Cloud and edge networks are setting up a new line of defense, called confidential computing, to protect the growing wealth of data users process in those environments.
Confidential Computing Defined Confidential computing is a way of protecting data in use, for example while in memory or during computation, and preventing anyone from viewing or altering the work.
Using cryptographic keys linked to the processors, confidential computing creates a trusted execution environment or secure enclave. That safe digital space supports a cryptographically signed proof, called attestation, that the hardware and firmware is correctly configured to prevent the viewing or alteration of their data or application code.
In the language of security specialists, confidential computing provides assurances of data and code privacy as well as data and code integrity.
What Makes Confidential Computing Unique? Confidential computing is a relatively new capability for protecting data in use.
For many years, computers have used encryption to protect data that's in transit on a network and data at rest, stored in a drive or non-volatile memory chip. But with no practical way to run calculations on encrypted data, users faced a risk of having their data seen, scrambled or stolen while it was in use inside a processor or main memory.
With confidential computing, systems can now cover all three legs of the data-lifecycle stool, so data is never in the clear.
Confidential computing adds a new layer in computer security - protecting data in use while running on a processor. In the past, computer security mainly focused on protecting data on systems users owned, like their enterprise servers. In this scenario, it's okay that system software sees the user's data and code.
With the advent of cloud and edge computing, users now routinely run their workloads on computers they don't own. So confidential computing flips the focus to protecting the users' data from whoever owns the machine.
With confidential computing, software running on the cloud or edge computer, like an operating system or hypervisor, still manages work. For example, it allocates memory to the user program, but it can never read or alter the data in memory allocated by the user.
How Confidential Computing Got Its Name A 2015 research paper was one of several using new Security Guard Extensions (Intel SGX) in x86 CPUs to show what's possible. It called its approach VC3, for Verifiable Confidential Cloud Computing, and the name - or at least part of it - stuck.
We started calling it confidential cloud computing, said Felix Schuster, lead author on the 2015 paper.
Four years later, Schuster co-founded Edgeless Systems, a company in Bochum, Germany, that develops tools so users can create their own confidential-computing apps to improve data protection.
Confidential computing is like attaching a contract to your data that only allows certain things to be done with it, he said.
How Does Confidential Computing Work? Taking a deeper look, confidential computing sits on a foundation called a root of trust, which is based on a secured key unique to each processor.
The processor checks it has the right firmware to start operating with what's called a secure, measured boot. That process spawns reference data, verifying the chip is in a known safe state to start work.
Next, the processor establishes a secure enclave or trusted execution environment (TEE) sealed off from the rest of the system where the user's application runs. The app brings encrypted data into the TEE, decrypts it, runs the user's program, encrypts the result and sends it off.
At no time could the machine owner view the user's code or data.
One other piece is crucial: It proves to the user no one could tamper with the data or software.
Attestation uses a private key to create security certificates stored in public logs. Users can access them with the web's transport layer security (TLS) to verify confidentiality defenses are intact, protecting their workloads. (Source: Jethro Beekman) The proof is delivered through a multi-step process called attestation (see diagram above).
The good news is researchers and commercially available services have demonstrated confidential computing works, often providing data security without significantly impacting performance.
A high-level look at how confidential computing works. Shrinking the Security Perimeters As a result, users no longer need to trust all the software and systems administrators in separate cloud and edge companies at remote locations.
Confidential computing closes many doors hackers like to use. It isolates programs and their data from attacks that could come from firmware, operating systems, hypervisors, virtual machines - even physical interfaces like a USB port or PCI Express connector on the computer.
The new level of security promises to reduce data breaches that rose from 662 in 2010 to more than 1,000 by 2021 in the U.S. alone, according to a report from the Identity Theft Resource Center.
That said, no security measure is a panacea, but confidential computing is a great security tool, placing control directly in the hands of data owners .
Use Cases for Confidential Computing Users with sensitive datasets and regulated industries like banks, healthcare providers and governments are among the first to use confidential computing. But that's just the start.
