Hence the need for confidential computing, or the practice of securing data wherever it resides, from storage to network to processing.
According to an Everest Group report, the global market for confidential computing is expected to grow from 40% to 95% annually, thanks to security and cloud deployments. And leading the charge to develop the technology to power it all is Intel.
Confidential Computing - how it works
Today, confidential computing protects data in a hardware-based enclave known as a Trusted Execution Environment (TEE). A TEE can verify (or attest) its validity as a trustable code using attestation.
Ideally, within the TEE, an application's code and data can exist free from threat because it prevents malicious agents in the hardware platform from modifying in-memory data and applications. It acts like a police escort for your apps and data, ensuring they stay safe and guaranteeing they come from a trusted source.
Evaluating the TEE
According to Intel experts in a recent publication, for confidential computing to thrive, three primary advances are necessary:
In the past, we've relied on cloud providers to provide attestation. However, that still leaves data at risk. So, companies need to move to an independent model where a secure third party provides attestation over a client or cloud provider.
Uniform, portable attestation
CSPs and ISVs typically provide attestation services that can run only in their data centers. However, portable attestation can run in multi-cloud and hybrid cloud installations and move with the application and its data wherever they reside.
As we all know, compliance regulations on applications and data handling continue to evolve and grow. As a result, in addition to attestation, software workloads must be verified for audit and compliance purposes.
Intel's Project Amber
The pursuit of independent attestation brings with it real-world benefits to solution providers such as:
When a workload's data can be independently verified, it can be moved to and from multiple environments, such as on-prem and various cloud environment nets. That's because it's no longer tied to a single vendor's attestation service. This benefit can be especially helpful in avoiding processing in heavily regulated markets.
Multi-party workload sharing
In use cases like banking, multiple parties must process and handle the same data while maintaining privacy. Independent attestation can provide these industries with data security while allowing them to keep data separate when required (i.e., for different business lines).
Removing the burden on CSPs
With independent attestation, communication service providers no longer need to maintain expensive and complex attestation systems. Instead, they can focus on their core value while third parties handle attestation across networks and platforms.
Team up with Intel
The job of making Project Amber a success needs to be a combined effort. Despite its considerable resources, Intel needs the help of infrastructure providers, ISVs, and systems integrators interested in delivering on-prem or cloud-based, confidential computing solutions. To learn more, be sure to contact them at ProjectAmber@intel.com.
Get the best out of your journey to Confidential Computing with UNICOM Engineering As an Intel Technology Provider and Dell Technologies Titanium OEM partner, UNICOM Engineering is ready to secure applications and data from the latest threats. Our deep technical expertise can drive your transitions to next-gen platforms and provide the flexibility and agility required to bring your solutions to market. And our global footprint allows your solutions to be built and supported worldwide by a single company. You can understand why leading technology providers trust UNICOM Engineering as their application deployment partner. Schedule a consultation today to learn how UNICOM Engineering can assist your business.