Nelly Porter, Group Product Manager @ Google.
Do you have something cool to share? Some questions? Let us know:
Anton Chuvakin: >> Hello, this is Anton and Tim from
Anton Chuvakin: a new Cloud security podcast by Google.
Anton Chuvakin: I'm involved with Security Products
Anton Chuvakin: and Solutions Strategy at Google.
Anton Chuvakin: You can find me on Twitter
Anton Chuvakin: as anton_chuvakin. Tim, on to you.
Tim Peacock: >> Hey, folks.
Tim Peacock: I'm a Product Manager here at Google and I
Tim Peacock: look after wrangling our threat detection products.
Tim Peacock: You can find me on Twitter @tmdpcck.
Tim Peacock: I had to go without vowels because there
Tim Peacock: are enough other Tim Peacocks in the world.
Anton Chuvakin: >> As a finest starting point,
Anton Chuvakin: this was supposed to be called
Anton Chuvakin: weather and cloud security.
Anton Chuvakin: But hey, we like descriptive name here,
Anton Chuvakin: so now it's going to be officially called
Anton Chuvakin: Cloud Security Podcast, exciting, huh?
Anton Chuvakin: This is our first episode and our plan to talk
Anton Chuvakin: about Cloud security both
Anton Chuvakin: within and outside Google Cloud,
Anton Chuvakin: we're going to invite interesting
Anton Chuvakin: guests like Nelly today
Anton Chuvakin: with a unique point of view on
Anton Chuvakin: Cloud security and securing the Cloud.
Anton Chuvakin: We expect to publish an episode every few weeks.
Anton Chuvakin: Please let us know if you like this duration.
Anton Chuvakin: About 25 minutes and planed frequency.
Anton Chuvakin: You can get this podcast at Google Podcasts
Anton Chuvakin: or whatever else you get your podcasts. Tim.
Tim Peacock: >> We think you'll enjoy this podcast if you like
Tim Peacock: thinking critically about trends in Cloud compute,
Tim Peacock: if you enjoy contrarian takes and if you can
Tim Peacock: tolerate the occasional pun
Tim Peacock: slipped quietly into the mix.
Tim Peacock: You will have the opportunity to hear
Tim Peacock: from security experts inside
Tim Peacock: and outside of Google on
Tim Peacock: how they're tackling Cloud security challenges,
Tim Peacock: get stories about scars we've earned the hard way,
Tim Peacock: and hear from teams that are building
Tim Peacock: the next generation of tooling here at Google.
Anton Chuvakin: >> Perfect. Today our guest is Nelly Porter.
Anton Chuvakin: She leads our confidential computing dock here.
Anton Chuvakin: Hey, Nelly, tell us more about yourself and we
Anton Chuvakin: also have some questions for you.
Anton Chuvakin: Hopefully, it'll be fun.
Nelly Porter: >> Thank you so much Anton and Tim
Nelly Porter: for having me on your first podcast,
Nelly Porter: I'm super honored.
Nelly Porter: I'm Nelly Porter.
Nelly Porter: I am Group Project Manager based Cloud security
Nelly Porter: team working on confidential computing.
Nelly Porter: I have some experience results of hardware,
Nelly Porter: firmware, and our hypervisor so ready for the run.
Anton Chuvakin: >> How about you tell us more about
Anton Chuvakin: the origin for this idea,
Anton Chuvakin: doing confidential computing in the Cloud.
Nelly Porter: >> Confidential computing, I
Nelly Porter: think was in crypto mind.
Nelly Porter: So many people for many, many years.
Nelly Porter: It started with the dreams about if we would be able
Nelly Porter: not only ingest data to the Cloud
Nelly Porter: encrypted and store this data fully encrypted,
Nelly Porter: we don't want to create graveyards of this data,
Nelly Porter: we're going to index it.
Nelly Porter: Great, do something useful.
Nelly Porter: What if it would be possible
Nelly Porter: to process this data also protect it?
Nelly Porter: It's where confidential computing came to clean
Nelly Porter: this search stuck in this end to end data protection.
Anton Chuvakin: >> It does sound like there's an origin story there.
Anton Chuvakin: I want to start from an obvious question
Anton Chuvakin: that make sense for every security technology.
