Major tech companies including Google Cloud, Intel, Microsoft, Alibaba, Arm, Baidu, IBM and Red Hat announced intent to form the Confidential Computing Consortium to improve security for data in use.
Established by the Linux Foundation, the organization plans to bring together hardware vendors, developers, open-source experts, and others to promote the use of confidential computing, advance common open-source standards, and better protect data.
“Confidential computing focuses on securing data in use. Current approaches to securing data often address data at rest (storage) and in transit (network), but encrypting data in use is possibly the most challenging step to providing a fully encrypted lifecycle for sensitive data,” the Linux Foundation said today in a joint statement.
“Confidential computing will enable encrypted data to be processed in memory without exposing it to the rest of the system and reduce exposure for sensitive data and provide greater control and transparency for users.”
The consortium also said the group was formed because confidential computing will become more important as more enterprise organizations move between different compute environments like the public cloud, on-premises servers, or the edge.
To get things started, companies made a series of open source project contributions including Intel Software Guard Extension (SGX), an SDK for code protection at the hardware layer.
Microsoft contributed the Open Enclave SDK for developers to build Trusted Execution Environment (TEE) applications, and IBM’s Red Hat is sharing Enarx for running TEE applications.