Confidential IT Will Strengthen Cloud Security


When Daimler, the maker of luxury vehicle brands like Mercedes-Benz and Maybach, had to move critical after-sales customer data – such as age, address and driver’s license number – to the public cloud , he used confidential computing to protect this data. .
Confidential IT is emerging as an answer to security and privacy concerns in the cloud, as data breaches become commonplace and businesses increasingly process regulated and critical data.
Nataraj Nagaratnam, Fellow and CTO at IBM Cloud Security, illustrates confidential computing using the example of a hotel where there are multiple guests in different rooms. If a client wants to store something safely, she will use the personal locker in her room. Once a guest puts in the locker key, the equipment inside is safe and even hotel staff cannot access it.
Confidential computer technology, Nagaratnam says, allows the construction of such vaults or enclaves where customers have full control over their data. This hardware-based Secure Execution Environment (TEE), as it is called, not only protects data while it is at rest and in transit, but also while it is being processed. Encryption services could protect the first two. Confidential computing protects even at the processing stage by allowing the data being processed, and the techniques used to process them, to be accessible only to authorized programming code. It is invisible to everyone else, including the cloud provider. The data is secured in memory just before being decrypted for processing.
Akhilesh Tuteja, global head of cybersecurity consulting at KPMG, says confidential computing is at an early stage and is a breakthrough technology to enable security and privacy by design. “All industries will benefit, especially the healthcare and financial services industries, when dealing with sensitive personal data. Industries that rely on distributed machine generated / read data – such as Industry 4.0, connected cars, etc.
Nagaratnam noted that IBM, which began researching confidential computing more than a decade ago, has started providing the technology to players in all industries, including financial service providers and automotive players.
A consortium, led by Google, Microsoft, IBM / Red Hat, Intel, Alibaba, ARM, Accenture, Facebook and Huawei, is helping define open standards for confidential computing and accelerate its adoption. Technology will likely further accelerate cloud adoption.


Leave A Reply