C8s: A Confidential Kubernetes Architecture
Summary
C8s introduces a confidential computing architecture for Kubernetes that uses hardware TEEs to provide cryptographically verifiable confidentiality, integrity, and verifiability for workloads on third-party infrastructure. It establishes an attestation-rooted trust boundary around confidential VMs and aims for compatibility with managed Kubernetes services, benefiting data owners, compute providers, and end users with secure AI workloads and sensitive data handling.