Anton Chuvakin: What risks are mitigated
Anton Chuvakin: by this new approach to computing?
Nelly Porter: >> One of the risks and
Nelly Porter: few things is it's very important considering
Nelly Porter: confidential computing for public Cloud is
Nelly Porter: understanding that we all deal with
Nelly Porter: a lot of sensitive data and our customers need to
Nelly Porter: entrust this sensitive data to Cloud providers.
Nelly Porter: Previously, it was super easy.
Nelly Porter: Customers process the data, collects data,
Nelly Porter: work on it on-prem
Nelly Porter: and they knew who is accessing that,
Nelly Porter: who is responsible for [inaudible 00:03:46] ,
Nelly Porter: can deal with any security incident.
Nelly Porter: It was very clear responsibility
Nelly Porter: about who is protecting because our clients' data,
Nelly Porter: users data, and their own data.
Nelly Porter: Now times is changing and customers
Nelly Porter: have found themselves in all different places,
Nelly Porter: on-premises, on edge, and on the Cloud.
Nelly Porter: There's a whole load of who is responsible of
Nelly Porter: this shared responsibility model
Nelly Porter: is becoming very, very difficult.
Nelly Porter: Confidential computing,
Nelly Porter: trying to protect this data end-to-end,
Nelly Porter: as I explained earlier,
Nelly Porter: and its what customers see as one of
Nelly Porter: the risks of limiting visibility
Nelly Porter: of Cloud providers and everybody
Nelly Porter: else since there're multitenant environments to
Nelly Porter: ensure the user data end-to-end in
Nelly Porter: the space and in the state as they expect it to be.
Tim Peacock: >> When it comes to limiting visibility,
Tim Peacock: are there places where we're not
Tim Peacock: limiting visibility with this approach?
Nelly Porter: >> Oh, yes, Tim. Imagine you
Nelly Porter: encrypted your data on-premises
Nelly Porter: and you hold the keys.
Nelly Porter: Now, you uploaded the data in,
Nelly Porter: let's say, Google storage buckets, simple.
Nelly Porter: Its settings are doing fantastically well.
Nelly Porter: But now you need to do
Nelly Porter: something to this data, as I said,
Nelly Porter: let's say you need to train your model on this data.
Nelly Porter: Now, you load this data in your environment,
Nelly Porter: and oh, gosh, now it's not protected.
Nelly Porter: Now, memory where your data
Nelly Porter: is reserved is not encrypted.
Nelly Porter: Now, imagine that somebody
Nelly Porter: maliciously or mistakenly crush your application.
Nelly Porter: Oh, my God, the dub
Nelly Porter: has a whole secret so your data flowing around.
Nelly Porter: We're also looking down towards that.
Nelly Porter: It's exactly what we're trying to do.
Nelly Porter: We're trying to ensure that your data is
Nelly Porter: always protected in whatever state it is
Nelly Porter: and less and less people have opportunity to
Nelly Porter: make mistakes or maliciously expose your data.
Anton Chuvakin: >> Nelly, you said a training models.
Anton Chuvakin: A Google version would probably want to do that on
Anton Chuvakin: something like a TPU in the Cloud.
Anton Chuvakin: Are we planning to extend these hands of
Anton Chuvakin: memory protections to the
Anton Chuvakin: TPUs that we're building as well?
Nelly Porter: >> Absolutely.
Nelly Porter: Because not only customers are using CPUs where we
Nelly Porter: started to see hardware
Nelly Porter: catching up with the goals that we have.
Nelly Porter: But also GPUs, TPUs, FPGAs,
Nelly Porter: anything we called it accelerators,
Nelly Porter: have to understand and respect
Nelly Porter: privacy and confidentiality of
Nelly Porter: the data that they process.
Nelly Porter: In our industry,
Nelly Porter: these multiple industry vendors and companies in
Nelly Porter: confidential computing can social
Nelly Porter: with the big form together with Intel,
Nelly Porter: Microsoft, and others to
Nelly Porter: address these specific requirements.
Nelly Porter: Because Google alone would not be
Nelly Porter: able to accomplish that.
Nelly Porter: We need to ensure that all vendors,
Nelly Porter: GPU, CPU, all of them they'll follow the suit.
