September 13-16, 2022
Dublin, Ireland + Virtual
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit Europe 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Irish Standard Time (UTC +1). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

Wednesday, September 14 • 16:40 - 17:20
Unifying Confidential Attestation - Tobin Feldman-FItzthum & Dov Murik, IBM

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
With the recent rise of several confidential computing technologies, the term attestation has become overloaded. Different platforms offer attestations with different properties and flows, none of which match with traditional techniques. This talk will highlight crucial differences between SEV-ES, SEV-SNP, and Intel TDX. This talk will also discuss strategies for reconciling these differences and unifying confidential attestation. One approach is for each platform to support a secure vTPM backed by the hardware root of trust. This would allow standardization between platforms and between confidential and traditional workloads. This talk will discuss the feasibility and complexities of implementing and deploying secure vTPMs. This talk will also discuss the Confidential Containers Attestation Agent, another approach for unified attestation, that does not require extensive guest or host support. This talk will also highlight related approaches such as those proposed in the Libvirt community and offer some conclusions about where standardization makes the most sense.


Tobin Feldman-FItzthum

Software Engineer, T.J. Watson IBM Research Center
Tobin Feldman-Fitzthum is a Software Engineer at the T.J. Watson IBM Research Center. He works on secure virtualization and confidential computing. Tobin was a founding maintainer of the Confidential Containers CNCF Sandbox Project. He has also worked on encrypted disks and fast live... Read More →
avatar for Dov Murik

Dov Murik

Research Staff Member, IBM
Dov Murik is a Research Staff Member in IBM Research, working on various aspects of information and system security, and recently focusing on confidential computing. Previously he worked on malware detection, phishing prevention, and AI security. Before that he was part of IBM Trusteer... Read More →

Wednesday September 14, 2022 16:40 - 17:20 IST
Liffey A (Level 1)
  KVM Forum (Joint OSS Track)