Abstract

Data in-use protection is critical to the data use lifecycle. Trusted execution environments supported by hardware are a key element of a system that provides data protection. The computing model focused on data protection via hardware-attested trusted execution engines is broadly called confidential computing. In this paper, we describe a security analysis of an Intel ISA extension called Intel <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">®</sup> Trust Domain Extensions (Intel <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">®</sup> TDX) to host confidential compute virtual machine workloads (called Trust Domain Virtual Machines or TD VMs) in the cloud. This paper describes the threat model and security architecture for Intel TDX. We describe the architecture principles, design constraints, and outline open problems that should be solved to increase the utility and scale of confidential computing models.