Anton Chuvakin: >> Part of the trust model is that it's
Anton Chuvakin: a third parties' keys and
Anton Chuvakin: hardware that we're exposing to a customer.
Anton Chuvakin: How do we achieve that same kind
Anton Chuvakin: of trust relationship
Anton Chuvakin: with Google-developed hardware like our TPUs?
Anton Chuvakin: Is there going to be an open
Anton Chuvakin: industry standard on that?
Nelly Porter: >> We hope that it will happen and
Nelly Porter: they will follow the same models that we have,
Nelly Porter: for example, these Titans.
Nelly Porter: Let me introduce you another model.
Nelly Porter: We first develop our secure silicon
Nelly Porter: to address very specific security problems
Nelly Porter: that were not possible before.
Nelly Porter: The whole world was
Nelly Porter: trying to figure out how to deal with
Nelly Porter: these trusted platform modules, TPMs.
Nelly Porter: But TPMs had significant problem.
Nelly Porter: The reason why? Because they were a side course.
Nelly Porter: They were sitting on the side,
Nelly Porter: listening on what is happening,
Nelly Porter: and postmortem decided if they need to
Nelly Porter: take the action and stop
Nelly Porter: pushing over [inaudible 00:07:46] or not.
Nelly Porter: We decided that it's not acceptable,
Nelly Porter: that's why we come up these Titans or design silicon,
Nelly Porter: to ensure that we can sit in
Nelly Porter: between and making our decisions after we
Nelly Porter: receive the first instruction to ensure
Nelly Porter: that we're doing something
Nelly Porter: super obvious to everybody.
Nelly Porter: Before execute, share the things
Nelly Porter: that you trust to execute.
Nelly Porter: So we've done that. Now Titan is open.
Nelly Porter: Titan is the standard that we are
Nelly Porter: contributing to all industry,
Nelly Porter: and I think this TPU and security of TPUs,
Nelly Porter: it will become the same thing.
Nelly Porter: But it's too early to say,
Nelly Porter: we are still in early stages of this development.
Anton Chuvakin: >> Okay. That makes sense.
Anton Chuvakin: Then let me turn it back to the question about gaps.
Anton Chuvakin: Obviously, conventional compute covers
Anton Chuvakin: many of the gaps in normal Cloud computing.
Anton Chuvakin: Are there any residual gaps
Anton Chuvakin: or are there any residual risks perhaps?
Anton Chuvakin: Moreover, I would go out on limb and say,
Anton Chuvakin: are there new risks
Anton Chuvakin: that are introduced by that approach?
Anton Chuvakin: For example, reduced visibility of
Anton Chuvakin: data may mean some things are harder to monitor.
Anton Chuvakin: Tell us more about what things really aren't fixed
Anton Chuvakin: and what things are perhaps newly introduced.
Nelly Porter: >> The goal for us,
Nelly Porter: do not introduce
Nelly Porter: too much residual issues with confidential computing.
Nelly Porter: It's why, for example,
Nelly Porter: we've done a lot of
Nelly Porter: investigation of what was possible
Nelly Porter: with confidential computing from
Nelly Porter: CPU perspective, from hardware.
Nelly Porter: Confidential computing based and built on top of
Nelly Porter: hardware and it's what
Nelly Porter: we want to ensure that this continues as the case.
Nelly Porter: The early introduction of
Nelly Porter: confidential computing capable hardware
Nelly Porter: or CPU required, for example,
Nelly Porter: customers to rewrite their app or
Nelly Porter: re-factor it to more secure and less secure scenes.
Nelly Porter: A lot of customers understanding of
Nelly Porter: values of confidential computing can
Nelly Porter: bring to the table but simply cannot
Nelly Porter: support all pre-writing application.
Nelly Porter: It's why Google in particular,
Nelly Porter: we decided to take a different approach and
Nelly Porter: go with these models that incredibly easy to
Nelly Porter: use to ensure that our customers would not have
Nelly Porter: those barriers to cross
Nelly Porter: and to go through to be able to do that.
Nelly Porter: I think one of the biggest challenges
Nelly Porter: is that we still have to address how we
Nelly Porter: will convince
Nelly Porter: the industry and compliance institutions
Nelly Porter: that confidential computing is
Nelly Porter: helping in multiple forms.
