The benefits of operational efficiency and flexibility delivered by public cloud resources have encouraged todays organizations to migrate applications and data to external computing platforms located outside the perceived security of on-premises infrastructures. Many businesses are now adopting a cloud-first design approach that emphasizes elastic scalability and cost reduction above ownership and management, and, in some cases, security.
Analyzing global trends in public cloud services, Gartner has predicted that spending on these resources will increase from $182.4B in 2018 to $331.2B in 2022, with 30 percent of all new software investments being cloud native by the end of 2019.
Trusting Someone Else to Guard Your Secrets
The benefits of third-party infrastructure and applications, however, come with risks. Deploying sensitive applications and data on computing platforms that are outside of an organizations owned and managed infrastructure requires trust in the service providers hardware and software used to process, and ultimately protect, that data.
Trusting a cloud provider can be disastrous for an organization financially and reputation-wise if they are the subject of a successful cyber-attack. In its Ninth Annual Cost of Cybercrime Study, Accenture reported that in 2018 the average cost of cyber-attacks involving either a malicious insider or the execution of malicious code was $3M per year, according to participants.
Confidential Computing
One response to the problem of the trustworthiness of the cloud when it comes to data protection has been the emergence of the Trusted Execution Environment (TEE), which has led to the concept of confidential computing. Industry leaders joined together to form the Confidential Computing Consortium (CCC) in October.
The Confidential Computing Consortium looks to address the security issues around data in use, enabling encrypted data to be processed in memory without exposing it to the rest of the system. This is the first industry-wide initiative by industry leaders to address data in use, since todays encryption security approaches mostly focus on data at rest or data in transit. The work of the Confidential Computing Consortium is especially important as companies move more workloads to multiple environments, including on premises, public cloud, hybrid, and edge environments.
Secure Enclaves
One of the most important technologies for addressing the problem of protecting data in use can be found in the form of secure enclaves, such as the protected memory regions established by Intel Software Guard Extensions (SGX). Secure enclaves allow applications to execute securely and be enforced at the hardware level by the CPU itself. All data is encrypted in memory and decrypted only while being used inside the CPU: the data remains completely protected, even if the operating system, hypervisor or root user is compromised. With secure enclaves, data can be fully protected across its entire lifecycle at rest, in motion and in use for the first time.
Secure enclaves can offer further security benefits using a process called attestation to verify that the CPU is genuine, and that the deployed application is the correct one and hasnt been altered.
Operating in secure enclaves with attestation gives users complete confidence that code is running as intended and that data is completely protected during processing. This approach is gaining traction, for example it enables sensitive applications, including data analytics, Machine Learning, and Artificial Intelligence, to run safely in the cloud with regulatory compliance.
Runtime Encryption
Encryption is a proven approach for effective data security, particularly when protecting data at rest and data in motion. However, as discussed above, a key requirement for confidential computing, and the focus of the Confidential Computing Consortium, is protecting data in use. When an application starts to run, its data is vulnerable to a variety of attacks, including malicious insiders, root users, credential compromise, OS zero-day, and network intruders.
Runtime encryption provides deterministic security with hardware-aided memory encryption for applications to protect data in use. Through optimization of the Trusted Computing Base (TCB), it enables encrypted data to be processed in memory without exposing it to the rest of the system.
This reduces the risks to sensitive data and provides greater control and transparency for users. Runtime encryption provides complete cryptographic protection for applications by running them securely inside a TEE and defending them even from root users and physical access to the server.
Expanding the Circle of Trust
The number one concern cited by enterprises in their move to the cloud continues to be security. Confidential computing and protecting data in use gives sensitive applications a safe place that protects them from todays infrastructure attacks.
Confidential computing is critical for protecting cloud data, and it is fundamentally helping establish and expand the circle of trust in cloud computing. It creates isolated runtime environments that allow execution of sensitive applications in a protected state, keeping cloud apps and data completely secure when in use.
With secure enclaves and runtime encryption supporting confidential computing, customers know that, no matter what happens, their data remains cryptographically protected. No amount of zero-day attacks, infrastructure compromises, and even government subpoenas can compromise the data. Confidential computing expands the deterministic security needed for the most sensitive cloud applications, at the performance level demanded by modern Internet-scale applications.