Because it protects sensitive data and intellectual property, confidential computing will let groups feel they can collaborate safely. They share an attested proof their content and code was secured.
Example applications for confidential computing include:
Companies executing smart contracts with blockchains
Research hospitals collaborating to train AI models that analyze trends in patient data
Retailers, tel
Most recent headlines
04/08/2024
Dalet, a leading technology and service provider for media-rich organizations, is excited to announce Santiago Solanas as its new Chief Executive Officer (CEO)....
03/06/2024
Dalet, a leading technology and service provider for media-rich organizations, a...
28/04/2024
Mediahaus delivers the first SRT live-streaming sports production over 5G with U...
26/04/2024
Sundance Film Festival CDMX 2024 kicks-off today with screenings in 5 theaters in Mexico City and the opening-night film, FRIDA, directed by Carla Guti rrez...
26/04/2024
[Editor's Note: This interview is part of a larger feature about the women d...
26/04/2024
Once again this year, SGL Carbon opened its doors to interested children and young people. On the occasion of the German Girls and Boys Day, which took place on...
26/04/2024
Orders1 of $5.5 billion; book-to-bill of 1.06x
Revenue of $5.2 billion, up 17%,...
26/04/2024
Five Considerations For Communications Modernization In The 21st Century
In the digital-enabled battlespace, the Joint Force needs to shoot, move and communica...
26/04/2024
CBS Sports has launched Champions League as a new, 24-hour streaming channel that will serve as the year-round destination for nonstop highlights of the UEFA ...
26/04/2024
Despite tough competition in the streaming space, Roku reported solid results in Q1 2024, beating revenue expectations, with total net revenue up 19% YoY to $88...
26/04/2024
LONDON AND TORONTO Pinewood Toronto Studios has appointed Sarah Farrell as general manager of the Studios in downtown Toronto....
26/04/2024
Quantum to Offer Advanced Filesharing Technology and Performance in StorNext and...
26/04/2024
FilmLight Colour Awards welcomes 2024 entries and introduces new Emerging Talen...
26/04/2024
Picture Shop Announces Chris Evans as Head of Unscripted
Brie Clayton April 26, 2024
0 Comments
Picture Shop announced Chris Evans will lead Unscripte...
26/04/2024
Participate in a Survey - The Impact of AI on Media and the Creative Industry
Pascal Wagner April 26, 2024
0 Comments
By participating in this survey,...
26/04/2024
Toy maker Mattel said it is working with Samsung to launch its first free ad-supported streaming television (FAST) channels later this year....
26/04/2024
Trusted Media Brands (TMB) said it named Marty Moe as president....
26/04/2024
Ron Howard is the director on Jim Henson Idea Man, a documentary that premieres on Disney Plus May 31. Henson of course created Kermit the Frog, Miss Piggy, Big...
26/04/2024
The ice continues to melt under the regional sports network business as the Seattle Kraken of the National Hockey League have made a long-term deal to broadcast...
26/04/2024
Heading into the upfronts, Warner Bros. Discovery said it launched Olli, a first-party data platform advertiser can use for converged, targeted advertising camp...
26/04/2024
CBS has renewed the drama The Equalizer, which will see season five on in 2024-2025. Queen Latifah stars....
26/04/2024
The CW has entered into an exclusive multiyear broadcast partnership for the Miss USA Pageant and the Miss Teen USA Pageant. The 73rd Miss USA Pageant will air ...
26/04/2024
Fuse Media isn't mincing words in a campaign urging its young viewers to register and participate in the 2024 elections....
26/04/2024
Dead Boy Detectives, a series from Neil Gaiman about a detective agency staffed by ghosts, debuts on Netflix April 25. George Rexstrew and Jayden Revri are in t...
26/04/2024
The Story Collective has gradually repurposed the former Mortlake Brewery to include production offices, workshops and sound stages
By Matthew Corrigan
Publi...