Nelly Porter: Because it's very emerging,
Nelly Porter: very new technology and as usual,
Nelly Porter: when it's new technology,
Nelly Porter: it has so many questions.
Nelly Porter: What it does and how it's actually exposed.
Nelly Porter: Do we have gaps?
Nelly Porter: Absolutely. There is no solution that will be
Nelly Porter: the magic bullet that will make all of
Nelly Porter: us happy and secure guaranteed.
Nelly Porter: But it's additional in
Nelly Porter: our toolbox of defense and gaps
Nelly Porter: that we have to take super seriously
Nelly Porter: and invest as much as Google,
Nelly Porter: and Amazon, and AWS are trying to do.
Tim Peacock: >> I think that's a really key point
Tim Peacock: knowing that there aren't
Tim Peacock: magic bullets in security
Tim Peacock: and if you really want a secure your server,
Tim Peacock: the best thing to do is unplug it,
Tim Peacock: put it in a box of concrete and
Tim Peacock: throw it off the Golden Gate Bridge.
Tim Peacock: That's really your only option to have
Tim Peacock: something ultimately secure at the end of the day.
Nelly Porter: >> Ensure that nobody is
Nelly Porter: trying to get it out of there and bring it back.
Tim Peacock: >> Yes. You've got to make sure you
Tim Peacock: drop it at night where nobody can be.
Tim Peacock: So thinking ahead about where this is going,
Tim Peacock: what kinds of organizations
Tim Peacock: do you think this is an absolute must-have for?
Tim Peacock: Like who are you most excited to
Tim Peacock: have be adopting this technology?
Nelly Porter: >> First of all,
Nelly Porter: we're honestly targeting
Nelly Porter: very regulated and compliancy heavy organizations
Nelly Porter: and no surprises its financial sector,
Nelly Porter: Fintech companies, it very clear
Nelly Porter: owns the value of encryption [inaudible 00:11:46] ,
Nelly Porter: owns the value of processing memory protection,
Nelly Porter: government and public sector
Nelly Porter: health care, all of that.
Nelly Porter: But we didn't anticipate that multiple verticals,
Nelly Porter: it doesn't have significant regulation
Nelly Porter: and compliance requirements are also very
Nelly Porter: interested in this technology
Nelly Porter: and mostly to anticipate
Nelly Porter: privacy concerns Desertec for
Nelly Porter: their clients and their users.
Nelly Porter: They see it as additional way to create
Nelly Porter: this cryptographic isolation in the public cloud
Nelly Porter: that will allow them to
Nelly Porter: guarantee to their own clients and
Nelly Porter: their own users that they're doing everything
Nelly Porter: possible to protect sensitive data.
Nelly Porter: Also, one of the interesting use cases that
Nelly Porter: we started to see in this particular of
Nelly Porter: these COVID related situations
Nelly Porter: is because right now a lot of
Nelly Porter: small research organizations trying to collaborate on
Nelly Porter: supersensitive data
Nelly Porter: and prior to confidential computing,
Nelly Porter: you cannot make it
Nelly Porter: possible because you need to have ability to
Nelly Porter: share very sensitive data sets
Nelly Porter: among multiple parties,
Nelly Porter: ensure that none of them
Nelly Porter: will have access to this data,
Nelly Porter: but results will benefit all of them
Nelly Porter: and us and that's why confidential computing,
Nelly Porter: we see significant uptake of
Nelly Porter: specific research and more organizations are going.
Anton Chuvakin: >> To return us briefly
Anton Chuvakin: to the previous point we started making,
Anton Chuvakin: I mean, admittedly, there's a pretty lively business
Anton Chuvakin: in Cloud computing.
Anton Chuvakin: Companies spend billions with us,
Anton Chuvakin: with the other Cloud providers.
Anton Chuvakin: Clearly, even those companies are using the Cloud.
Anton Chuvakin: For the workloads, you described today
Anton Chuvakin: before confidential computing is adopted in mass,
Anton Chuvakin: what are the alternatives?
Anton Chuvakin: What are they migrating from?
Anton Chuvakin: Is it all On-Prem?
Anton Chuvakin: Is it they just like accept the risks?
Anton Chuvakin: Like how are people solving the same problems today?
Nelly Porter: >> I think today people simply
Nelly Porter: hesitate to bring this capability to the Cloud.
