That effort runs by way of the Confidential Computing Consortium, the Linux Basis neighborhood the place competing corporations collaborate on shared infrastructure issues. The consortium isn’t attempting to turn into a registry of trusted brokers, Bursell added, however reasonably a spot the place corporations can develop frameworks, finest practices, and, equally essential, antipatterns.
Identification drew a few of the strongest curiosity at this week’s occasion. Pawan Khandavilli, senior product supervisor at Microsoft, pointed to agent cost initiatives from Visa, Mastercard, and Google, the FIDO Alliance’s rising agent work, SPIFFE workload identities, and RFC 8693 token change. The items exist already, Khandavilli argued, however “the vocabulary is fragmented.” The problem now could be connecting these identification methods to hardware-backed attestation reasonably than relying solely on software program belief.
The assault floor beneath the attestation
{Hardware}-isolated environments are solely as safe because the shared substrates beneath them. Zvonko Kaiser, principal methods engineer at NVIDIA, argued that attestation protects the trusted execution surroundings itself however doesn’t get rid of dangers within the shared substrates beneath. The processor cache sits beneath each isolation boundary, and a 2026 method referred to as TDXRay demonstrated how info may very well be noticed throughout digital machine boundaries. No layer above the cache, Kaiser argued, can utterly disguise what the cache itself sees.
