CPC: Flexible, Secure, and Efficient CVM Maintenance with Confidential Procedure Calls

Explore a groundbreaking approach to confidential virtual machine (CVM) maintenance in this 20-minute conference talk from USENIX ATC '24. Delve into the challenges of maintaining CVMs while preserving data privacy for cloud tenants. Learn about Confidential Procedure Calls (CPCs), a novel method that enables efficient and secure execution of maintenance modules from within the guest. Discover how CPCs overcome limitations of traditional host-based maintenance and existing approaches that require hardware modifications. Examine the implementation of CPC prototypes on AMD SEV and ARM CCA platforms, showcasing significant performance improvements and enhanced security. Gain insights into the potential of CPCs to increase the popularity and cross-platform compatibility of CVMs in cloud environments.

USENIX ATC '24 - CPC: Flexible, Secure, and Efficient CVM Maintenance with Confidential Procedure...