Overview
Explore a comprehensive conference talk on AMD's Secure Encrypted Virtualization (SEV) technology and the Enarx project. Delve into the capabilities and roadmap of SEV, which offers enhanced protection for virtualized workloads in AMD EPYC processors. Discover how Enarx, an open-source project led by Red Hat, leverages Trusted Execution Environments (TEEs) to provide attestation and protection for run-time workloads. Learn about the Enarx architecture, its key components, and witness an early demonstration of its capabilities. Gain insights into industry approaches to trusted execution, deployment models, and best practices. The presentation covers topics such as platform Diffie-Hellman key exchange, the NArcs project, WebAssembly, and alternatives like mono kernels.
Syllabus
Introduction
AMD Secure Encryption
SES
How a VM is started
Platform DiffieHellman key
How it works
Problems
Trusted Execution Environments
Industry Approaches
The Problem
The NArcs Project
Deployment Model
Best Practices
Demo
Inarch Keep
Questions
Alternatives
Mono Kernel
WebAssembly
Taught by
Linux Foundation