A Secure Cloud Future
As Gartner has reported, businesses are migrating their sensitive data and applications to public cloud services, a practice that saves them from ownership and maintenance of infrastructure that will inevitably be obsolete in the future.
Leading technology providers have recognized that confidential computing provides a security model ready to address the problems of untrusted hardware and software that have hampered this transition to the cloud.
With a growing number of use cases, and interest and deployments surging, confidential computing environments will be relied on to protect data in growing areas such as industry 4.0, digital health, the Internet of Things (IoT), and federated machine learning systems.
As the Confidential Computing Consortium continues its work, individuals and businesses may at some point expect a confidential computing architecture as a prerequisite for the exchange and processing of our private data.
Originally posted here:
Extending the Circle of Trust with Confidential Computing - Infosecurity Magazine
- ISSCC 2024: Inside AMD's Zen 4cThe Area-Optimized Cloud Computing Core - News - All About Circuits - February 26th, 2024 [February 26th, 2024]
- Huawei Cloud: Infrastructure of Choice for AI with 10 Systematic Innovations Unveiled in MWC Barcelona 2024 - Morningstar - February 26th, 2024 [February 26th, 2024]
- Cybersecurity fears drive a return to on-premise infrastructure from cloud computing - Help Net Security - February 26th, 2024 [February 26th, 2024]
- Cybersecurity fears drive a return to on-premise infrastructure from cloud computing - HealthLeaders Media - February 26th, 2024 [February 26th, 2024]
- Huawei Cloud: Infrastructure of Choice for AI with 10 Systematic Innovations Unveiled in MWC Barcelona 2024 - PR Newswire - February 26th, 2024 [February 26th, 2024]
- South Korea Boosts Cloud Computing with $91.5 Million Investment to Propel AI and SaaS Innovation - BNN Breaking - February 26th, 2024 [February 26th, 2024]
- Science ministry to invest 121.9 bln won in cloud computing industry - Yonhap News Agency - February 26th, 2024 [February 26th, 2024]
- Why Microsoft is spending billions on AI and cloud computing in Europe - ITPro - February 26th, 2024 [February 26th, 2024]
- Universities Migrate Research Computing to the Cloud - EdTech Magazine: Focus on K-12 - February 26th, 2024 [February 26th, 2024]
- Top Cloud Computing Skills You Need to Know in 2024 - Simplilearn - February 26th, 2024 [February 26th, 2024]
- Best Cloud Tools of 2024: Unleash Maximum Productivity - Simplilearn - February 26th, 2024 [February 26th, 2024]
- Real-time Analytics News for the Week Ending February 24 - RTInsights - February 26th, 2024 [February 26th, 2024]
- Synadia Raises $25 Million Series B Funding to Meet Massive Demand for Multi-cloud and Edge Computing Driven by AI - PR Newswire - February 26th, 2024 [February 26th, 2024]
- CEO Outlook 2024: 20 Solution Providers On The Cloud Moment - CRN - February 26th, 2024 [February 26th, 2024]
- DigitalOcean beats expectations under the helm of new CEO Paddy Srinivasan - SiliconANGLE News - February 26th, 2024 [February 26th, 2024]
- Securing Kubernetes in a Cloud Native World - The New Stack - February 26th, 2024 [February 26th, 2024]
- How to Build a Chat Interface using Gradio & Vultr Cloud GPU SitePoint - SitePoint - February 26th, 2024 [February 26th, 2024]
- Microsoft to invest $2.1bn in cloud and AI infrastructure in Spain - DatacenterDynamics - February 26th, 2024 [February 26th, 2024]
- Stannah looks to enterprise cloud software to lift IT systems - ComputerWeekly.com - February 26th, 2024 [February 26th, 2024]
- AI vendor finds opportunity amid AI computing problem - TechTarget - February 26th, 2024 [February 26th, 2024]
