Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Tech Giants Join Forces on Confidential Computing

The Linux Foundation this week announced an industry-wide effort aimed at accelerating the adoption of confidential computing.

The Linux Foundation this week announced an industry-wide effort aimed at accelerating the adoption of confidential computing.

The effort is aimed at creating the Confidential Computing Consortium, a new organization hosted at The Linux Foundation and which is already enjoying participation from Alibaba, Arm, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom and Tencent.

With computing spanning from on premises to public cloud to edge, and workloads being moved between these environments, protection controls are needed to protect sensitive data, along with transparency for these controls.

At the moment, cloud computing seeks to keep data safe when at rest and in transit, but that doesn’t fully address the need for complete protection of sensitive data. An additional approach seeks to encrypt data in use.

Confidential computing is aimed at enabling the processing of encrypted data in memory, without exposing it to the rest of the system, thus reducing exposure and offering increased control and transparency.

Data that is protected while in use is likely “not visible in unencrypted form during computation except to the code authorized to access it,” Mark Russinovich, CTO at Microsoft Azure, points out. This means that the data might not even be accessible to public cloud service providers or edge device vendors, he also says.

Tech companies such as Google and Microsoft have already invested resources in the advancement of confidential computing, but the new Confidential Computing Consortium seeks to establish industry-wide collaboration between hardware vendors, cloud providers, developers, open source experts and academics.

The initiative wants to accelerate the confidential computing market, influence technical and regulatory standards, and create open source tools to deliver the right environment for TEE (Trusted Execution Environment) development.

Participants have already committed to contributing with several open source projects to the Consortium. These include the Intel Software Guard Extensions (Intel SGX) Software Development Kit (protects data at the hardware layer), Microsoft Open Enclave SDK (allows for the building of TEE apps using a single enclaving abstraction), and Red Hat Enarx (provides hardware independence for securing applications using TEEs).

The Consortium’s structure will include a Governing Board, a Technical Advisory Council and separate technical oversight for each technical project. It should host various technical open source projects and open specifications to support confidential computing and will be funded through membership dues.

Related: Fortanix Releases Open Source SDK for Intel SGX Enclaves

Related: Intel SGX Card Extends Memory Protections to Existing Cloud Servers

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Funding/M&A

Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.