The Linux Foundation, an organisation set up for collaboration on open source software, open standards, open data, and open hardware, has announced the establishment of the Confidential Computing Consortium.
The consortium will consist of a community dedicated to “defining and accelerating the adoption of confidential computing.”
Many high profile companies have already committed to this work including: Alibaba, Arm, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom and Tencent.
“The earliest work on technologies that have the ability to transform an industry is often done in collaboration across the industry and with open source technologies,” noted Jim Zemlin, executive director, The Linux Foundation.
“The Confidential Computing Consortium is a leading indicator of what’s to come for security in computing and will help define and build open technologies to support this trust infrastructure for data in use.”
Confidential computing will provide firms with the ability to process encrypted data in memory without exposing it to the rest of the system.
In turn, this is expected to reduce exposure for sensitive data and provide greater control and transparency for users/firms.
“To help users make the best choice for how to protect their workloads, they need to be met with a common language and understanding around confidential computing,” explained Royal Hansen, vice president, security, Google.
“As the open source community introduces new projects like Asylo and OpenEnclave SDK, and hardware vendors introduce new CPU features that change how we think about protecting programs, operating systems, and virtual machines, groups like the Confidential Computing Consortium will help companies and users understand its benefits and apply these new security capabilities to their needs.”
The Confidential Computing Consortium will connect hardware vendors, cloud providers, developers, open source experts and academics together with the aim to accelerate the confidential computing market; influence technical and regulatory standards; and build open source tools that provide the right environment for TEE development.
Within the consortium is a structure which includes a Governing Board, a Technical Advisory Council and separate technical oversight for each technical project.
It is intended to host a variety of technical open source projects and open specifications to support confidential computing.
Xiaoning Li, chief security architect, Alibaba Cloud said: “Confidential computing provides new capabilities for cloud customers to reduce trusted computing base in cloud environments and protect their data during runtime.
“Alibaba launched Alibaba Encrypted Computing technology powered by Intel SGX in Sep 2017 and has provided commercial cloud servers with SGX capability to our customers since April 2018.
“We are very excited to join CCC and work with the community to build a better confidential computing ecosystem.”
Open source projects that participants will be able to involve themselves with include:
- Intel Software Guard Extensions Software Development Kit – designed to help application developers protect select code and data from disclosure or modification at the hardware layer using protected enclaves.
- Microsoft Open Enclave SDK – an open source framework that allows developers to build Trusted Execution Environment (TEE) applications using a single enclaving abstraction. Developers can build applications that run across multiple TEE architectures.
- Red Hat Enarx – a project providing hardware independence for securing applications using TEEs.
Mark Russinovich, chief technical officer, Microsoft commented: “The Open Enclave SDK is already a popular tool for developers working on Trusted Execution Environments, one of the most promising areas for protecting data in use.”
“We hope this contribution to the Consortium can put the tools in even more developers’ hands and accelerate the development and adoption of applications that will improve trust and security across cloud and edge computing.”
