Established by the Linux Foundation, the aim behind this consortium is to improve security for data in use. The organization aims to bring together developers, vendors, and other experts to promote the use of confidential computing to protect data better.
Why they’re joining hands?
At present, it is a common practice to secure data when it is at rest (storage) or in transit (network). But there is still a risk involved that your data can be stolen when it’s used in real-time by the user.
Confidential computing will focus on encrypting data when it’s in use and provide a fully encrypted lifecycle for sensitive data.
The tech giants have joined the Confidential Computing Consortium to “define and accelerate” open source standards that can deliver truly private data access.
Also, the data will be encrypted at all times, except for whoever is meant to be looking at it.
The need for establishing the Confidential Computing Consortium also arises from the fact that with time, more enterprises will move data between different platforms like the cloud and servers by various companies.
The process has already begun
The participants have already started making a series of open source project contributions, such as the Intel Software Guard Extension (SGX) — an SDK for code protection at the hardware layer.
While Microsoft handed over its Open Enclave SDK for developers to build Trusted Execution Environment (TEE) applications, Red Hat came forth with Enarx for running TEE applications. It’s a tool that abstracts secure environments in a manner where developers can create and run private “serverless” apps.
However, it is going to take a lot of time and effort before we get to reap the benefits of Confidential Computing Consortium.
Nevertheless, it is good to see that all the tech giants have decided to join hands together to protect user data. The sad part is that it took a countless number of scandals and data breach incidents to raise awareness of the same.