Why we love Apple's next-gen private cloud

Carl Tashian

Follow Smallstep

Smallstep’s software offers the strongest possible guarantee that only your organization’s devices can access sensitive resources like Wi-Fi networks, VPNs, and SaaS apps. Modern crypto processors (Secure Enclave, TPMs) and remote attestation are foundational for us. So we were excited to see Apple doubling down on these technologies at their annual WWDC24 developer conference, with their announcement of Private Cloud Compute (PCC).

Apple has really led the way on privacy and security in recent years, and it makes sense that they are bringing their philosophy to the cloud. If you spin up a basic Linux VM on any cloud provider, by default, you won’t get most of the protections offered by every new Apple device:

• Secure Boot
• Data Protection (file-level encryption with keys stored securely)
• Advanced app sandboxing that’s enforced out of the box
• Strong software supply chain security (binary signing with strong enforcement)
• Strong hardware supply chain security (cryptographically authenticated hardware)

A few of these protections are only possible in Linux if you’re willing to spend a lot of time stringing together different software packages and container environments, and a lot of extra money on hardware that offers supply chain component verification. And if you want remote attestation — strong, verifiable guarantees about a system’s runtime state — you’ll need even more tooling.

Of course, one can’t just copy and paste device security protections from mobile devices over to the cloud. That wouldn’t really address the unique problems of cloud security. Instead, Apple has designed a cloud security model that extends the reach of their device security model into the cloud. From their announcement:

To process more sophisticated requests, Apple Intelligence needs to be able to enlist help from larger, more complex models in the cloud. For these cloud requests to live up to the security and privacy guarantees that our users expect from our devices, the traditional cloud service security model isn't a viable starting point. Instead, we need to bring our industry-leading device security model, for the first time ever, to the cloud.

This is a big development. Apple found a way for devices to take advantage of AI cloud compute when needed, while still maintaining strong privacy and security guarantees thanks to the same cryptographic attestation methods that Smallstep uses. PCC runs on Apple hardware and their own custom OS. It’s tailor-made for running AI models. And while it’s not yet available to developers outside of Apple, we hope their private cloud will someday become a public cloud. If Apple doesn't do it, someone else surely will.