BlueHat IL 2024 - Ben Hania, Yair Netzer - Compromising Confidential Compute and then fixing it
Автор: Microsoft Israel R&D Center
Загружено: 2024-07-11
Просмотров: 471
Confidential Compute is a new technology designed to protect cloud customers' most sensitive data by isolating customers' VMs even from the cloud provider. In this talk we'll demonstrate weaknesses in confidential VM migration and how we at Microsoft worked with our partners at Intel to address all issues.
We'll start the talk by exploring confidential VMs, and specifically - confidential VM Migration, a new feature in TDX 1.5. How it functions, which components are involved in the migration process and how it all comes together end to end.
Then, we will guide you step by step on how we abused the feature. We will demonstrate both design and code flaws in the migration process, discovered during a close collaboration with Intel, and how these flaws combined affected more than the migration feature, and compromised the confidentiality and integrity of "Confidential VMs".
Finally, we'll discuss Intel's fixes for the issues we found and our recommendations for users of confidential compute on how to use this technology securely.
Доступные форматы для скачивания:
Скачать видео mp4
-
Информация по загрузке:
![Как сжимаются изображения? [46 МБ ↘↘ 4,07 МБ] JPEG в деталях](https://image.4k-video.ru/id-video/Kv1Hiv3ox8I)
