Confidential computing


Confidential computing on our Bare Metal servers

Confidential computing focuses on the continuous protection of data while it is being processed. This is essential in certain domains, and for certain uses. The technology is usually part of a productivity strategy, and involves both cost control and high availability. OVHcloud dedicated servers are designed to meet the needs of such an approach.

Secure your data in operation with OVHcloud servers

Data processing security is essential — particularly in the financial and medical fields — and when running machine learning processes that involve sensitive data. Data streams need to be secured, particularly within workloads and during exchanges between third parties. Confidential computing on OVHcloud bare metal servers offers a trusted solution, which is perfect for securing data at all levels of use.

Intel® SGX Technology

Advance servers are equipped with Intel Xeon E processors, and include hardware and RAM encryption features. This way, your software and most sensitive data are protected from disclosure and modification. With our solutions, you can protect your data against contamination, overflow and spying on the same server.

Icons/concept/Shield Created with Sketch.

AMD Infinity Guard

Based on Zen architecture, AMD EPYC processors integrate the advanced security features required for optimal protection against internal and external threats. This securely conserves your data, with virtually no impact on system performance.

Icons/concept/Server/Server Gear Created with Sketch.

Consolidated workloads, protected data

With secure enclave management, you can consolidate your applications on servers with multiple CPU cores by isolating them from one another. This way, you get more performance and security without affecting your budget.

Icons/concept/Counter Created with Sketch.

Powerful software solutions

With Fortanix, Red Hat Enarx, Open Enclave SDK or VMware vSphere, secure enclave implementation is quick and simple. It also delivers optimal performance, so you can combine security and speed for your infrastructure.

diagramme_solution-securite-materielle

Description

Enable advanced processor security features via the BIOS or the OVHcloud Control Panel, and set the enclave size in seconds. You will then get a secure runtime environment by isolating part of your server’s physical memory. This isolated part is called a security enclave.

This way, you will protect access to data that is being processed, or code that is being run.

AMD Infinity Guard architecture integrates security features to protect virtual environments (AMD Secure Encrypted Virtualization) and memory integrity (AMD Secure Memory Encryption). It also protects against malicious agents (AMD Secure Boot), and return-oriented programming attacks (AMD Shadow Stack).

Options and services included

  • Intel® SGX (Intel® Xeon® E processor)
  • AMD Infinity Guard (3rd generation AMD EPYC processor)
  • A range of RAM and storage options
  • Unlimited public and private bandwidth*
diagramme_apprentissage-federe

Description

Consolidate your application processing securely. Harness the computing power of our servers, and use the right machine for the right application. By enabling advanced security features, you can process data from multiple sources while still ensuring that people keep their data confidential.

Federated learning is an automatic learning method that maintains confidentiality (PPML). It enables algorithms to learn from data sets across multiple devices or decentralised sites without exchanging data. This means sensitive data is not exposed to threats, and organisations can build a more accurate model.

Options and services included

  • Intel® SGX (Intel® Xeon E processor)
  • AMD Infinity Guard (3rd generation AMD EPYC processor)
  • A range of RAM and storage options
  • Unlimited public and private bandwidth*

“Above all, we were looking for ways to be able to operate as flexibly as possible. In addition, both we and our users place much higher trust in cloud providers that are based in the European area and operate according to European values - the high standards according to the GDPR, which stand for security and solidity. This is guaranteed with OVHcloud."

Christian G. Junger, CEO of Securitee