Confidential computing trust validation: what changes for IAM teams?

TL;DR: Independent trust validation for confidential computing is moving into cloud infrastructure, with DigiCert and Google Cloud positioning cryptographic verification, certificates, and identity validation as a way to independently attest workload integrity. The governance shift is clear: infrastructure trust can no longer rely on provider assurances alone when regulated workloads and AI systems are in scope.

NHIMG editorial — what this means for NHI practitioners

By the numbers:

• Only 44% of organisations have implemented any policies to manage their AI agents, despite 92% agreeing that governing AI agents is critical to enterprise security.
• 59% of organisations face greater difficulties auditing machine identities, primarily due to lack of clear ownership and limited visibility.
• 69% of organisations now have more machine identities than human ones.

Questions worth separating out

Q: How should security teams govern trust for confidential computing workloads?

A: Security teams should treat confidential computing trust as a workload identity issue, not only an infrastructure issue.

Q: Why do confidential computing environments still need independent verification?

A: Because isolation protects data in use, but it does not automatically prove that the workload or environment is authentic.

Q: What breaks when attestation certificates are not managed like identities?

A: The attestation model loses operational value if issuance, renewal, expiry, and revocation are handled ad hoc.

Practitioner guidance

• Map attestation to workload identity ownership Assign a named owner for every confidential workload that depends on attestation evidence, and require that owner to manage certificate issuance, rotation, and revocation as part of the workload lifecycle.
• Define where provider assurance stops Document which processing flows can rely on cloud provider attestation and which require an independent trust root because of regulatory scope, data sensitivity, or cross-domain dependency.
• Integrate attestation into access decisions Require runtime trust evidence before allowing sensitive workloads to connect to downstream data, APIs, or orchestration services, especially where machine identity is the primary actor.

What's in the full announcement

DigiCert's full press release covers the operational detail this post intentionally leaves for the source:

• How the independent trust validation model is structured for confidential computing environments
• The specific role of cryptographic signatures, certificates, and identity validation in the attestation flow
• The collaboration details between DigiCert and Google Cloud around confidential workloads
• The product framing for regulated and security-sensitive cloud processing

👉 Read DigiCert's press release on independent trust validation for confidential computing →

Confidential computing trust validation: what changes for IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →