As data breaches become more common and organizations deal with more regulated and critical data, confidential computing is emerging as a solution to security and privacy concerns in the cloud.
When Daimler, the manufacturer of premium vehicle brands such as Mercedes-Benz and Maybach, needed to send sensitive post-sales customer data to the public cloud such as age, address, and driver’s licence number — it used confidential computing to keep the data safe.
As data breaches become more common and organizations deal with more regulated and critical data, confidential computing is emerging as a solution to security and privacy concerns in the cloud.
Nataraj Nagaratnam, Fellow and Chief Technology Officer at IBM Cloud Security, uses the example of a hotel with various visitors in different rooms to demonstrate confidential computing. If a guest needs to store something discreetly, she can use her room’s personal locker. The material within the locker is safe after a guest sets the locker key, and even hotel workers cannot access it.
According to Nagaratnam, confidential computing technology enables the creation of such safes or enclaves where clients have complete control over their data. This hardware-based Trusted Execution Environment (TEE), as it’s known, safeguards data not just at rest and in transit, but also while processing. The first two could be protected by encryption services. Confidential computing ensures data security even during processing by restricting access to the data being processed and the techniques used to process it to be accessible to the authorised programming code. User’s data is invisible to everything, including the cloud provider. Just before being decrypted for processing, the data is secured in memory.
Confidential computing, according to Akhilesh Tuteja, global head of cyber security consulting at KPMG, is still in its infancy and is a breakthrough technology that enables security and privacy by design. Tuteja said “All industries will benefit, particularly the healthcare and financial services industries, when they process sensitive personal data. The industries relying on distributed machine generated/machine read data – such as Industry 4.0, connected cars, etc – will also benefit as they can allow stronger security controls for data being exchanged among sensors and cloud,”
Nagaratnam pointed out that IBM, which began researching confidential computing over a decade ago, has begun to sell the technology to organizations across sector, including financial services and automobiles.
A group led by Google, Microsoft, IBM/Red Hat, Intel, Alibaba, ARM, Accenture, Facebook, and Huawei is assisting define open standards for confidential computing, and accelerate its adoption. The technology will almost certainly hasten cloud adoption.