Posts in 2024
  • Confidential Containers without confidential hardware

    Tuesday, December 03, 2024 in Blog

    Note This blog post was originally published here based on the very first versions of Confidential Containers (CoCo) which at that time was just a Proof-of-Concept (PoC) project. Since then the project evolved a lot: we managed to merge the work to …

    Read more

  • Policing a Sandbox

    Thursday, August 15, 2024 in Blog

    In a previous article we discussed how we can establish confidence in the integrity of an OS image for a confidential Guest, that is supposed to host a collocated set (Pod) of confidential containers. The topic of this article will cover the …

    Read more

  • Deploy Trustee in Kubernetes

    Monday, June 10, 2024 in Blog

    Introduction In this blog, we’ll be going through the deployment of Trustee, the Key Broker Service that provides keys/secrets to clients that want to execute workloads confidentially. Trustee provides a built-in attestation service that complies to …

    Read more

  • Memory Protection for AI ML Model Inferencing

    Monday, April 15, 2024 in Blog

    Introduction With the rapid stride of artificial intelligence & machine learning and businesses integrating these into their products and operations, safeguarding sensitive data and models is a top priority. That’s where Confidential …

    Read more

  • Building Trust into OS images for Confidential Containers

    Friday, March 01, 2024 in Blog

    Containers and OS Images Confidential Containers using Kata-Containers are launched in a Confidential Virtual Machine (CVM). Those CVMs require a minimal Linux system which will run in our Trusted Execution Environment (TEE) and host the agent side …

    Read more

  • Introduction to Confidential Containers (CoCo)

    Friday, February 16, 2024 in Blog

    This blog is adopted from the overview slides on Confidential Containers. Confidential Containers (CoCo) is an innovative sandbox project under the Cloud Native Computing Foundation (CNCF), revolutionizing cloud-native confidential computing by …

    Read more

Posts in 2023
  • Release v0.8.0

    Friday, November 10, 2023 in Releases

    Please see the quickstart guide for details on how to try out Confidential Containers. Please refer to our Acronyms and Glossary pages for a definition of the acronyms used in this document. What’s new Upstream containerd supported by all …

    Read more

  • Release v0.7.0

    Monday, July 24, 2023 in Releases

    Please see the quickstart guide for details on how to try out Confidential Containers. Please refer to our Acronyms and Glossary pages for a definition of the acronyms used in this document. What’s new Flexible instance types/profiles support …

    Read more

  • Release v0.6.0

    Wednesday, June 07, 2023 in Releases

    Please see the quickstart guide for details on how to try out Confidential Containers. Please refer to our Acronyms and Glossary pages for a definition of the acronyms used in this document. What’s new Support for attesting pod VMs with Azure …

    Read more

  • Release v0.5.0

    Friday, April 14, 2023 in Releases

    Warning This release includes breaking changes to the format of encrypted images. See below for more details. Images that were encrypted using tooling from previous releases will fail with this release. The process for validating signed images is …

    Read more