Apple is bringing its Personal Cloud Compute (PCC) platform to Google Cloud, increasing the infrastructure behind Apple Intelligence to third-party knowledge facilities.
Launched in 2024, PCC offers cloud-based processing for AI workloads that exceed the capabilities of on-device fashions whereas sustaining Apple’s safety and privateness ensures. The system was initially constructed on Apple silicon and operated solely inside Apple’s infrastructure.
Constructing on confidential computing
The enlargement leaves PCC’s core safety mannequin unchanged. The system is constructed round stateless computation, enforceable ensures, no privileged runtime entry, non-targetability, and verifiable transparency.
To assist new Apple Intelligence workloads, Apple collaborated with Google and NVIDIA to increase PCC’s safety and privateness ensures to Google Cloud infrastructure and NVIDIA GPUs. NVIDIA Confidential Computing, Intel CPUs with TDX, NVIDIA GPUs, and Google’s Titan chip present the inspiration for safety and privateness capabilities constructed on prime of confidential computing applied sciences.
Transparency and verification
The corporate treats the whole computing stack, from firmware and {hardware} to host and visitor working programs and utility code, as a part of the trusted computing base, topic to verifiable transparency and no-privileged-access ensures.
To cut back provide chain dangers, Apple maintains a cryptographically verifiable, append-only ledger of all Google Cloud {hardware} that’s a part of the PCC fleet. For software program attestation, parts that might be exploited to exfiltrate person knowledge depend on a minimum of two separate roots of belief from unbiased distributors.
PCC on Google Cloud incorporates a number of safety mechanisms already utilized in PCC on Apple silicon. Preliminary community knowledge parsing for every request takes place in a devoted course of inside its namespace. Shared inference software program is recycled with a brief time-to-live length, and attested keys are saved in a separate confidential digital machine remoted from exterior inputs.
“Collectively, these capabilities assist be sure that even exterior of Apple’s {hardware} and knowledge facilities, person knowledge will proceed to be protected by the total pressure of PCC’s extraordinary safety and privateness properties,” the corporate said.
Apple retains full management over PCC software program no matter the place it runs, as Apple gadgets belief solely software program that has been cryptographically accredited by the corporate.
PCC on Google Cloud will steadily achieve its full set of protections all through the summer time preview interval.
Apple will publish all PCC binaries for public inspection. The corporate will even present analysis instruments and entry to reside PCC nodes working in analysis mode via the Apple Safety Bounty program.