Founded by the Linux Foundation, the consortium now has some of the biggest players in tech on board, including Microsoft. Part of the focus of the group is to unite cloud vendors, hardware manufacturers, and developers into an entity that promotes common open source standards to protect data use. In a joint statement between the companies, the Linux Foundation said data in use security is often ignored: “Confidential computing focuses on securing data in use. Current approaches to securing data often address data at rest (storage) and in transit (network) but encrypting data in use is possibly the most challenging step to providing a fully encrypted lifecycle for sensitive data,” the Linux Foundation says. “Confidential computing will enable encrypted data to be processed in memory without exposing it to the rest of the system and reduce exposure for sensitive data and provide greater control and transparency for users.”
Open Source Contributions
The consortium is pre-empting a growth in confidential computing. More organizations will switch computing environments between public cloud, on-premises, and edge more frequently. Choosing one compute environment will become much less common. To kick off its efforts, the Confidential Computing Consortium has rolled out several open source project contributions. For example, Microsoft offers the Open Enclave SDK, which allows developed to create Trusted Execution Environment (TEE) apps. “Open Enclave SDK is an open source SDK targeted at creating a single unified enclaving abstraction for developer to build Trusted Execution Environment (TEEs) based applications. As TEE technology matures and as different implementations arise, the Open Enclave SDK is committed to supporting an API set that allows developers to build once and deploy on multiple technology platforms, different environments from cloud to hybrid to edge, and for both Linux and Windows.”