Skip to content

Infrastructure

Confidential Cloud is cloud-agnostic. Tower and Inspector are responsible for various aspects of the Life-Cycle Management (LCM) of infrastructure resources.

Confidential Cloud builds atop Confidential Computing to offer state-of-the-art encryption mechanisms. Today, hardware and firmware support for Confidential Computing is only available in several modern lines of hardware platforms offered by a limited range of forward-looking Cloud Service Providers (CSPs).

Supported Hardware

Currently, Confidential Computing is only available on a limited set of microprocessor product lines available in the market. Enterprise vendors offer several Confidential Computing implementations, with varying capabilities and performance limitations, and security trade-offs (Read more).

Confidential Cloud currently supports the following hardware:

AMD SEV-SNP

Upcoming
- Intel® Trusted Domain Extensions (TDX) - pending hardware availability
https://www.intel.com/content/www/us/en/developer/articles/technical/intel-trust-domain-extensions.html
 
- ARM® Confidential Compute Architecture (CCA) - pending hardware availability and firmware support
https://www.arm.com/architecture/security-features/arm-confidential-compute-architecture
 
Decomissioned
- Intel® Software Guard Extension (SGX)
https://www.intel.com/content/www/us/en/developer/tools/software-guard-extensions/overview.html
 

Cloud Service Providers (CSPs)

Currently and as a default, Confidential Cloud provisions execution environments on the following CSPs:

MS Azure

  • Europe (🇸🇪 Stockholm) : default

OVH (Bare-metal)

  • Europe (🇩🇪 Frankfurt) : default

OpenStack-based

  • Europe (🇸🇪 Stockholm) : default
  • Europe (🇮🇹 Italy)

AWS

  • Europe (🇸🇪 Stockholm) : default


Partnership Programme
Are you a CSP and interested to support Confidential Cloud?
Join our Partnership programme!
 

On-Prem / Air-gapped

Confidential Cloud can be configured to deploy resouces On-Prem. This allows to support use cases that require operations in a closely controlled domain - or even as an air-gapped setup.

Get in touch for more information!