- Nvidia Worth More Than Alphabet, Amazon - 24/7 Wall St. - February 26th, 2024 [February 26th, 2024]
- VIB spearheads banking innovation with deployment of Temenos Banking Platform on AWS cloud - VnExpress International - February 26th, 2024 [February 26th, 2024]
- Why These 7 Cloud Computing Stocks Should be on Your Radar in 2024 - InvestorPlace - December 25th, 2023 [December 25th, 2023]
- IBM to Buy Software AG's Cloud Computing and AI Assets for $2.3BN - Investopedia - December 25th, 2023 [December 25th, 2023]
- Pass the AWS Certified Cloud Practitioner Certification in One Week - Medium - December 25th, 2023 [December 25th, 2023]
- 3 Cloud Computing Stocks You'll Regret Not Buying Soon: December Edition - InvestorPlace - December 25th, 2023 [December 25th, 2023]
- Cloud Computing Market Predicted to Hit US$1,266.4 Billion by 2028 - TechiExpert.com - December 25th, 2023 [December 25th, 2023]
- AWS chief Adam Selipsky talks generative AI, Amazon's investment in Anthropic and cloud cost-cutting - Omaha World-Herald - December 25th, 2023 [December 25th, 2023]
- Mangata Networks and Microsoft Partner on AI-enabled Edge Cloud Connectivity - AiThority - December 25th, 2023 [December 25th, 2023]
- Democratization of Cloud vs AI: A Case Study - Medium - December 25th, 2023 [December 25th, 2023]
- 5 Drivers Behind the Growth of the GPU Cloud Computing Market - Visual Capitalist - December 25th, 2023 [December 25th, 2023]
- Report: AWS to reorganize sales teams amid slowing cloud revenue growth - SiliconANGLE News - December 25th, 2023 [December 25th, 2023]
- Don't underestimate vulnerabilities in the cloud. Adopt hybrid to stay protected - Best Enterprise Data Storage Software ... - Solutions Review - December 25th, 2023 [December 25th, 2023]
- Innovations, disruptions, transformations expected in 2024 Intelligent CIO Middle East - Intelligent CIO - December 25th, 2023 [December 25th, 2023]
- IBM makes $2B+ deal to add more AI, cloud computing solutions - WRAL TechWire - December 25th, 2023 [December 25th, 2023]
- How to Select the Right Industry Cloud for Your Business - How to Select the Right Industry Cloud for Your Business - InformationWeek - December 25th, 2023 [December 25th, 2023]
- Cloud Computing Market Set to Reach US$1,266.4 Billion by 2028 - Analytics Insight - December 25th, 2023 [December 25th, 2023]
- Cisco to Acquire Isovalent to Secure Cloud-Native Networking - Channel E2E - December 25th, 2023 [December 25th, 2023]
- Cloud-native applications: Unlocking the potential of scalability and agility - ETCIO - December 25th, 2023 [December 25th, 2023]
- Year-in-Review: 2023 Was a Turning Point for Microservices - The New Stack - December 25th, 2023 [December 25th, 2023]
- If AI is the future, radiology needs to look to the cloud - Health Imaging - December 25th, 2023 [December 25th, 2023]
- AI and Cloud: The Proving Ground for Regulatory Resilience in 2024 - Finextra - December 25th, 2023 [December 25th, 2023]
- Cognata Redefines Sensor Suite Selection Processes Through Digital Twin-based Sensor Simulation and Cloud ... - PR Newswire - December 25th, 2023 [December 25th, 2023]
- Microsoft and Amazon the focus of cloud computing probe - Proactive Investors USA - October 5th, 2023 [October 5th, 2023]
- Cloud cover benefits of being on the cloud - The Actuary - October 5th, 2023 [October 5th, 2023]
- AI, Cloud Computing among 36 FREE Online Courses Now ... - Philippine Information Agency - October 5th, 2023 [October 5th, 2023]
- Amazon Web Services isn't trying to win the A.I. race. It wants to own the road. - Slate - July 31st, 2023 [July 31st, 2023]
- The Machines Behind the FinOps Curtain: Operationalizing Your Strategy with AI - ITPro Today - July 31st, 2023 [July 31st, 2023]
- Strengthening security in a multi-SaaS cloud environment - TechCrunch - July 31st, 2023 [July 31st, 2023]