26/04/2024
Perkett joins the company following a 25 year career in product management, product marketing, engineering and user experience (UX) across multiple industries
...
26/04/2024
Teradek, the industry leader in wireless video transmitters and receivers, announced today the launch of new Bolt 6 LT 750 and Bolt 6 Monitor Module 750 RX with...
26/04/2024
NEW YORK Amagi has appointed Richard Perkett chief product officer (CPO)....
26/04/2024
WASHINGTON, D.C. The National Association of Broadcasters (NAB) has announced the results of the 2024 NAB Radio and Television Board of Directors elections. The...
26/04/2024
EL SEGUNDO, Calif. & NEW YORK Mattel has announced a deal to launch its first three 24/7 free ad supported streaming (FAST) channels on Samsung TV Plus, Samsung...
26/04/2024
PORTLAND, Maine Viewers here can now receive the NextGen TV signals of five local stations with the launch of ATSC 3.0 service from host station WPFO, which is ...
26/04/2024
TORONTO Rogers Communications has signed a 10-year agreement with Comcast to bring the latest Xfinity products and technology to Canadians....
26/04/2024
Calrec is very pleased to announce the benefits of its highly flexible approach to customer service has been recognized with a third award for the Argo range. T...
26/04/2024
New Adobe Photoshop with Advanced Generative Fill and Generate Image Brings New ...
26/04/2024
Trends And Takeaways From NAB Show 2024
Melanie Ciotti April 25, 2024
0 Comments
NAB's Eric Trabb (right) awards SNS with two NAB Show Product of ...
26/04/2024
Sony's Ci Media Cloud Keeps NHRA Moving
Brie Clayton April 25, 2024
0 Comments
Cloud-Based Media Asset Management and Collaboration Platform Accel...
26/04/2024
Capitol Broadcasting & Leadership Triangle Collaborate for Third Year
Capitol B...
26/04/2024
The staff at CBC Radio have been hard at work creating several new features for listeners and viewers. Several debuts are taking place this spring.
I have nev...
26/04/2024
NBA Playoffs 2024: ESPN Rolls Out Huge Production Operation for Busy First Round Tech deployments include miked on-field personnel, shot-distance tracking, AR g...
26/04/2024
NHL Stanley Cup Playoffs: ESPN Ops Team Navigates Both Sides of the Border With ...
26/04/2024
Behind the Scenes at the 2024 NFL Draft in Detroit (Photo Gallery) After just the first round, the 2024 NFL Draft has already made quite an impression in Detroi...
26/04/2024
NFL Draft 2024: Van Wagner Powers Onsite Entertainment Experience for Record Cro...
26/04/2024
Rohde & Schwarz presents spectrum dominance in all domains at AOC Europe Rohde & Schwarz demonstrates the next generation of SIGINT/EW systems and sensor fusi...
26/04/2024
MCine Mauritius is to use Qube Wire for all future DCP deliveries across their e...
26/04/2024
Skeem Saam' May Spoiler: Has Lehasa killed Khwezi?The Skeem Saam' May teasers mention Lehasa being apologetic about killing someone. Is it his baby mam...
26/04/2024
Skeem Saam: Thursday's episode, 25 April 2024 [video]Missed an episode of Skeem Saam? No problem! Watch the latest episode of your favourite South African s...
26/04/2024
Prison Journalism: Some issues to considerWesley Leong was incarcerated at the age of 15 in 1996 at Pollsmoor Prison. He is currently part of Restore's rese...
26/04/2024
Tonight on Scandal: A line is crossed and a mother starts to lose focusDon't miss Friday, 26 April's riveting episode of South African soapie Scandal! o...
26/04/2024
Powered by XPression, the world's fastest-growing real-time motion graphics engine, Raiden combines data gathering, processing, and visualization tools to t...
Cloud and edge networks are setting up a new line of defense, called confidential computing, to protect the growing wealth of data users process in those environments.
