Google Cloud, IBM, Intel and Microsoft are among large tech companies backing a new effort to help enterprises process encrypted server data in memory while shielding it from the rest of the system, giving them a better way to secure their data and run applications in trusted environments.
The Linux Foundation Wednesday unveiled the formation of the Confidential Computing Consortium with support from Alibaba, Arm, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom and Tencent, which plan to make open-source contributions to the group.
Lorie Wigle, an Intel executive who oversees platform security product management, said while there are established methods for protecting data that is at rest or in transit within servers, it remains a challenge to encrypt data that is in use.
"Whether running on your own servers on-prem, in an edge deployment or in the heart of a cloud service provider’s data center, this 'in-use' data is almost always unencrypted and potentially vulnerable," Wigle wrote in a blog post.
The solution to this problem is "confidential computing," which will allow systems to process data in memory without exposing it to other parts of the system.
But it will require industry support, new technical and regulatory standards, and new open-source tools, which is why the Confidential Computing Consortium is bringing together hardware vendors, cloud providers, open-source experts and academics to devise and support different methods.
"The earliest work on technologies that have the ability to transform an industry is often done in collaboration across the industry and with open-source technologies," Jim Zemlin, executive director at The Linux Foundation, said in a statement. "The Confidential Computing Consortium is a leading indicator of what’s to come for security in computing and will help define and build open technologies to support this trust infrastructure for data in use."
Wigle said a key part of confidential computing in early use cases has been Trusted Execution Environments (TEEs), also known as trusted enclaves, where data and operations are isolated and protected from any other software, including the operating system and cloud service stack.
"Combined with encrypted data storage and transmission methods, TEEs can create an end-to-end protection architecture for your most sensitive data," she said.
That's why Intel is contributing the software development kit for Intel Software Guard Extensions, or Intel SGX, a hardware-based method for executing applications in trusted enclaves, to the consortium, according to Wigle.
Intel SGX is already available in the chipmaker's Xeon E-2100 processors and cloud instances from Microsoft Azure, IBM Cloud Data Guard, Baidu, Alibaba Cloud and Equinix. The company plans to launch an Intel SGX add-in card for servers later this year and support Intel SGX in future mainstream Xeon chips.
"Unlike full memory encryption technologies that leave the data within the attack surface of the OS and cloud stack, Intel SGX allows a specific application to create its own protected enclave with a direct interface to the hardware, limiting access and minimizing the overall performance impact for both the application and any other virtual machines or tenants on the server," Wigle wrote.
Microsoft and Red Hat also disclosed plans to make open-source contributions to the consortium. The Microsoft Open Enclave is an open-source framework that enables developers to build applications that run across multiple Trusted Execution Environments while Red Hat Enarx supports the running of "private, fungible serverless" applications in such environments.
Research groups have previously reported vulnerabilities within Intel SGX, one of which allowed the execution of malicious code in an executed enclave. But Intel has previously said that one vulnerability, Foreshadow, has been mitigated by patches while the research behind the other involving malicious code "is based upon assumptions that are outside the threat model for Intel SGX."
"The value of Intel SGX is to execute code in a protected enclave; however, Intel SGX does not guarantee that the code executed in the enclave is from a trusted source," Intel previously said. "In all cases, we recommend utilizing programs, files, apps, and plug-ins from trusted sources."