Security News > 2020 > November > Securing Data-in-Use With Confidential Computing

The third data protection pillar - securing data-in-use - has been elusive, but is in the process of being addressed through the transformational motion commonly referred to as confidential computing.

As the third pillar of data security, confidential computing will increasingly be a prerequisite for any cloud-deployed business application.

The technologies, platforms, and architectures that enable confidential computing have evolved at an astounding pace - especially when compared with the decades it has taken for data-at-rest encryption to evolve from password-protected ZIP files in the early 1990s to today's enabled-by-default hardware-based encryption locked to the physical compute system, or the continued effort to transition data-in-transit defaults from HTTP to secure HTTPS. The global pandemic has not held back public cloud advancements and new service offerings in confidential computing.

Virtualization infrastructure for confidential computing built atop hardware-based trusted execution environments on servers that implement Intel Software Guard Extensions are generally available along with previews of confidential VMs using hardware-based TEE on servers supporting AMD's secure encrypted virtualization extension.

In parallel, confidential computing options have begun extending across cloud services to embrace Kubernetes confidential nodes, always encrypted SQL databases, confidential machine learning interfaces, HSM key management, and IoT edge compute.

News URL

http://feedproxy.google.com/~r/Securityweek/~3/X4dHF53rD6c/securing-data-use-confidential-computing