That effort runs via the Confidential Computing Consortium, the Linux Basis neighborhood the place competing corporations collaborate on shared infrastructure issues. The consortium just isn’t making an attempt to grow to be a registry of trusted brokers, Bursell added, however moderately a spot the place corporations can develop frameworks, finest practices, and, equally essential, antipatterns.
Identification drew a number of the strongest curiosity at this week’s occasion. Pawan Khandavilli, senior product supervisor at Microsoft, pointed to agent fee initiatives from Visa, Mastercard, and Google, the FIDO Alliance’s rising agent work, SPIFFE workload identities, and RFC 8693 token change. The items exist already, Khandavilli argued, however “the vocabulary is fragmented.” The problem now’s connecting these identification methods to hardware-backed attestation moderately than relying solely on software program belief.
The assault floor under the attestation
{Hardware}-isolated environments are solely as safe because the shared substrates beneath them. Zvonko Kaiser, principal methods engineer at NVIDIA, argued that attestation protects the trusted execution surroundings itself however doesn’t eradicate dangers within the shared substrates beneath. The processor cache sits under each isolation boundary, and a 2026 approach known as TDXRay demonstrated how data may very well be noticed throughout digital machine boundaries. No layer above the cache, Kaiser argued, can fully disguise what the cache itself sees.
