As per the Confidential Computing Consortium: “Confidential computing is the protection of data in use using hardware-based Trusted Execution Environments (TEE). A Trusted Execution Environment is commonly defined as an environment that provides a level of assurance of data integrity, data confidentiality, and code integrity. A hardware-based TEE uses hardware-backed techniques to provide increased security guarantees for the execution of code and protection of data within that environment.”
As the “protected memory regions, or secure enclaves, established by a TEE provide encryption for data in use” they ultimately make the privacy of data very concealed to cloud providers and similar host operating systems. The level of security is increased for companies that oversee sensitive data--that is under regulation--by ensuring that “unauthorized entities [do not have] access [to data] or modification of data and applications while they are in use.”
These unauthorized entities typically include just about any person or anything that has physical access to the specific hardware, such as system administrators, or the host operating system or hypervisor, for example. Data confidentiality “ensures any unauthorized entity cannot access data while it is in use within the TEE. Data integrity prevents unauthorized entities outside the boundary of the TEE from changing data when it is being used. Code integrity refers to the fact that code in the TEE cannot be replaced or modified by unauthorized entities. Contrary to approaches that do not use a hardware-based TEE, these attributes assure organizations that information is kept confidential, and that the computations performed are correct, enabling organizations to fully trust the results of the computations.”
As more and more attacks against storage and network devices are hindered by “data at rest and in transit security measures, hackers are now turning their attention to and targeting data in use. And with more data moving to the cloud, traditional network and physical perimeter security cannot fully protect organizations from such attacks.” When it comes to identifying the particular attack patterns, attacks against cloud-based code and data tend to include insider threats, firmware compromise, and hypervisor, and container breakout.
The protection of data and applications during the execution period is especially significant when it comes to data that is stored and processed on “edge, mobile, and IoT devices, where processing can occur in remote and often difficult areas to secure. Providers and manufacturers of edge devices must be able to prove that access to personal data is protected, that data cannot be seen by third parties or device vendors during processing and sharing, and that those protections meet regulatory requirements due to the often very sensitive personal data being generated or processed.”
Within the context of the public cloud as a whole, companies are expected to regularly trust an abundance of elements that form general public cloud infrastructures, such as “the provider’s host operating system, hypervisor, hardware, the firmware for core and peripheral devices, and the cloud provider’s orchestration system itself.” Although these providers attempt to best secure each of the layers of these public cloud elements, confidential computing works to deliver security measures and ameliorate the overall security quality of the specific applications and data deployed there.
However, a “hardware-based TEE securing data and applications in use makes it significantly more difficult for an unauthorized entity – including one with physical access to the hardware, privileged access to the orchestration system, or root access to the host hypervisor or OS – to attack the protected data and application code. Confidential computing eliminates even the public cloud provider from the Trusted Computing Base (TCB) with the attestation of platform hardware, ensuring trust in the TEE. This allows those workloads to migrate to the public cloud which previously was restricted due to compliance requirements or security concerns.”
To give a specific example, a confidential computing application, known as private multi-party analytics, pertains to the possession by multiple parties of private information that must be combined and analyzed without exposing the underlying data or machine learning models between parties. This scenario can be then applied to the detection or development of cures for diseases, the prevention of financial services fraud, or other key insights within the realm of business and beyond. Another example might be to use a combination of data to “train a machine learning model to enable more accurate detection of cancers using radiology information. But in this use case, confidential computing ensures the private patient information remains confidential to the dataset owner.”
Companies are now able to make sure that sensitive data or private information that is contained on remote systems can be secured from potential cybersecurity attacks. Through the use of confidential computing, organizations can also validate the integrity of the code processing that data. By using the integration of “key management services, data can be decrypted in the TEE and kept secure when combined and analyzed, with the computed results being returned to each party in an encrypted format. Throughout the entire process the information remains secure, ensuring its privacy while it is transferred, during computation, and when stored.” Confidential computing, therefore, implements the foundation for a complete, end-to-end kind of protection of confidential data throughout the workload lifecycle. This use of confidential computing can “help drive data sharing and analytics on a global basis, allowing organizations to leverage datasets previously unable to be used for collaborative exchange and analysis with other organizations. Private multi-party analytics reduces concerns and risks around security issues, loss of privacy, and regulatory impacts.”
Those in charge of public cloud migration and applications handling sensitive data or private information, particularly in highly regulated industries, should go forward to evaluate confidential computing as potential, the future method for reducing the threat of a data breach.
Comments