Skip to main content
Exploring what’s next in tech – Insights, information, and ideas for today’s IT and business leaders

Can "confidential computing" finally solve enterprise security?

The confidential computing initiative takes aim at securing data where it's most vulnerable: during processing.

Edge computing, AI, IoT, and 5G are all technologies powering innovation, but there's a fundamental lack of trust blocking their adoption. The reluctance stems from a lack in confidence in each technology's ability to protect data.

But an emerging data security model promises to alleviate organizations' big concerns about data exposure. It's called "confidential computing," and it's an emerging paradigm for securing data when it's in use—its most vulnerable state—by performing computations in a secure, hardware-based environment that's kept isolated from the rest of the system.

Data security: A three-legged stool

Data can exist in one of three states: It's either in transit, at rest, or in use. Confidential computing addresses the "in use" security case. All three states require security measures to be in place to ensure that unauthorized entities can't access the data. When data is in transit between applications and servers or at rest in storage, there are numerous measures available to protect it, including encryption, anti-malware software, and perimeter security.

Please read: How do we trust the untrustable?

Not so easily secured is the third leg of the stool: data in use. It's more complicated because in order for applications to compute, they must have access to decrypted, unprotected data. It's in this unsecured state, when data is in use, that it's particularly vulnerable to root user compromises and malware that can access and steal the contents of memory.

What is confidential computing?

Confidential computing is a cloud technology with the fundamental goal of delivering higher assurances to enterprises that their data is protected while it's being processed, encouraging them to migrate computing workloads to these platforms. Its goal is to provide protection to data when it's in its most vulnerable state: in use.

As defined by the Confidential Computing Consortium (CCC), confidential computing is the protection of data in use by performing computations in a hardware-based trusted execution environment (TEE). The CCC, a Linux Foundation project community, was founded in August 2019 at the Open Source Summit North America and launched in October 2019. It comprises a group of cloud providers, hardware vendors, and software developers committed to open governance and collaboration to accelerate adoption of TEE standards and technologies.

A TEE enforces execution of only authorized code. Any data in the TEE can't be read or tampered with by any code or debugger outside that environment. According to the CCC, "A TEE is a secure and isolated environment that prevents unauthorized access or modification of applications and data while in use, thereby increasing the security assurances for organizations that manage sensitive and regulated data." A TEE must provide data confidentiality, data integrity, and code integrity. It may also provide code confidentiality, authenticated launch, programmability, recoverability, and attestability. Attestability is a key capability for a TEE. It means that code delivers verifiable evidence to another party of its origin and current state. This gives the party checking the evidence high confidence that the code is not generated by malware or unauthorized parties.

Please read: Boosting security with trusted execution environments

Security in any layer of the compute stack can be compromised by a breach at a lower layer, so security solutions must exist down to the lowest layers, even for the hardware's processing components. By doing so, operating system and device driver vendors, platform and peripheral vendors, and service providers are all removed from the required trusted party list. This minimizes exposure from potential threats by other applications on the host, the host OS and hypervisor, system administrators, service providers, and even the infrastructure owner. As a matter of course, it means that not even the chosen cloud hosting provider can access information inside a TEE because the TEE uses embedded hardware keys the provider can't access.

In scope or out of scope

Confidential computing isn't meant to solve every security issue. Technologists recognize that there is no such thing as "absolute security" but that TEEs go a long way toward improving it and are much better than other techniques currently available to secure data in use. Confidential computing attempts to minimize the capability for the platform owner and operator to access data and code inside TEEs, so it discourages attacks because they're no longer "economically or logically" feasible for the attacker.

Dave Thaler, technical advisory council chair for the CCC, outlines which threat vectors the CCC considers in scope and out of scope for confidential computing in a recent CCC webinar. Considered in scope are attacks on software and firmware installed on the host, as well as protocol attacks, including those associated with attestation, workload, and data transport. Basic physical attacks such as cold DRAM extraction, bus and cache monitoring, and devices plugged into an existing network port are addressed. Also in scope are basic upstream supply chain attacks that compromise a TEE, such as surreptitiously adding debugging ports and cryptographic attacks.

Thaler lists a few attacks the CCC considers out of scope, including more complex upstream hardware supply chain attacks such as those on a CPU or attacks directed at chip manufacturing and key injection/generation time. Also excluded are sophisticated physical attacks, such as those that require long-term or invasive hardware access, such as chip scraping and electron microscope probes.

Rich Bird, worldwide healthcare and life sciences lead at Hewlett Packard Enterprise, says that for him, confidential computing is an important step in ensuring data is not readable by unauthorized eyes at any time. "In healthcare, real-time data can have value to care teams by notifying them of events (data in use), while long-term data contains additional, huge value (data at rest)," he says. "Both angles need to be considered."

Practical applications

Enterprises are exploring numerous use cases now that data can be secured while in use thanks to confidential computing.

In the privacy and security sector, enterprises have typically maintained key management systems control in on-premises data centers. With zero trust architecture gaining acceptance and confidential computing becoming more visible, they are taking a harder look at the combination of the two. Emerging enterprise service offerings provide a cloud-friendly, scalable, and distributed architecture where these systems can operate together.

Blockchain also benefits from confidential computing because it improves network data privacy and long-term sustainability, offering secure transactions for authorized network users when confidential computing is implemented. A range of business and governmental activities such as voting systems, auctions, anti-money laundering, and fraud detection can all benefit.

Please read: What makes 'critical software' critical?

The use of multi-party computing and private data sharing that protects personally identifiable information is growing because data in all three states is more secure when confidential computing techniques are leveraged. For instance, clinical trials can now share data safely, and Swiss banks sharing data outside of Switzerland can now do so with a high degree of confidence that their data will remain secure.

Artificial intelligence and machine learning training is happening with a higher degree of accuracy in a more secure environment now that confidential computing is keeping the input data and output model secure. Confidential computing is also enabling important advances in IoT and at the edge, particularly in trusted command and control use cases such as self-driving cars.

This article/content was written by the individual writer identified and does not necessarily reflect the view of Hewlett Packard Enterprise Company.