As computing moves from on-premises to the public cloud and the edge, protecting has data has become more complex, prompting Intel, Google, Microsoft, the Linux Foundation and other technology partners to launch a cross-industry effort for organizations to safely share data insights through the Confidential Computing Consortium.
RELATED CONTENT: Microsoft tackles data sharing between organizations
“The Confidential Computing Consortium is a leading indicator of what’s to come for security in computing and will help define and build open technologies to support this trust infrastructure for data in use,” said Jim Zemlin, executive director at The Linux Foundation.
The consortium other founding members include Alibaba, ARM, Baidu, IBM, Red Hat, Swisscom and Tencent. According to Mark Russinovich, the CTO of Microsoft Azure, the consortium offers an opportunity in which companies can share their data sets without giving access to that data, to “gain shared insights and to innovate for the common good.” This means that data is not visible in unencrypted form during computation except to the code authorized to access it, he explained.
“Simply put, confidential computing capabilities, like the ability to collaborate on shared data without giving those collaborating access to that data, has the power to enable organizations to unlock the full potential of combined data sets,” Russinovich wrote in a blog post. “Future applications will generate more powerful understanding of industries’ telemetry, more capable machine learning models, and a new level of protection for all workloads.”
The consortium also aims to introduce new cross-platform development tools, technologies and taxonomy for confidential computing to allow developers to deploy software across different public clouds and Trusted Execution Environment (TEE) architectures.
Microsoft will be contributing its Open Enclave SDK, which creates a pluggable, common way to create redistributable trusted applications securing data in use. Intel will be contributing its software guard extensions SDK designed to help app developers protect select code and data. And Red Hat will be contributing its project for providing hardware independence for securing apps using TEEs, Enarx.
“These technologies offer the promise to protect data and enable collaboration to make the world more secure and unlock multiparty innovations,” Russinovich wrote.
Russinovich added that confidential computing can be used for:
- Training multi-party dataset machine learning models or executing analytics on multi-party datasets,
- Enabling confidential query processing in database engines within secure enclaves,
- Empowering multiple parties to leverage technologies like the Confidential Consortium Framework,
- Protecting sensitive data at the edge
“To help users make the best choice for how to protect their workloads, they need to be met with a common language and understanding around confidential computing. As the open source community introduces new projects like Asylo and OpenEnclave SDK, and hardware vendors introduce new CPU features that change how we think about protecting programs, operating systems, and virtual machines, groups like the Confidential Computing Consortium will help companies and users understand its benefits and apply these new security capabilities to their needs,” said Royal Hansen, vice president of security at Google.