Category

Announcement

Confidential Computing Membership Grows 60 Percent within Nine Months of Formation

By Announcement

New Members include Accenture, AMD, Anjuna, Anqlave, Cosmian, iExec, IoTeX, NVIDIA, and R3

SAN FRANCISCO, Calif., June 29th, 2020 – The Confidential Computing Consortium, a Linux Foundation project and community dedicated to defining and accelerating the adoption of confidential computing, today announced Accenture, AMD, Anjuna, Anqlave, Cosmian, iExec, IoTeX, NVIDIA, and R3 have joined as members of the Confidential Computing Consortium to contribute to the adoption of Confidential Computing. 

“In the past five months, we’ve added ten new members including a preeminent consultancy, a leading semiconductor manufacturer, and a pioneer in graphics processing,” said Stephen Walli, Governing Board Chair, Confidential Computing Consortium. “This is a brilliant group of innovative companies that has come together to solve one of the key challenges in information security; protecting applications and data while in use.” 

Today, data is often encrypted at rest in storage and in transit across the network, but not while in use in memory. Additionally, the ability to protect data and code is limited in conventional computing infrastructure. Organizations that handle sensitive data such as Personally Identifiable Information (PII), financial data, or health information need to mitigate threats that target the confidentiality and integrity of the applications and data in system memory.

Confidential Computing protects data in use by performing computation in a hardware-based Trusted Execution Environment. These secure and isolated environments prevent unauthorized access or modification of applications and data while in use, thereby increasing the security assurances for organizations that manage sensitive and regulated data. Confidential Computing protects applications and data from breaches, malicious actors and insider threats, while providing the portability to move sensitive workloads between on-premises data centers, public cloud and the edge.

While confidential computing can protect many types of applications and data, confidential computing technology provides a secure platform for multiple parties to combine, analyze and learn from sensitive data without exposing the data or machine learning algorithms to the other party. Often referred to as multi-party computing, federated learning or privacy-preserving analytics, confidential computing can unlock the power of sensitive data by enabling collaboration while preserving privacy and compliance.

Founding Members of the Confidential Computing Consortium Include:

Alibaba, Arm, Google Cloud, Baidu, ByteDance, decentriq, Fortanix, Huawei, Intel, Kindite, Microsoft, Oasis Labs, Oracle, Red Hat, Swisscom, Tencent and VMware.

Confidential Computing Whitepaper

Confidential Computing Consortium Open Source Projects

Confidential Computing Consortium Establishes Formation with Founding Members and Open Governance Structure

By Announcement

Industry’s biggest technology leaders advance computational trust and security for next-generation cloud and edge computing

SAN FRANCISCO, Calif., October 17, 2019 – The Confidential Computing Consortium, a Linux Foundation project and community dedicated to defining and accelerating the adoption of confidential computing, today announced the formalization of its organization with founding premier members Alibaba, Arm, Google Cloud, Huawei, Intel, Microsoft and Red Hat. General members include Baidu, ByteDance, decentriq, Fortanix, Kindite, Oasis Labs, Swisscom, Tencent and VMware.

The intent to form the Confidential Computing Consortium was announced at Open Source Summit in San Diego earlier this year. The organization aims to address data in use, enabling encrypted data to be processed in memory without exposing it to the rest of the system, reducing exposure to sensitive data and providing greater control and transparency for users. This is among the very first industry-wide initiatives to address data in use, as current security approaches largely focus on data at rest or data in transit. The focus of the Confidential Computing Consortium is especially important as companies move more of their workloads to span multiple environments, from on premises to public cloud and to the edge.

With the formalization of the group, the open governance structure is established and includes a Governing Board, a Technical Advisory Council and a separate oversight for each technical project. It is intended to host a variety of technical open source projects and open specifications to support confidential computing. The Consortium is funded by membership dues. For more information and to contribute to the project, please visit: https://confidentialcomputing.io

Contributions to the Confidential Computing Consortium already include:

  • Software Guard Extensions (Intel SGX) SDK, designed to help application developers protect select code and data from disclosure or modification at the hardware layer using protected enclaves in memory.
  • Open Enclave SDK, an open source framework that allows developers to build Trusted Execution Environment (TEE) applications using a single enclaving abstraction. Developers can build applications once that run across multiple TEE architectures.
  • Enarx, a project providing hardware independence for securing applications using TEEs.

The Consortium is a Bronze sponsor of Open Source Summit Europe and will be host three sessions, beginning with a session on how to approach security for data in use and a Birds of a Feather (BoF) session on Monday, October 28 and a panel about the state of the Consortium on Tuesday, October 29.

Member comments about the Consortium can be found in the accompanying quote sheet.

