Confidential Computing
Confidential computing uses hardware-based trusted execution environments (TEEs) or secure enclaves to protect data while it's being processed, not just when it's at rest or in transit. These secure enclaves are isolated areas of memory that are encrypted and protected from the operating system, hypervisor, and even cloud providers, ensuring that data and code remain confidential and tamper-proof during computation. The technology enables processing of sensitive data in untrusted environments like public clouds or shared infrastructure while maintaining security and privacy.
The technology addresses critical security gaps where data is vulnerable during processing, even when encrypted at rest and in transit. Confidential computing ensures that sensitive data can be processed in cloud environments, shared infrastructure, or by third parties without exposing it to potential attackers or even the infrastructure providers. Applications include secure cloud computing for sensitive workloads, privacy-preserving AI training on sensitive data, secure multi-party computation, and processing regulated data in compliant ways. Companies like Intel (with SGX), AMD (with SEV), and cloud providers are implementing confidential computing.
At TRL 6, confidential computing is commercially available from major cloud providers and hardware vendors, though adoption and ecosystem development continue. The technology faces challenges including performance overhead from encryption and isolation, complexity of implementation, ensuring enclave security against side-channel attacks, and building trust in the technology. However, as security requirements increase and cloud adoption grows, confidential computing becomes increasingly important. The technology could enable secure processing of sensitive data in cloud environments, protect AI models and training data, enable new forms of secure collaboration, and help organizations meet regulatory requirements, potentially transforming how sensitive data is processed while maintaining security and privacy in distributed computing environments.
Related Organizations
A project community at the Linux Foundation dedicated to defining and accelerating the adoption of confidential computing.
Develops the RDNA architecture with Ray Accelerators, powering ray tracing on PC and current-gen consoles (PS5, Xbox Series X).
Develops silicon spin qubits using advanced 300mm wafer manufacturing processes.
Provides a data security platform that decouples security from infrastructure using confidential computing enclaves.
Software that enables applications to run in secure enclaves (AWS Nitro, Azure, etc.) without code modifications.
German cybersecurity company building open-source software for confidential computing (e.g., Constellation).
Provides data clean rooms powered by confidential computing to enable secure data collaboration and model training.
Germany · Company
Developers of the SCONE platform which enables containerized applications to run inside SGX enclaves.
United Kingdom · Startup
Privacy-enhancing technology company using secure enclaves to protect data processing.
Blockchain platform integrating secure enclaves to enable privacy-preserving smart contracts.
