The December 2022 issue of IEEE Spectrum is here!

Close bar

What Is Confidential Computing?

Big tech companies are adopting a new security model called confidential computing to protect data while it’s in use

3 min read
Illustration of a wax seal with a computer on it.
Illustration: Dan Page

A handful of major technology companies are going all in on a new security model they’re calling confidential computing in an effort to better protect data in all its forms.

The three pillars of data security involve protecting data at rest, in transit, and in use. Protecting data at rest means using methods such as encryption or tokenization so that even if data is copied from a server or database, a thief can’t access the information. Protecting data in transit means making sure unauthorized parties can’t see information as it moves between servers and applications. There are well-established ways to provide both kinds of protection.

Protecting data while in use, though, is especially tough because applications need to have data in the clear—not encrypted or otherwise protected—in order to compute. But that means malware can dump the contents of memory to steal information. It doesn’t really matter if the data was encrypted on a server’s hard drive if it’s stolen while exposed in memory.

Proponents of confidential computing hope to change that. “We’re trying to evangelize there are actually practical solutions” to protect data while it’s in use, said Dave Thaler, a software architect from Microsoft and chair of the Confidential Computing Consortium’s Technical Advisory Council.

The consortium, launched last August under the Linux Foundation, aims to define standards for confidential computing and support the development and adoption of open-source tools. Members include technology heavyweights such as Alibaba, AMD, Arm, Facebook, Fortanix, Google, Huawei, IBM (through its subsidiary Red Hat), Intel, Microsoft, Oracle, Swisscom, Tencent, and Vmware. Several already have confidential computing products and services for sale.

Confidential computing uses hardware-based techniques to isolate data, specific functions, or an entire application from the operating system, hypervisor or virtual machine manager, and other privileged processes. Data is stored in the trusted execution environment (TEE), where it’s impossible to view the data or operations performed on it from outside, even with a debugger. The TEE ensures that only authorized code can access the data. If the code is altered or tampered with, the TEE denies the operation.

Many organizations have declined to migrate some of their most sensitive applications to the cloud because of concerns about potential data exposure. Confidential computing makes it possible for different organizations to combine data sets for analysis without accessing each other’s data, said Seth Knox, vice president of marketing at Fortanix and the outreach chair for the Confidential Computing Consortium. For example, a retailer and credit card company could cross-check customer and transaction data for potential fraud without giving the other party access to the original data.

Confidential computing may have other benefits unrelated to security. An image-processing application, for example, could store files in the TEE instead of sending a video stream to the cloud, saving bandwidth and reducing latency. The application may even divide up such tasks on the processor level, with the main CPU handling most of the processing, but relying on a TEE on the network interface card for sensitive computations.

Such techniques can also protect algorithms. A machine-learning algorithm, or an analytics application such as a stock trading platform, can live inside the TEE. “You don’t want me to know what stocks you’re trading, and I don’t want you to know the algorithm,” said Martin Reynolds, a technology analyst at Gartner. “In this case, you wouldn’t get my code, and I wouldn’t get your data.”

Confidential computing requires extensive collaboration between hardware and software vendors so that applications and data can work with TEEs. Most confidential computing performed today runs on Intel servers (like the Xeon line) with Intel Software Guard Extension (SGX), which isolates specific application code and data to run in private regions of memory. However, recent security research has shown that Intel SGX can be vulnerable to side-channel and timing attacks.

Fortunately, TEEs aren’t available only in Intel hardware. OP-TEE is a TEE for nonsecure Linux Kernels running on Arm Cortex-A cores. Microsoft’s Virtual Secure Modeis a software-based TEE implemented by Hyper-V (the hypervisor for Windows systems) in Windows 10 and Windows Server 2016.

The Confidential Computing Consortium currently supports a handful of open-source projects, including the Intel SGX SDK for Linux, Microsoft’s Open Enclave SDK, and Red Hat’s Enarx. Projects don’t have to be accepted by the consortium to be considered confidential computing: For example, Google’s Asylo is similar to Enarx, and Microsoft Azure’s confidential computing services support both Intel SGX and Microsoft’s Virtual Secure Mode.

Hardware-based TEEs can supplement other security techniques, Thaler said, including homomorphic encryption and secure element chips such as the Trusted Platform Module. “You can combine these technologies because they are not necessarily competing,” he said. “Are you looking at the cloud or looking at the edge? You can pick which techniques to use.”

This article appears in the June 2020 print issue as “The Rise of Confidential Computing.”

The Conversation (0)

Why Functional Programming Should Be the Future of Software Development

It’s hard to learn, but your code will produce fewer nasty surprises

11 min read
A plate of spaghetti made from code
Shira Inbar

You’d expectthe longest and most costly phase in the lifecycle of a software product to be the initial development of the system, when all those great features are first imagined and then created. In fact, the hardest part comes later, during the maintenance phase. That’s when programmers pay the price for the shortcuts they took during development.

So why did they take shortcuts? Maybe they didn’t realize that they were cutting any corners. Only when their code was deployed and exercised by a lot of users did its hidden flaws come to light. And maybe the developers were rushed. Time-to-market pressures would almost guarantee that their software will contain more bugs than it would otherwise.

Keep Reading ↓Show less