What is ACK-TEE confidential computing?-Container Service for Kubernetes(ACK)-阿里云帮助中心

Basic concepts

Confidential computing is a cloud-native container platform that uses hardware encryption to protect the security, integrity, and confidentiality of data in use, reducing the cost of developing, delivering, and managing trusted applications.

Confidential computing places sensitive data and code in a trusted execution environment (TEE) isolated from the rest of the system. Other applications, the BIOS, OS, kernel, administrators, operations staff, cloud providers, and any hardware other than the CPU cannot access your data. This significantly reduces the risk of data leaks and gives you greater control, transparency, and confidentiality.

Core features

Protects and verifies the integrity of code and data in the cloud.
Encrypts data and code to prevent unauthorized access and theft while in use.
Ensures control over the entire data lifecycle.

Use cases

Blockchain

Enhances privacy and security for transaction processing, consensus, smart contracts, and key storage.
Key management

Runs key management functions within an enclave to provide capabilities similar to a hardware security module (HSM).
Genetic computing

Provides privacy isolation for multi-party computation on sensitive data.
Finance

Protects payment and transaction security.
AI

Protects intellectual property by securing confidential data such as AI models.
Edge computing

Secures communication and ensures privacy across the cloud, edge, and endpoints.
Data sharing and computing

Enables users and organizations to collaborate on data analysis without exposing raw data to each other.

Solution

The following figure shows the solution architecture of ACK-TEE 1.1.

ACK provides a managed cluster for confidential computing based on Intel SGX 2.0, simplifying management and delivery of trusted or confidential applications. When data and code are processed in the public cloud, the trusted computing base reduces the need to trust the cloud provider and strengthens the security of the data and code. See Create an ACK managed cluster for confidential computing.

When creating a confidential computing cluster, note the following:

Worker nodes must use one of the following instance families: security-enhanced compute-optimized c7t, security-enhanced general-purpose g7t, or security-enhanced memory-optimized r7t.

Note
Intel Ice Lake processors support remote attestation only through Intel SGX Data Center Attestation Primitives (DCAP). Remote attestation based on Intel Enhanced Privacy ID (EPID) is not supported. You may need to adapt your applications to use DCAP-based attestation. For more information about remote attestation, see Intel® Software Guard Extensions Attestation Services.
During node initialization, the SGX 2.0 driver and TEE SDK are automatically installed. The TEE SDK is an Alibaba Cloud developer kit for confidential computing applications, providing a development model and APIs consistent with the Intel Linux SGX SDK.
An AESM DaemonSet is installed by default, letting SGX 2.0 applications access the Intel SGX Architectural Enclave Service Manager (AESM).
The sgx-device-plugin discovers, manages, and schedules Enclave Page Cache (EPC) memory resources on SGX nodes.

Integration with sandboxed containers

Traditional OS container attack model

Traditional OS (runc) containers share the host kernel. If an attacker exploits a kernel vulnerability, a malicious application can escape the container and compromise the host, affecting other applications and the entire service.

Sandboxed containers isolate malicious applications and block attacks

ACK sandboxed containers provide strong isolation using lightweight VM technology (Kangaroo). Each pod has its own independent OS and kernel, so the attack surface of a malicious application is reduced from host level to pod level, protecting other applications and the backend system.

ACK-TEE confidential computing encrypts applications in use

ACK-TEE is a Kubernetes-based solution that protects sensitive code and data, such as intellectual property, keys, and private communications.

Despite the convenience of cloud computing, data breach risks remain a concern. Causes include:

Hacker attacks
Untrusted cloud providers
Security flaws in the cloud infrastructure
O&M and administrative personnel

Combine sandboxed containers and ACK-TEE to isolate malicious apps and protect sensitive data

Sandboxed containers and ACK-TEE serve different purposes but complement each other—isolating malicious applications while protecting sensitive ones for multi-layered security.