Linux Foundation Boosts Confidential Computing

Forms Confidential Computing Consortium with big tech players

Last Wednesday, the Linux Foundation announced the Confidential Computing Consortium, a community dedicated to boost cloud security and confidential computing. Several big names in the tech world including Microsoft, Google, Alibaba, IBM and Intel are joining forces in this effort to beef up cloud security.

If the project leads to stronger security as envisioned, it could result in highly secure end-to-end movement of data. There are three different categories of data exposure: one is data at rest or stored, another is data in transit and the third is data in use. Protecting data while in use is referred to as confidential computing.

Confidential computing enables encrypted data to be processed in memory without exposing it to the rest of the system. It also reduces exposure for sensitive data and provides greater control and transparency for users. A core tenet underpinning this approach is the broader use of trusted execution environments, which refers to an area within a processor that ensures confidentiality and integrity of code and data.

The newly formed consortium will bring together hardware suppliers, cloud service providers, developers, open-source experts and academics to accelerate confidential computing, influence technical and regulatory standards, and build open-source tools that provide the right environment for development of trusted execution environment applications. The organization will also anchor industry outreach and education initiatives.

One of the early contributions to the Confidential Computing Consortium is a Microsoft framework, called Open Enclave SDK, that helps write code to run inside trusted execution environments. Intel is supplying its Software Guard Extensions framework for protecting code at the hardware level, and IBM’s Red Hat is contributing a tool called Enarx that abstracts secure environments in a way that lets developers create and run private “serverless” apps.

The Confidential Computing Consortium comes at a time when cloud adoption is accelerating. Risks from data loss and leakage are emerging as leading concerns, as unauthorized cloud access and account hijacking account for some of the major cloud vulnerabilities. With organizations increasingly shifting to cloud computing and storage, the need to keep data private, from the network edge to the public cloud, calls for a platform-agnostic solution allowing for software that can be deployed across different trusted execution environments.