There's been some concern in recent years about the security of data as well as processes while they are in the cloud or transferred between networks. What happens when they are being processed? Data must be protected while it is running which has proved to be an issue. Since applications need access to the data in unencrypted forms during the time it is running however encryption is not enough for this type of data.

Confidential computing was developed to reduce the risk of data being exposed to cloud. It is a model of security which utilizes hardware-based data execution environments that provide a safe environment for data execution. Confidential Computing uses a Trusted Execution Environment to secure cloud data and restrict access to it.

The Confidential Computing Consortium (CCC) was established under the mandate of the Linux Foundation working hand-in-hand with hardware and software vendors like Intel, Google, Microsoft, IBM and Red Hat. CCC's goal is to build secure systems that do not rely on proprietary software in confidential computing environments.

What exactly is Confidential Computing?

Hardware-based methods isolate databy encrypting it in memory without displaying the data to the whole system. As mentioned earlier the data is stored in TEE which makes it not possible to view the data from the outside, even with the help of a debugger. TEE is a protected container which protects a small portion of memory as well as processor. It is possible to use the TEE can be used to run software that hides code and data from the outside world. secure execution environment. Access to external networks is blocked through these encryption methods. Confidential Computing isolates software and information from the hardware underneath and is secured.

This is illustrated through tools such as Intel's Software Protection Extensions, (SGX) which can be used to protect data from being encrypted or to create TEE in firmware. The Microsoft SDK is an open source framework that allows developers create TEE apps using one abstraction. Red Hat's Enarx Project and Asylo Project provide similar abstraction layering. In any case, confidential computing requires collaboration with a range of companies in the industry, including hardware vendors, cloud providers, developers, open source experts, academics, and many more.

Why Confidential Computing?

Cloud computing adoption can be made more efficient by improving security. Confidential Computing allows you to move highly sensitive data as well as IP addresses into cloud. The primary benefits of Confidential Computing include:

E2E encryption security.

Data protection in execution.

Cloud AWS Nitro provides greater customer control.

Transparency and trust are increased.

Ensures protection against unauthenticated use.

Facilitates movement between different environments.

Market players

Every company that is a an affiliate of the CCC provides its own services that are specialized in a variety of ways, and sometimes are targeted at different sectors. Microsoft Azure, Google Cloud or AWS Nitro, among many other companies, are worth to be mentioned.

Microsoft Azure reduces the risk of data theft and security breach. Azure already provides a range of tools to secure the data in its resting state and to protect data during transit through secure protocols such as TLS and HTTPS. It is now offering encrypted in-use.

Among its services it offers security against unauthorised access, intellectual security of the organisation in the cloud by maintaining total control over data to comply with government regulations, solving issues through connecting data across companies to unlock data analytics, and products that take away liability for private data with in-depth processing that ensures that the service provider cannot access user information.

Google Cloud, which leverages the security capabilities of modern CPUs, provides real-time encryption for the data that is used. It also provides lift-and-shift security and the capability to use AWS Nitro Enclaves private virtual machines without the need to alter application code. Organisations can collaborate on research projects using cloud computing regardless of location, without compromising confidentiality.

Posted by: FanHealthcare at 10:18 AM | No Comments | Add Comment
Post contains 652 words, total size 5 kb.