eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
On Tuesday, Sept. 8, at 11 a.m. PST/2 p.m. EST/7 p.m. GMT, @eWEEKNews will host its 90th monthly #eWEEKChat. The topic will be, “Confidential Computing and Next-Gen Security.” It will be moderated by Chris Preimesberger, eWEEK’s editor of features and analysis.
Some quick facts:
Topic: #eWEEKchat Sept. 8: “Confidential Computing and Next-Gen Security”
Date/time: Tuesday, Sept. 8, 11 a.m. PST/2 p.m. EST/7 p.m. GMT
Tweetchat handle: You can use #eWEEKChat to follow/participate via Twitter itself, but it’s easier and more efficient to use the real-time chat room link at CrowdChat. Instructions are on that page; log in at the top right, use your Twitter handle to register, and the chat begins promptly at 11am PT. The page will come alive at that time with the live discussion. You can join in or simply watch the discussion as it is created. Special thanks to John Furrier of SiliconAngle.com for developing the CrowdChat app.
Our in-chat experts will include: Rodrigue Hajjar of TunnelBear; Bruce Kornfeld, Chief Marketing and Product Officer at StorMagic; Pete Jarvis, Polyverse. Attendees can offer their own perspectives at any time.
Chat room real-time link: Use https://www.crowdchat.net/eweekchat. Sign in and use #eweekchat for the identifier.
What, in fact, is confidential computing?
In short, the phrase “confidential computing” describes services and solutions that fully protect information across the entire scope of its use in business, from the build process to management functions to data-driven services and functions. In August 2019, vendors that included Alibaba, Anjuna, Arm, Baidu, IBM, Intel, Google Cloud, Microsoft and Red Hat announced the formation of the Confidential Computing Consortium. With the help of the Linux Foundation, members plan to substantially improve security for data in use.
How does one secure “data in use”? Think of it as a logical next step beyond conventional solutions, like encrypting data when it is at rest (in storage environments) and in transit (being moved across networks). In essence, the Confidential Computing Consortium aims to improve methodologies for keeping data continuously encrypted, including when it is being processed in memory for business applications and processes. Doing so keeps sensitive or valuable data from being exposed to the rest of the system (and possible intruders) while offering users greater security, transparency and control.
Several consortium founders made initial contributions to the project, including IBM’s Red Hat sharing Enarx for running Trusted Execution Environment (TEE) applications, Intel providing its Software Guard Extensions (SGX), an SDK for protecting code at the hardware layer and Microsoft offering its Open Enclave SDK for building TEE applications.
Since its launch, consortium members have continued their work on confidential computing technologies, and the group has attracted new members, including Accenture, AMD, Facebook and Nvidia.
Anjuna, for one example, has focused its security expertise on something called secure enclaves—designated sections within a processor that provide CPU hardware-level isolation and memory encryption on every server while the data is being used. They do this by isolating application code and data from anyone with privileges and encrypting its memory. With additional software, secure enclaves enable the encryption of both storage and network data for full-stack security. Secure enclave hardware support is built into all new CPUs from Intel and AMD.
Other individual consortium members are also developing their own offerings. For example, at the recent Cloud Next conference Google announced a new cloud security program, Confidential VMs (virtual machines) that support processing of encrypted data. Google’s Confidential VMs use the AMD EPYC secure encrypted virtualization (SEV) technology.
Why is confidential computing a ‘thing’?
Groups such as the Confidential Computing Consortium can help ensure that innovative new technologies are effectively developed and successfully adopted, delivering a broad range of benefits to companies, industries and markets. But it does not follow that the vendors involved in these groups will progress at the same pace. Oftentimes, some are up and running while others are still learning to walk.
This is what we want to talk about on Sept. 8: How this new and powerful consortium can help lead the way in protecting the transportation of data from its point of origination to wherever it needs to go–despite all the connections it needs to traverse and all the attack points it encounters.
To provide organizations with the best level of protection, security experts must be forever attuned to the ever-changing landscape and the latest threats and attack methods. In addition, they have to be up-to-date on all the efforts of the good guys in their ongoing battle against the bad actors who want to cause mayhem and pile up profits from fraudulent activities.
Seed questions we will ask
This is the topic we will discuss Tuesday. In this month’s #eWEEKchat, we’ll be asking the following, among other questions:
- What is your take on how confidential computing might fare this year and into the future? Will this become a major trend?
- What are the key facets of confidential computing that separate it from conventional security?
- Will we still be able to defend all the new attack surfaces using this method in IoT, edge computing and mobile computing?
- Will we ever be able to get a handle on keeping data completely secure? Will we ever be able to completely screen out the bad human elements?
- Can confidential computing play a role in securing this year’s U.S. national election?
Join us Tuesday, Sept. 8 at 11am Pacific / 2pm Eastern for this, the 90th monthly #eWEEKchat. Go here for CrowdChat information.
#eWEEKchat Schedule for 2020
xJan. 8: Trends in New-Gen Data Security
xFeb. 12: Batch Goes Out the Window: The Dawn of Data Orchestration
xMarch 11: New Trends and Products in New-Gen Health-Care IT
xApril 8: Trends in Collaboration Tools
xMay 12: Trends in New-Gen Mobile Apps, Devices
xJune 9: Data Storage, Protection in a Hypersensitive Era
xJuly 14: Next-Gen Networking
xAug. 11: Next-Gen Cloud Services
Sept. 8: Confidential Computing and Next-Gen Security
Oct. 13: How Legacy Companies Are Still Innovating
Nov. 10: Hot New Tech for 2021
Dec. 8: Predictions and Wild Guesses for IT in 2021
(Topics may be changed with minimal notice)
Charles King of PUND-IT, a regular columnist for eWEEK, contributed to this article.