Tech giants assemble to tackle cloud and data security


Bobby Hellard

22 Aug, 2019

Some of the largest tech companies in the world, such as Google and IBM, are joining forces to advance confidential computing and cloud security.

The aim is to build trust and security for the next generation of cloud and edge computing with open-source technologies and an agreed set of standards for protecting data.

The Confidential Computing Consortium has been brought together by the Linux Foundation and includes Alibaba, Arm, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom and Tencent.

Confidential computing focuses on securing data in use, rather than current approaches which often address it while in storage or transit.

«The earliest work on technologies that have the ability to transform an industry is often done in collaboration across the industry and with open source technologies,» said Jim Zemlin, executive director at The Linux Foundation.

«The Confidential Computing Consortium is a leading indicator of what’s to come for security in computing and will help define and build open technologies to support this trust infrastructure for data in use.»

A key part of the project will be to provide a fully encrypted lifecycle for sensitive data, which the Linux Foundation called the most challenging step. But confidential computing could potentially enable encrypted data to be processed in memory without exposing it to the rest of the system. This, the foundation said, could reduce visibility for sensitive data allow for greater control and transparency for users.

The Confidential Computing Consortium aims to bring together hardware vendors, cloud providers, developers, open-source experts and academics to influence technical and regulatory standards and build open-source tools that provide the right environment for education.

The big tech firms announced they are already planning to make open source project contributions, such as Intel with its Software Guard Extension and Microsoft with Open Enclave SDK.

The proposed structure for the Consortium includes a governing board, a technical advisory council and separate technical oversight for each technical project.

«The Open Enclave SDK is already a popular tool for developers working on Trusted Execution Environments, one of the most promising areas for protecting data in use,» said Mark Russinovich, CTO, Microsoft.

«We hope this contribution to the Consortium can put the tools in even more developers hands and accelerate the development and adoption of applications that will improve trust and security across cloud and edge computing.»