Abstract: Technologies for secure I/O data transfer with an accelerator device include a computing device having a processor and an accelerator. The processor establishes a trusted execution environment. The trusted execution environment may generate an authentication tag based on a memory-mapped I/O transaction, write the authentication tag to a register of the accelerator, and dispatch the transaction to the accelerator. The accelerator performs a cryptographic operation associated with the transaction, generates an authentication tag based on the transaction, and compares the generated authentication tag to the authentication tag received from the trusted execution environment. The accelerator device may initialize an authentication tag in response to a command from the trusted execution environment, transfer data between host memory and accelerator memory, perform a cryptographic operation in response to transferring the data, and update the authentication tag in response to transferrin the data.

Abstract: In one example, a cloud computing environment may be probed to detect an actual topology including connectivity between infrastructure security nodes and management nodes. Each management node may execute a corresponding centralized management service. Each infrastructure security node may execute a corresponding infrastructure security service that handles at least one infrastructure security function. Further, a set of candidate topologies may be generated based on the actual topology. Each candidate topology may indicate a way to replicate the infrastructure security service into the management nodes. Furthermore, a replication partner associated with each of the management nodes may be determined based on a selection of one of the candidate topologies. An operation to deploy the infrastructure security service on the management nodes may be executed based on the selected one of the candidate topologies and the determined replication partners to form an embedded linked mode architecture.