Towards Trust Proof for Secure Confidential Virtual Machines

arXiv:2405.01030v1 Announce Type: new
Abstract: The Virtual Machine (VM)-based Trusted-Execution-Environment (TEE) technology, like AMD Secure-Encrypted-Virtualization (SEV), enables the establishment of Confidential VMs (CVMs) to protect data privacy. But CVM lacks ways to provide the trust proof of its running state, degrading the user confidence of using CVM. The technology of virtual Trusted Platform Module (vTPM) can be used to generate trust proof for CVM. However, the existing vTPM-based approaches have the weaknesses like lack of a well-defined root-of-trust, lack of …

amd arxiv confidential cs.cr cs.se data data privacy encrypted environment machine machines privacy proof protect protect data running state technology trust virtual virtualization virtual machine virtual machines vms