Announcing Confidential Computing General Access on NVIDIA H100 Tensor Core GPUs

NVIDIA launched the initial release of the Confidential Computing (CC) solution in private preview for early access in July 2023 through NVIDIA LaunchPad.

Rob Nertney
3 min readadvanced
--
View Original

Overview

NVIDIA has announced the general availability of its Confidential Computing solution on NVIDIA H100 Tensor Core GPUs, which provides enhanced security for data in use, particularly for AI applications. The release includes performance optimizations and security hardening, making it suitable for sensitive workloads.

What You'll Learn

1

How to implement Confidential Computing on NVIDIA H100 Tensor Core GPUs

2

Why securing data in use is critical for AI applications

3

When to use single-GPU passthrough with Confidential Computing

Prerequisites & Requirements

  • Understanding of virtualization and Trusted Execution Environments (TEEs)
  • Familiarity with CUDA and NVIDIA drivers(optional)

Key Questions Answered

What are the new features of Confidential Computing on NVIDIA H100 GPUs?
The latest release includes performance optimizations and security hardening of the driver specifically for Confidential Computing. These enhancements aim to improve the overall security and efficiency of running confidential workloads on NVIDIA H100 GPUs.
What hardware is required for Confidential Computing on NVIDIA H100 GPUs?
To utilize Confidential Computing on NVIDIA H100 GPUs, a CPU that supports a VM-based Trusted Execution Environment (TEE) is necessary. Supported CPUs include AMD Milan and Intel Emerald Rapids, along with all GPU protections enabled on NVIDIA Hopper architecture.
Why is Confidential Computing important for AI workloads?
Confidential Computing is crucial for protecting sensitive data and AI models, especially when handling personally identifiable information (PII) or proprietary information. It ensures that data remains secure during processing, preventing unauthorized access or modifications.
How does NVIDIA ensure a smooth transition to Confidential Computing?
NVIDIA collaborates with CPU partners, cloud providers, and independent software vendors (ISVs) to facilitate a seamless transition from traditional to confidential, accelerated workloads, ensuring that users can adopt these technologies without disruption.

Technologies & Tools

Hardware
Nvidia H100 Tensor Core GPU
Used for implementing Confidential Computing solutions.
Software
Cuda
The driver version 12.4 is required for Confidential Computing support.
Operating System
Ubuntu 22.04
Supported operating system for running Confidential Computing on AMD and Intel CPUs.

Key Actionable Insights

1
Utilize the free hands-on lab to get practical experience with Confidential Computing on NVIDIA H100 GPUs.
This lab provides an opportunity to learn and implement Confidential Computing solutions, which is essential for developers working with sensitive data in AI applications.
2
Consider the security implications of data in use when designing AI systems.
As many organizations are moving to cloud-based AI solutions, understanding how to protect data during processing is vital to mitigate risks associated with data breaches.
3
Stay updated with the latest CUDA versions to leverage new features and optimizations.
Using the latest CUDA 12.4 driver ensures that you have access to the most recent performance enhancements and security updates for Confidential Computing.

Common Pitfalls

1
Failing to secure data in use can lead to vulnerabilities during AI processing.
Many organizations focus on protecting data at rest and in transit but overlook the importance of securing data while it is being processed, which can expose sensitive information.

Related Concepts

Confidential Computing
Trusted Execution Environments (tees)
Data Security In AI Applications
Virtualization Technologies