Confidential Computing
Confidential Computing protects sensitive data, code, and secrets even against root users having complete control over operating systems and hypervisors. In this way, one can extend the benefits of cloud computing to sensitive workloads like processing electronic health records. It can also be used to protect intellectual property or for secure collaboration between partners. Dive deep into confidential computing with this comprehensive module, where you'll explore everything from foundational principles to advanced techniques. Gain hands-on experience with SCONE, SGX, and cloud-native solutions as you learn to develop secure applications, optimize performance, and manage complex security policies. Whether it’s mastering attestation, implementing zero trust architectures, or managing encrypted data with Vault and HSM, this course equips you with the skills to tackle today’s most pressing security challenges. By the end, you’ll be ready to implement robust confidential computing solutions in real-world scenarios.
Organization
| Schedule and Location |
Times and rooms may still change! Lecture
Excercise (we are trying to get a new time slot)
Import Calendar: [Opal] |
| Starting date |
Lecture: 15.10.25 |
| People | Lecturer: Christof Fetzer |
| Q&A | Opal |
| Language | English |
| Hours per week | 2/2/- SWS |
| Registration | Please register in SELMA and Opal |
| Final exam |
| Modules | INF-BAS4, INF-VERT4, INF-LE-Eul, INF-DSE-20-E-PODS, INF-NES-C-CONF |
|---|
Material for Lectures and Exercises
Lecture Slides
| Date | Lectur slides | Lecturer |
| 15.10.2025 | Problem Description & advantages of confidential computing (all Slides can be downloaded via OPAL) | Prof. Fetzer |
| 22.10.2025 | Terminology & Threat Model | Prof. Fetzer |
| 29.10.2025 | SCONE Attestation | Prof. Fetzer |
| 05.11.2025 | Local Attestation: SGX | Prof. Fetzer |
| 12.11.2025 | Remote Attestation: DCAP | |
| 26.11.2025 | Encrypted Memory & Performance | Prof. Fetzer |
| 03.12.2025 | Prof. Fetzer | |
| 10.12.2025 | Prof. Fetzer | |
| 17.12.2025 | Prof. Fetzer | |
| 07.01.2026 | Prof. Fetzer | |
| 14.01.2026 | Prof.Fetzer | |
| 21.01.2026 | Prof.Fetzer | |
| 28.01.2026 | Prof.Fetzer |
Exercises
All slides via OPAL
| Date | Exercise Slide | Tutor | Remark |
| 16.10.2025 | Exercise 1 -Introduction to Confidential Computing |
Usama | |
| 23.10.2025 | Exercise 2 -Introduction to Docker/Docker Compose and Kubernetes -Deploying Caddy as a Confidential Application with SCONE Using Docker and Docker Compose |
Ardhi | |
| 30.10.2025 |
Exercise 3 |
Ardhi | |
| 06.11.2025 |
Exercise 4 |
Huyen | |
| 13.11.2025 | Exercise 5 Introduction to Intel TDX, SGX, AMD SEV, and RISC-V Hardware for Confidential Computing |
Usama | |
| 20.11.2025 |
Exercise 6 |
Usama | |
| 27.11.2025 | Exercise 7
Building Confidential Images & Applications – Flask Demo |
Pubudu | |
| 04.12.2025 |
Confidential VM Exercise - Part 1 |
Pamena | |
| 11.12.2025 |
Exercise 8 Confidential VM Exercise - Part 2 |
Pamena | |
| 18.12.2025 |
Exercise 9 Exercise 10 |
julius | |
| 08.01.2026 |
Exercise 11 Confidential Computing - Network Shield /file shield |
Pubudu | |
| 15.01.2026 | Exercise 12 Lecture/Exercise Recap and Exam Preparation |
André | |