Keep and Share logo     Log In  |  Mobile View  |  Help  
 
Visiting
 
Select a Color
   
 
Confidential Computing: Data Security And Processing
computing

 

In recent years there has been a lot of concern about protecting the data or workstations while they are in storage in the cloud or movement across the network But what happens when they are in their processing? This is an issue since data needs to be secured even when it is being utilized. The encryption we've seen as it is inadequate in this area, as applications need access to data in an unencrypted form during the time it's operating.

 

The need to reduce data exposure in the cloud led to the creation of Confidential Computing, a secure model that gives you a reliable hardware-based data execution system. Confidential Computing aims to limit access and ensure data protection while workloads are being processed using a Trusted Execution Environment (TEE) to protect data in the cloud.

 

The Confidential Computing Consortium (CCC) was founded under the direction of the Linux Foundation working hand-in-hand with hardware and software vendors such as Intel, Google, Microsoft, IBM and Red Hat. CCC's primary objective is to develop safe systems that do not depend on proprietary software within confidential cloud environments.

 

What exactly is Confidential Computing?

Hardware-based techniques are able to isolate the data by performing in-memory encryption without displaying the data to the whole system. In the above paragraph the data is kept in TEE, where it is impossible to see the data from the outside, even using the help of a debugger. A TEE offers a safe container because it shields part of the processor and memory. The TEE can be utilized to run software which hides data and code from the outside world. secure execution environment. These encryption mechanisms eliminate any unauthorised access from outside. Confidential Computing therefore isolates the software and data from the underlying hardware, with the latter encrypted.

 

This is illustrated by tools such as Intel's Software Protection Extensions, (SGX) that can be used to protect data from being encrypted or to create TEE in firmware. The Microsoft SDK is an open source framework that lets developers develop TEE applications by using one abstraction. Red Hat's Enarx Project and Asylo Project provide similar abstraction layering. In all cases, confidential cloud requires collaboration with a range of businesses in the industry, such as hardware manufacturers, cloud providers developers open source experts, academics, and much more.

 

 

Why is Confidentiality Computing Important?

 

Cloud computing adoption could be made more efficient by improving security. Confidential Computing is the tool to transfer highly sensitive IP addresses and data to the cloud. Confidential computing provides the following key benefits:

 

E2E encryption security.

 

Data protection in execution.

 

Better control of the customer with cloud-based services.

 

Enhances transparency and builds confidence.

 

It protects against unauthenticated use.

 

Facilitates movement between different environments.

 

Market players

 

The diverse companies part of the CCC provide their own services with distinct features and, sometimes, focused on specific areas. It is important to mention Microsoft Azure, Google Cloud, and AWS Nitro among others.

 

Microsoft Azure reduces the risk of theft of data and security breach. Azure already provides a range of tools to secure the data in its resting state and to encrypt data in transit through secure protocols such as TLS and HTTPS. Azure is now introducing encryption of data in-use.

 

It offers services such as stopping unauthorised access and protection of intellectual property for the cloud-based organization. This means keeping the records in check to make sure that it is in compliance with the regulations of government.

 

Additionally, Google Cloud offers real-time encryption of data by leveraging the security technology that modern CPUs offer. It also provides lift-and-shift security, the ability to use AWS Nitro private virtual machines, without the need to alter the application's code. Companies can collaborate in the cloud to work on research projects from anywhere, without having to compromise confidentiality.

 


Creation date: Jul 28, 2022 3:21am     Last modified date: Jul 28, 2022 3:21am   Last visit date: Dec 10, 2024 2:54pm
2 / 20 comments
Sep 5, 2022  ( 2 comments )  
9/5/2022
7:17am
John Snott (johnlauwss)

By the way, you're really right. You have given me a lot to think about. But where to find more security for the enterprise?

9/5/2022
7:42am
Bill Shiphr (billshiphr105)

Good afternoon! If you are thinking about how to provide the best security for your enterprise, I can advise you to read more information in other articles. For me for example, what I read about enterprise data security and what a colleague of mine shared with me was very helpful. This provides data security.

    Report Objectionable Content