Nelly Porter: The problem is as they collect
Nelly Porter: an enormous amount of sensitive data
Nelly Porter: On-Prem and to process
Nelly Porter: this in the environment On-Prem,
Nelly Porter: they have to acquire
Nelly Porter: more and more capacity and it's
Nelly Porter: incredibly costly and doesn't provide any value.
Nelly Porter: We see it even on the government and on
Nelly Porter: the financial sector where you would
Nelly Porter: believe that money is not the problem.
Nelly Porter: But a lot of things is how you manage this capacity,
Nelly Porter: how you deal with
Nelly Porter: these growing hardware demands that
Nelly Porter: these multiplying every single day.
Nelly Porter: For them, using Cloud is absolutely paramount.
Nelly Porter: But the data that they have is
Nelly Porter: so sensitive that they cannot use Cloud.
Nelly Porter: They see huge demand,
Nelly Porter: an opportunity to enable
Nelly Porter: those customers to bring
Nelly Porter: the most sensitive data to the Cloud.
Nelly Porter: But also we see a lot of customers that say,
Nelly Porter: I have no idea,
Nelly Porter: my data is great.
Nelly Porter: It may be sensitive,
Nelly Porter: it maybe not super sensitive,
Nelly Porter: but it's definitely not public.
Nelly Porter: I want to bring it in the Cloud
Nelly Porter: and use your confidential environment to process it.
Nelly Porter: We see all those combinations of that.
Anton Chuvakin: >> The last type of client
Anton Chuvakin: just basically goes and says,
Anton Chuvakin: what is the best available security for my data?
Anton Chuvakin: And obviously, conventional wisdom
Anton Chuvakin: is that and they say,
Anton Chuvakin: okay, I'll take this one.
Anton Chuvakin: Right. That's probably the scenario right now.
Nelly Porter: >> It's exactly what they think.
Nelly Porter: Exactly. The question you asked
Nelly Porter: me previously, why not?
Nelly Porter: Is there a downside for me? Do not use it.
Nelly Porter: It's like I don't need to change
Nelly Porter: anything easy to use.
Nelly Porter: Its performance, the performance
Nelly Porter: is very negligible latency.
Nelly Porter: I need to pay for that and it's scalable.
Nelly Porter: I can do everything that I can do
Nelly Porter: from running my databases to
Nelly Porter: man cash projects to
Nelly Porter: even Monte Carlo simulation
Nelly Porter: that I do for financial sector.
Nelly Porter: All of that I can do
Nelly Porter: in those confidential environments.
Nelly Porter: Why not try to cast your vote
Nelly Porter: or validate your performance right now,
Nelly Porter: be available in general availability
Nelly Porter: across nine regions and we're looking for
Nelly Porter: your feedback our dear customers to see
Nelly Porter: what else we need to add and how
Nelly Porter: they can bring more services to
Nelly Porter: confidential and more breadth
Nelly Porter: in as Tim asked, how eversible.
Tim Peacock: >> Given what you just said,
Tim Peacock: no performance impact broadly available,
Tim Peacock: no work on the user, keeps the data encrypted.
Tim Peacock: Can you explain how it actually works?
Nelly Porter: >> Absolutely. I will try to make it very clear.
Nelly Porter: Confidential computing that I'm talking
Nelly Porter: about is based on CPU capability,
Nelly Porter: the build based on AMD new generation of the CPUs,
Nelly Porter: or they have very important extension.
Nelly Porter: It's called Secure Encrypted
Nelly Porter: Virtualization extension.
Nelly Porter: This extension means that
Nelly Porter: even the hardware for a combination
Nelly Porter: AMD is capable to
Nelly Porter: generate the greatest keys if you always wanted.
Nelly Porter: Those keys are ephemeral, power,
Nelly Porter: a single [inaudible 00:17:04] never stored
Nelly Porter: anywhere and the most important things
Nelly Porter: in not extractable.
Nelly Porter: Software doesn't have access to those keys.
Nelly Porter: Those keys are only and only used by
Nelly Porter: memory controllers very quickly to
Nelly Porter: decrypt cache lines when you want to execute
Nelly Porter: instruction on your CPU and encrypt them back.