About the Confidential Computing Consortium

Established in 2019, the Confidential Computing Consortium brings together hardware vendors, cloud providers, developers, open source experts and academics to accelerate the confidential computing market; influence technical and regulatory standards; build open source tools that provide the right environment for TEE development’ and host industry outreach and education initiatives. Its aims to address computational trust and security for data in use, enabling encrypted data to be processed in memory without exposing it to the rest of the system, reducing exposure to sensitive data and providing greater control and transparency for users. For more information, please visit: https://confidentialcomputing.io

###

Media Contact
Jennifer Cloer
reTHINKit Media
503-867-2304
jennifer@rethinkitmedia.com

Confidential Computing Consortium Establishes Formation with Founding Members and Open Governance Structure – Member Comments

By Announcement

Confidential Computing Consortium Establishes Formation with Founding Members and Open Governance Structure

Premier Members

Alibaba
“Confidential computing provides new capabilities for cloud customers to reduce trusted computing base in cloud environments and protect their data during runtime. Alibaba launched Alibaba Encrypted Computing technology powered by Intel SGX in Sep 2017 and has provided commercial cloud servers with SGX capability to our customers since April 2018. We are very excited to join CCC and work with the community to build a better confidential computing ecosystem,” said Xiaoning Li, chief security architect, Alibaba Cloud.

Arm
“Arm’s vision for the next-generation infrastructure requires complete edge-to-cloud security for protecting and managing the data across a trillion connected devices,” said Richard Grisenthwaite, senior vice president, chief architect and fellow, Architecture and Technology Group, Arm. “Arm is already very involved in helping to develop the Confidential Compute Consortium’s charter, and we see our participation and the new Open Enclave SDK as a critical collaboration with the rest of the industry in making TEE’s easy to deploy.”

Google
“To help users make the best choice for how to protect their workloads, they need to be met with a common language and understanding around confidential computing. As the open source community introduces new projects like Asylo and OpenEnclave SDK, and hardware vendors introduce new CPU features that change how we think about protecting programs, operating systems, and virtual machines, groups like the Confidential Computing Consortium will help companies and users understand its benefits and apply these new security capabilities to their needs,” said Royal Hansen, vice president, Security, Google.

Huawei
Huawei’s vision of end-to-end, trustworthy connectivity for the world includes securing the endpoints in an open and transparent manner. We see the establishment of the Confidential Computing Consortium as an important conduit and platform for collaboration around the ease of security deployment and use on IoT, IoV, Mobile, Consumer and Cloud Hardware”, said Peixin Hou, Chief Expert on Open System and Software, Huawei. “We look forward to leveraging our robust experience with secure environments, already deployed in billions of devices, for the benefit of the Confidential Computing Consortium and making contribution to confidential computing technology development on various hardware architectures and software platforms.”

Intel
“Software developed through this consortium is critical to accelerating confidential computing practices built with open source technology and Intel SGX,” said Anand Pashupathy, GM, Security System Software at Intel. “Combining the Intel SGX SDK with Microsoft’s Open Enclave SDK will help simplify secure enclave development and drive deployment across operating environments.”

Microsoft
“The Open Enclave SDK is already a popular tool for developers working on Trusted Execution Environments, one of the most promising areas for protecting data in use,” said Mark Russinovich, chief technical officer, Microsoft Azure. “We hope this contribution to the Consortium can put the tools in even more developers’ hands and accelerate the development and adoption of applications that will improve trust and security across cloud and edge computing.”

Red Hat
“Security is consistently top of mind for our customers, and, really, for all of us, as security incidents and data breaches make the headlines. While hardware support for security continues to advance, creating secure computing environments can still be challenging,” said Chris Wright, senior vice president and Chief Technology Officer at Red Hat. “We are developing the Enarx project to help developers deploy applications into computing environments which support higher levels of security and confidentiality and intend to bring it to the Confidential Computing Consortium. We look forward to collaborating with the broader industry and the Confidential Computing Consortium to help make confidential computing the norm.”

General Members

Baidu
“The formation of Confidential Computing Consortium under Linux Foundation is an important step towards the future of technologies across cloud computing, blockchain and security. It will help to create the global technical standards of confidential computing and promote its business use at the enterprise level in different industries,” said Fei Song, head of product committee, AI Cloud, Baidu.

ByteDance
At ByteDance, we take data security and privacy very seriously. Confidential Computing provides additional data security capabilities to allow new form of secure end-to-end computation paradigm in an ever-increasing hybrid and multi-cloud environment. We are very excited to be part of this community to promote the broader adoption of this technology. We look forward to collaborating with members in the Consortium to unlock the potential of confidential computing to protect sensitive data in real-world applications.

