Microsoft harnesses third-gen AMD Epyc processors for locked-down VMs

Microsoft is expanding its Azure confidential computing portfolio with virtual machines that use the encryption and memory protection features of AMD's third-gen Epyc processors.

There is also Azure Confidential Ledger, a secure service for managing sensitive data records that runs on hardware-backed secure enclaves.

The Azure DCasv5 and ECasv5 series of confidential VMs make use of an updated version of AMD's Secure Encrypted Virtualization (SEV) technology, which utilizes encryption to protect the memory area used by a VM even from the hypervisor running on the host system. These VMs were previously available in technical preview.

SEV-SNP (Secure Nested Paging) adds more hardware-based protection, such as memory integrity features to defend against hypervisor-based attacks like data replay or memory re-mapping, according to AMD [PDF]. These deny the hypervisor and other code running on the host access to the VM's memory or state information.

Microsoft said these confidential VMs also support full disk encryption and integration with its Azure Managed HSM (Hardware Security Module) and Azure Key Vault services. Customers using them can also use the free Microsoft Azure Attestation (MAA) service to remotely verify the operating environment and integrity of the software binaries running on it.

However, it appears that these VMs may only be available in a limited number of Azure regions at first, including East US, West US, North Europe, and West Europe.

Microsoft already has confidential VMs available in Azure supporting application enclaves based on the Intel SGX technology in Xeon processors.

• AMD touts big datacenter, AI ambitions in CPU-GPU roadmap
• How Intel and AMD hope to win the cloud security game
• Concerned about cloud costs? Have you tried using newer virtual machines?
• Microsoft, Nvidia extend Azure confidential computing to GPUs

Microsoft said it is also making available a preview of Azure confidential VMs with customizable firmware. This allows customers to bypass the UEFI layer and directly boot into a Linux kernel and runtime serving as custom firmware, providing further flexibility to manage and control in-guest system firmware.

Azure Confidential Ledger is intended to function as a managed, decentralized cloud store for sensitive data. It is based on blockchain technology, and so has the same characteristics of immutability and tamper-proofing, according to Microsoft, making it ideal for applications where critical metadata records must not be modified, such as for regulatory compliance and archival purposes.

To protect a customer's data, Confidential Ledger runs exclusively on trusted execution environments (TEEs) with the Azure confidential computing platform, and data in transit is protected by Transport Layer Security (TLS) that terminates inside the secure enclave, meaning it should not be accessible in unencrypted form even to an administrator with access to the infrastructure.

Microsoft said that Azure Confidential Ledger will continue to be offered at no charge – like the preview release – until September 1, when pricing will be disclosed. The service is also only available in Europe and the US at present. ®