- Oracle Introduces First Cloud Native Secure Cloud Computing ... - PR Newswire - July 31st, 2023 [July 31st, 2023]
- The Power of Cloud Computing: How it's Transforming Database ... - Fagen wasanni - July 31st, 2023 [July 31st, 2023]
- From Headquarters to the Edge: The Future of Cloud in the Defense ... - MeriTalk - July 31st, 2023 [July 31st, 2023]
- 6 Cloud Computing Companies Navigating the Digital Storm in 2023 - GovCon Wire - July 31st, 2023 [July 31st, 2023]
- Government Cloud Computing Market Size, Status and Business ... - University City Review - July 31st, 2023 [July 31st, 2023]
- Cloud Computing in Education Market Forecast, 2023-2029: The ... - University City Review - July 31st, 2023 [July 31st, 2023]
- Global Cloud Computing IaaS In Life Science Market Size and ... - University City Review - July 31st, 2023 [July 31st, 2023]
- What is the Relationship Between IoT and Cloud Computing? - Analytics Insight - July 31st, 2023 [July 31st, 2023]
- How Data Center Interconnect Platforms are Shaping the Future of ... - Fagen wasanni - July 31st, 2023 [July 31st, 2023]
- Revolutionizing IoT: How 5G and Cloud Computing are ... - Fagen wasanni - July 31st, 2023 [July 31st, 2023]
- The Future of Cloud Computing: Database as a Service (DBaaS) in ... - Fagen wasanni - July 31st, 2023 [July 31st, 2023]
- Overcoming Data Privacy Challenges in the European Cloud ... - Fagen wasanni - July 31st, 2023 [July 31st, 2023]
- The Future of Telemedicine in India: How Cloud Computing is ... - Fagen wasanni - July 31st, 2023 [July 31st, 2023]
- Multi-Cloud and Hybrid Cloud: What is the Difference? - Analytics Insight - July 31st, 2023 [July 31st, 2023]
- A New Era of Data Management: The Growing Importance of Global ... - Fagen wasanni - July 31st, 2023 [July 31st, 2023]
- From niche to necessity: GFT's vision for cloud computing ... - Business Leader - July 31st, 2023 [July 31st, 2023]
- ERP, Cloud Computing And Digital Transformation - CIOReview - July 31st, 2023 [July 31st, 2023]
- UMD Smith Offers New January Start Date for MS in Information ... - Newswise - July 31st, 2023 [July 31st, 2023]
- The Impact of Global White-box Server Adoption on Cloud ... - Fagen wasanni - July 31st, 2023 [July 31st, 2023]
- Global Application Transformation: Unlocking the Potential of Cloud ... - Fagen wasanni - July 31st, 2023 [July 31st, 2023]
- BFSI Sector and Asia-Pacific Spearhead the Rapid Growth of Cloud ... - GlobeNewswire - July 31st, 2023 [July 31st, 2023]
- Amazon is investing another $7.8B in Ohio-based cloud computing operations, state leaders say - The Associated Press - June 28th, 2023 [June 28th, 2023]
- Google Cloud Platform: Everything you need to know about Google's suite of cloud computing services - Android Police - June 28th, 2023 [June 28th, 2023]
- Amazon is investing another $7.8B in Ohio-based cloud computing ... - Wilmington News Journal, OH - June 28th, 2023 [June 28th, 2023]
- 11 Key Executives in the Cloud Computing Industry in 2023 - Executive Gov - June 28th, 2023 [June 28th, 2023]
- 10 Multi-Cloud Myths Debunked: Exposing the Facts - TechFunnel - June 28th, 2023 [June 28th, 2023]
- How MTN and Microsoft will transform business operations with ... - TheCable - June 28th, 2023 [June 28th, 2023]
- The Power of Cloud Computing: Revolutionizing Business and IT ... - Tech Critter - June 28th, 2023 [June 28th, 2023]
- FTC Collecting Comments On Cloud Computing, CCIA Offers Input ... - Computer and Communications Industry Association - June 28th, 2023 [June 28th, 2023]
- How AI and Cloud Computing Are Revolutionizing the Insurance ... - Techopedia - June 28th, 2023 [June 28th, 2023]
- HPE Discover final analysis: Navigating the cloud computing ... - SiliconANGLE News - June 28th, 2023 [June 28th, 2023]