Oracle Cloud Infrastructure (OCI) has released its first Confidential Compute solution powered by AMD EPYC processors to its partners.
Oracle claims the product allows customers to enable Confidential VMs with the help of AMD Infinity Guard and AMD Secure Encrypted Virtualization (SEV) and Secure Memory Encryption (SME).
These features take advantage of security components available in 2nd and 3rd generation AMD EPYC processors available in all OCI’s E3 and E4 shapes.
With AMD SEV, AMD EPYC processors help safeguard integrity and privacy by using one key per VM for memory encryption to isolate guests from the hypervisor and one another, it is claimed.
With SME, a single key is generated by the AMD Secure Processor at boot and used to encrypt the full system memory.
Oracle said that Confidential Computing has several benefits that organisations can consider as they decide whether to augment their security posture to include confidential VMs or bare metal servers.
By providing security through the lowest layers of hardware, Confidential Computing minimises the list of trusted parties (OS, ecosystem partners, and administrators), helping reduce the risk of data exposure, it is said.
