From: Confidential computing and related technologies: a critical review
# | Terms | Issues | Recommendations |
---|---|---|---|
1 | CC | HW TEE (Confidential Computing consortium 2021a) versus programmable HW TEE (Confidential Computing consortium 2021c) | Claim on unique definition of CC and multiple conflicting definitions of other technologies should be removed. |
Conflicting definition by researchers at Arm Mulligan et al. (2021) | |||
Other technologies, e.g., HE, are even formally defined Katz and Lindell (2020). | |||
2 | TEE | Ambiguous terms | A clear and distinguishing definition should be given. |
Definition satisfied by HSM also | |||
Unclear threat model | |||
3 | TEE Environment | Undefined | The term should be rephrased. It should be compared and contrasted with TEE for clarity. |
4 | HW TEE | Undefined | It should be compared and contrasted with virtualized SW TEE for clarity. |
5 | Programmability | Arbitrary code versus limited set of operations | It should be clarified that programmability is Turing-complete. |
6 | Attestation | Key components, such as Relying Party and measurement, are missing | The definition should explicitly include Relying Party and some form of trusted measurement. |
7 | Attestation in CC | Incomplete definition of CC | The definition of CC should include attestation as it is a key feature of CC. |