What is confidential computing, and why are cloud companies so interested in it?
Cloud technology companies are betting that businesses worried about being hacked will adopt a new computing technique to safeguard their most valuable information.
Google debuted last week a new service for its cloud computing arm that’s built around a concept known as confidential computing. Google vice president of cloud security Sunil Potti told reporters during an online media briefing that confidential computing is a “breakthrough technology that encrypts data while in use.”
This idea of confidential computing is gaining momentum in the tech industry as a possible new solution to security woes. Last fall, for example, several tech companies like Google, Microsoft, Alibaba, and VMware joined the Confidential Computing Consortium (CCC), a new organization that’s part of the influential business software nonprofit Linux Foundation.
Although many companies use encryption technologies to conceal their data if and when they suffer a data breach, there are still several ways hackers can access the information, explained Seth Knox, an outreach chair for the CCC.
For instance, when someone opens an app, the data that a company originally encrypted becomes unscrambled, with a record of that data stored on a computer or smartphone’s memory, Knox, also a marketing executive at CCC-member company Fortanix, explained. A hacker could, theoretically, use malware to covertly access the decrypted data when a user opens an app, he said.
By encrypting the entire computing process, companies can feel safer that their sensitive information is better protected than concealing only the data.
Despite the tech industry’s enthusiasm about confidential computing, it’s still “an emerging technology that is in its early days in terms of adoption,” Knox cautioned. It’s too early to say how effective confidential computing will be at keeping hackers at bay, as they often take some time to find holes to exploit new technologies. In any case, they’re plenty successful with using relatively simple techniques like sending phishing emails to workers as a way to penetrate corporate computer systems.
Still, Stephen Walli, a Microsoft principal program manager and governing board chair of the CCC, said that confidential computing could help make companies comfortable with doing more complicated data training for their machine-learning models. For instance, two organizations, each possessing their own data sets, could use confidential computing to train a machine-learning model without worrying that the other firm could see their data, Walli said.
Health care companies, which are generally reluctant to share data with each other, could team up on machine-learning projects aimed at discovering new medical treatments, for example.
Cloud computing companies like Google and Microsoft believe confidential computing could be a way to entice businesses to adopt more cloud services, Knox said. By encrypting all of a corporate app’s computing processes—often referred to as workloads—cloud computing vendors can better assure their customers that their apps are secure.
Besides the cloud computing vendors, computer-chip makers are also playing a big role in confidential computing, Knox said. In order for the technique to properly work, chip vendors like AMD and Intel would need to build certain security features into their semiconductors.
Google’s new confidential computing service works on certain AMD processors, but it eventually will work with other computer chips, Potti said during the media briefing.