Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn how to orchestrate confidential computing environments using OCP Secure Boot, attestation protocols, and CXL IDE (Integrity and Data Encryption) technologies in this 16-minute conference talk by Sakul Gupta, Sr. Principal Firmware Security Engineer at Micron Technology Inc. Explore the implementation of host-managed device memory (HDM) systems where device-attached memory is mapped to system coherent address space and accessed through standard write-back semantics. Discover how Type 3 devices utilize OCP Secure boot, OCP attestation, and CXL IDE in containment mode to protect data in transit across exposed links, including the configuration of IDE encryption keys using SPDM secured messages and the recording of public key hashes for device ID certificates that the TSM authenticates to establish trust. Examine the deployment of TVM (Trusted Execution Environment Virtual Machine) for executing confidential compute workloads where both data-at-rest and data-in-motion are protected against unauthorized usage. Follow a detailed walkthrough of a HIPAA workload use case for confidential computing, covering link-IDE implementation, memory encryption techniques, and the establishment of secure channels between TVMs and CXL-Type2-Type3 devices using industry-standard DMTF SPDM practices. Understand the requirements for implementing secure CXL-switching fabric between hosts and CXL devices to ensure comprehensive protection in confidential computing architectures.
