Confidential Computing Consortium Formed To Protect Processed Data

Share

The idea behind the association is for the the tech industry to come together to collaborate on open source technology and frameworks to support these new confidential computing scenarios.

"Microsoft has invested in confidential computing for many years, so I'm excited to announce that Microsoft will join industry partners to create the Confidential Computing Consortium, a new organization that will be hosted at The Linux Foundation".

"To help users make the best choice for how to protect their workloads, they need to be met with a common language and understanding around confidential computing".

"The Open Enclave SDK is already a popular tool for developers working on Trusted Execution Environments, one of the most promising areas for protecting data in use", Mark Russinovich, chief technical officer at Microsoft, said in a statement.

Confidential Computing is an interesting and much-needed process in the modern computing world wherein the data swiftly move between multiple data storage and processing points.

"Whether running on your own servers on-prem, in an edge deployment or in the heart of a cloud service provider's data center, this "in-use" data is nearly always unencrypted and potentially vulnerable", Wigle wrote in a blog post. Data typically gets encrypted by service providers, but not when it's in use. Other companies getting involved include Alibaba Cloud, Arm, Baidu, Google Cloud, IBM, Intel, Red Hat, Swisscom and Tencent.

Microsoft in turn will provide its Open Enclave SDK for building and signing Trusted Execution Environment (TEE) apps, which the company started trialling as part of its Azure confidental computing effort in 2017.

More news: Bunny or bird: New optical illusion stumps the internet
More news: Trump Doubles Down on Calling Jews Who Vote for Democrats "Disloyal"
More news: Trump Says other Countries Will Need to Fight ISIS

The SGX solution protects sensitive code and data of an application from being stolen or modified by malicious actors that may have taken over the operating system or virtual machine.

Developers are encouraged to participate in any open source project under the auspices of the Confidential Computing Consortium.

The aim is for confidential computing to enable encrypted data to be processed in memory without exposing it to the rest of the system, reduce exposure for sensitive data, and provide more control and transparency for users.

SGX uses enclaves, or hardware protected environments in which trusted applications can run, which allows developers to ensure code and data won't be leaked or modified.

Microsoft will be contributing its Open Enclave SDK, which creates a pluggable, common way to create redistributable trusted applications securing data in use.

Incidentally, Red Hat's Enarx works well not only with Intel SGX, but also AMD Secure Encrypted Virtualization (SEV) based systems.

The Confidential Computing Consortium aims to help define and accelerate open-source technology that keeps data in use secure.

Share