Something to look forward to: Confidential computing is a security technology model designed to ensure data confidentiality, data integrity, and code integrity by running software in protected enclaves known as trusted execution environments (TEEs). Major technology companies are endorsing this approach, and VMware has now officially joined this group.

VMware recently joined AMD, Samsung, members of the RISC-V community and other tech corporations attending the 2023 edition of the Confidential Computing Summit (CCS). The group promotes the adoption of confidential computing technologies and security models, which according to VMware could very much benefit from an open source framework the company has been working on for a while.

The virtualization giant is pushing for the adoption of its Confidential Computing Certifier Framework, which is a client-side technology designed to "simplify and unify programming and operations support" in multi-vendor confidential computing platforms. A framework which is seemingly scalable, policy-driven and easily adaptable to different chip architectures with just a bit of code tinkering.

As detailed on VMware's corporate blog, the Confidential Computing Certifier Framework comprises two main components. The first is an application programming library (the API) that enables developers to create new secure applications or port existing, albeit "well-written," projects with minimal effort. Thanks to its multi-platform support, this API can reportedly be used to port secure applications to different platforms with only minor changes to the API calls.

The second component of the Framework is a Certifier Service system, which offers server-side applications to evaluate and manage trust relationships in a TEE environment through a policy-based approach. During the CCS 2023 conference, VMware demonstrated its certifier framework by presenting a "universal" client-server management application on multiple hardware platforms.

The Certifier Framework has thus far received support from AMD, Samsung, and Keystone – an open-source project dedicated to building customizable TEEs based on the RISC-V architecture. As a result, VMware can now claim support from the x86, Arm, and RISC chip domains for its technology. However, Intel has yet to join the initiative, despite being a member of the Confidential Computing Consortium and an official sponsor of the Confidential Computing Summit.

AMD appears to be a strong advocate of VMware's CCCF, as the technology is poised to help customers "realize the benefits of confidential computing." Samsung is also on board, with its Head of Security and Privacy, Yong Ho Hwang, stating that the CCCF technology aligns with the Korean company's goal of "accelerating the adoption of confidential computing" through a developer-friendly API for secure computing management.