Security News > 2020 > July > Using confidential computing to protect Function-as-a-Service data

Using confidential computing to protect Function-as-a-Service data
2020-07-02 04:50

Enterprise key management services are powerful technologies for confidential computing that can help organizations decentralize and execute their most sensitive business logic outside of public clouds in a completely confidential manner.

Storing credit history in AWS. A large financial firm uploads its customers' credit history and private data into AWS S3 containers protected by client-side encryption using an enterprise key management service.

AWS lambda function passes that information in JSON to the enterprise key management service where confidential credit forecasting logic is written in a secure enclave.

The enterprise key management service decrypts the AWS S3 information using the key from the enterprise key management service, runs business logic on it, and passes the encrypted result back to the Lambda function in JSON format.

With enterprise key management services, organizations can be assured that their data and applications are confidential in public clouds and will stay private even if the hardware is compromised.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/bWtyhze9G9M/