Nelly Porter: In CPU itself, the data is decrypted,
Nelly Porter: but your memory continues encrypted and it means
Nelly Porter: every applications running within
Nelly Porter: these boundaries can do
Nelly Porter: exactly what they've done before.
Nelly Porter: You don't want to change anything.
Nelly Porter: It's like the fish conference room
Nelly Porter: with the help from Google,
Nelly Porter: as you can remember prior
Nelly Porter: to COVID could shake things up.
Nelly Porter: You can do whatever you need,
Nelly Porter: but you will be in
Nelly Porter: cryptographically isolated space and
Nelly Porter: none of the strangers passing by can see.
Anton Chuvakin: >> You mentioned AMD,
Anton Chuvakin: so this technology depends on
Anton Chuvakin: the specific CPU choice, it seems like.
Anton Chuvakin: Could you give us a bit more on
Anton Chuvakin: why this CPU was chosen?
Nelly Porter: >> Intel as CPU it also has
Nelly Porter: very familiar base have their
Nelly Porter: own take on confidential computing.
Nelly Porter: It's called Secure Guard extension or Intel SGX.
Nelly Porter: As I mentioned previously,
Nelly Porter: we had investigated [inaudible 00:18:23] own
Nelly Porter: these specific offerings from Intel for many years.
Nelly Porter: But what we found,
Nelly Porter: the complexity of moving to this world is
Nelly Porter: actually going to be
Nelly Porter: a problem for very many customers,
Nelly Porter: because to be able to have and
Nelly Porter: use this specific Intel as Jacques's,
Nelly Porter: what it's called enclave customers
Nelly Porter: would have to partition the app.
Nelly Porter: It's why I think it's
Nelly Porter: two years ago we introduced
Nelly Porter: open-source projects that we call
Nelly Porter: [inaudible 00:18:53] to help developers
Nelly Porter: to make this transition easily.
Nelly Porter: But still, when I was talking to so many customers,
Nelly Porter: only when I started to talk
Nelly Porter: about refactoring their applications to
Nelly Porter: workloads you needed to seize and look
Nelly Porter: interfaces that were very obvious for me.
Nelly Porter: It's not something that they are
Nelly Porter: going to do right away.
Nelly Porter: So it was super obvious
Nelly Porter: to us that we need to find a solution
Nelly Porter: that doesn't require these changes
Nelly Porter: and AMG has this solution for us,
Nelly Porter: that's why I working with them.
Nelly Porter: In a very good partnership,
Nelly Porter: we were able to bring
Nelly Porter: confidential computing for GCP in this method.
Tim Peacock: >> That change, free nature of
Tim Peacock: this project I think is just so close to magic.
Tim Peacock: It blows my mind Nelly that you and AMD have
Tim Peacock: been able to achieve that for
Tim Peacock: our users here. That's just too cool.
Nelly Porter: >> Thank you so much Tim.
Nelly Porter: Honestly, as I said,
Nelly Porter: it's like work of hundreds
Nelly Porter: and hundreds of people from
Nelly Porter: multiple companies for multiple years
Nelly Porter: and we finished up with a single checkbox.
Nelly Porter: This checkbox will be checked.
Nelly Porter: Customers would be able to
Nelly Porter: run the confidential environment.
Nelly Porter: I think the single checkbox is
Nelly Porter: culmination of so many people,
Nelly Porter: so much creativity and
Nelly Porter: investments, so I thought that.
Tim Peacock: >> With that, I just want to
Tim Peacock: say I think I look forward to the era
Tim Peacock: of no check box
Tim Peacock: and everything is this way by default.
Tim Peacock: Nelly Porter, thank you so
Tim Peacock: much for joining us today on
Tim Peacock: the first episode of the GCP security podcast.
Tim Peacock: So happy to have had you come join us today.
Tim Peacock: Everyone listening. Thank you for
Tim Peacock: tuning in to the first episode.
Tim Peacock: Again, you can expect to hear from
Tim Peacock: myself and Anton every couple of weeks,
Tim Peacock: podcast episodes of about this link
Tim Peacock: available wherever your podcasts are distributed.
Nelly Porter: >> Thank you so much, everybody,
Nelly Porter: and thank you Tim and Anton for
Nelly Porter: having me on your first podcast.
Anton Chuvakin: >> Thank you.
