computing is a breakthrough technology that encrypts data in use, while it is being processed.

Source: Dark Reading

Link: https://www.darkreading.com/cloud/why-confidential-computing-is-a-game-changer

Nathaniel (briefly)
Ben
Shaun
axel

Agenda

Confidential C2​

Chat platforms​

More conversation regarding the most universal one for people to engage?

People leaning towards Slack, however RocketChat has some interesting advantages: direct and clean link to a room, don't need to sign-in to chat (ie: anonymous option)

Open Source Summit North America (OSS NA)​

Discussing follow up: good stats on the booth, people interested in email news (uncommon)

Ben
Shaun
axel

Agenda

Next outreach target​

• Following recent success (Wasm running on SGX, kudos Daiki!) and conversations, the target is getting clearer.

Briefs: technical, business​

• Tech one first
• Enarx team aware of it, will keep reminding to work on it

ConfidentialC2 website​

• How should it evolve?
• Need for tool for better managing Twitter

Enarx Youtube account​

• Should get it verified

OSS NA​

• Follow-up with people who dropped by the ConfidentialC2 booth
• Ben drafting an adopter journey (and not a customer journey, we are an open source project)

It’s been a busy time since we announced Enarx and our vision for running workloads more securely to the world in August 2019.  At the time, we had produced a proof of concept demo, creating and attesting a Trusted Execution Environment (TEE) instance using AMD’s Secure Encrypted Virtualization (SEV) capability, encrypting a tiny workload (literally a few instructions of handcrafted assembly language) and sending it to be executed.  Beyond that, we had lots of ideas, some thoughts about design, and an ambition to extend the work to other platforms.  And since then, a lot has happened, from kicking off the Confidential Computing Consortium to demos with AMD’s SEV and Intel’s Software Guard Extensions (SGX), from contributor improvements to the recent efforts to provide a Wasm module for multiple silicon vendor architectures.

Source: Red Hat Emerging Technologies

Link: https://next.redhat.com/2020/07/01/enarx-project-maturity-update/

Traditionally, when you run a workload in a VM, container or in a serverless environment, that workload is vulnerable to interference by any person or software with hypervisor, root or kernel access. That turns out to be quite a few people one has little choice but to trust, both in the cloud, of course, but also on one’s own hardware. The Enarx project aims to mitigate this by leveraging the hardware-based security properties offered by the Trusted Execution Environments (TEEs) found on recent CPUs. Enarx will make it simple to deploy workloads to a variety of TEEs in the public cloud, making it possible to deploy confidential workloads to third party servers without needing to relinquish trust to those who operate them.

Source: Pass the SALT

Link: https://passthesalt.ubicast.tv/videos/2020-enarx-secured-attested-execution-on-any-cloud/

Running Sensitive Workloads on Untrusted Hosts: Project Enarx

Source: Embedded Linux Conference North America 2020

Link: https://www.youtube.com/watch?v=z8KZwBw4aLk

Present​

• Jyotsna
• Lily
• Mike
• Shaun
• axel

Agenda​

Open Source Summit North America (OSS NA)​

• Reminder of the value of the conference and encouragement to attend
• Reminder to sign-up to help staff the Confidential Computing Consortium virtual booth
• Run through of Mike's slides for his and Nathaniel's talk at the event

Present​

• Shaun M
• Ben F
• axel s

Agenda​

Open Source Summit North America (OSS NA)​

• Sign up to help hold the booth in this Google doc.
• 6 sponsor passes available, Ben to distribute to those who sign up for most booth slots
• a few question remain about videos, being sorted out

Youtube videos​

2 playlists:

• "Learning more about Enarx": only our videos
• "Enarx talks": all talks we've given

Briefs​

Technical brief​

document started: skeleton

Business brief​

document started: skeleton

ACTIONS​

ACTION: axel to check with Veronica (Red Hat) regarding the Enarx intro video for OSS NA booth
ACTION: everyone sign-up for slots for OSS NA booth, Ben to share to the chat
ACTION: link with Mike re: technical brief

Present​

• Ben F
• Mike D
• Shaun M
• axel s

Agenda​

• Next outreach target: must start conversation
• Linux Foundation Open Source Summit North America
  • Confidential Computing Consortium will have a booth
    • Focus on awareness? Projects? Both?
• Ben: What is the right level at which to pitch information?
  • Mike: liked the slides that broke things down to an understandable level. Also, often people are looking for value, more than technical understanding: how can it resolve their issues.
  • So four things:
    • Videos (such as the Red Hat Summit 2020 interviews)
    • Presentations (slides)
    • Technical brief (~2 pages)
    • Business brief (same thing, but with a product marketing hat on: what does encryption mean to companies)

Actions​

• ACTION: start project conversation on next technical / outreach goal (axel)
• ACTION: booth signup sheet (Ben)
• ACTION: make the videos available for OSS NA (axel)
  • done
• ACTION: make the slides available for OSS AN (axel)
  • done
• ACTION: draft tech brief (Ben)
• ACTION: draft business brief (Ben)

First fully public meeting, as we continue our efforts to make everything Enarx as open and transparent as possible.

Present​

• Mike B
• Mike D
• Shaun M
• Ben F
• axel s

Agenda​

Next outreach target​

We need to start a conversation, most likely on the chat at least for a start, regarding what we want to target next that would make sense in terms of outreach. At the last meeting, we mentioned the idea of an attack that would succeed without Enarx by fail when run against a workload in an Enarx Keep. However, we want to ensure we demonstrate useful features and code, rather than code just for a demo.