Decentriq
“Today and in the future, the analysis of sensitive data from distributed sources will be paramount for increased organizational effectiveness. At decentriq, we believe the Confidential Computing Consortium helps to put down the foundations for a standardized and safe approach to establish trust between several parties. At decentriq we enable our customer to fully unlock the potential of multiparty analytics,” said Stefan Deml, Co-Founder, decentriq.

Fortanix
“We are pleased to join some of our most important long-standing partners in this consortium to advance the cause of data protection and data privacy,” said Ambuj Kumar, Founder and CEO of Fortanix. “After three years of implementing our Runtime Encryption technology in confidential computing applications including protecting sensitive cloud workloads, databases, and SaaS applications, we are looking forward to working with the consortium to contribute our expertise in the standardization of confidential computing and help move the industry forward.”

Kindite
“Kindite strongly supports the consortium formation and recognizes confidential computing as a cornerstone for a new cloud-era in which organizations will be able to store and process data externally while keeping it completely private. Our goal within the organization is to promote such capabilities while keeping application code, cloud functionality and scale intact. Confidential computing is a key component of Kindite’s vision. Our offering is based on a  unified data protection platform that is consistent throughout all environments, agnostic to every architecture component and covers all enterprise workloads within a hybrid, multi-cloud environment. We see the goal of de-coupling the data-layer from the cloud infrastructure as game-changing for cloud vendors and customers alike, setting the boundaries of the shared responsibility model once and for all. This accomplishment will finally allow enterprises to enhance their cloud presence while fully protecting sensitive information and will surely play an important role in public cloud growth for years to come.”

Oasis Labs
“Oasis Labs is building the platform for privacy-first applications. We are thrilled to be a founding member of the Confidential Computing Consortium and to build a community that pushes the boundaries of secure, private computation,” said Dawn Song, CEO and Founder of Oasis Labs.

Swisscom
“As the leading telecom and ICT provider in Switzerland, we adhere to the highest security standards. Something that is particularly important given the increasing relevance of security for our customers in the wake of new technologies such as 5G and critical IoT or cloud applications. It is a privilege that we, as a Swiss company, are able to join forces with internationally leading technology companies to launch the Confidential Computing Consortium and are thus helping to define standards, frameworks and tools for securing data in the cloud,” said Christoph Aeschlimann, CTO & CIO, Swisscom.

Tencent
“Confidential computing offers CPU-based hardware technology to protect cloud users’ data in use, which we believe will become a basic capability for cloud provider in future,” said Wei Li, vice president of Tencent Security, the head of Cloud Security.

VMware
A common, easy to use, comprehensive standard for confidential computing is a critical component of VMware’s end-to-end, on-by-default, secure-everywhere vision. It is a crucial ingredient for protecting user data at runtime, especially in settings where sensitive workloads may be required to run in a cloud or remote setting where more often than not physical control of the infrastructure is not a given. We are committed to driving forward a secure, safe, and confidential computing future.

New Cross-Industry Effort to Advance Computational Trust and Security for Next-Generation Cloud and Edge Computing

By Announcement

Alibaba, Arm, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom and Tencent will collaborate on open source technologies and standards that accelerate the adoption of confidential computing

SAN DIEGO, Calif., Open Source Summit, August 21, 2019 – The Linux Foundation today announced the intent to form the Confidential Computing Consortium, a community dedicated to defining and accelerating the adoption of confidential computing. Companies committed to this work include Alibaba, Arm, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom and Tencent.

Across industries computing is moving to span multiple environments, from on premises to  public cloud to edge. As companies move these workloads to different environments, they need protection controls for sensitive IP and workload data and are increasingly seeking greater assurances and more transparency of these controls. Current approaches in cloud computing address data at rest and in transit but encrypting data in use is considered the third and possibly most challenging step to providing a fully encrypted lifecycle for sensitive data. Confidential computing will enable encrypted data to be processed in memory without exposing it to the rest of the system and reduce exposure for sensitive data and provide greater control and transparency for users.

“The earliest work on technologies that have the ability to transform an industry is often done in collaboration across the industry and with open source technologies,” said Jim Zemlin, executive director at The Linux Foundation. “The Confidential Computing Consortium is a leading indicator of what’s to come for security in computing and will help define and build open technologies to support this trust infrastructure for data in use.”

The Confidential Computing Consortium will bring together hardware vendors, cloud providers, developers, open source experts and academics to accelerate the confidential computing market; influence technical and regulatory standards; and build open source tools that provide the right environment for TEE development. The organization will also anchor industry outreach and education initiatives.

Participants plan to make several open source project contributions to the Confidential Computing Consortium, including:

  • Intel® Software Guard Extensions (Intel® SGX) Software Development Kit, designed to help application developers protect select code and data from disclosure or modification at the hardware layer using protected enclaves.
  • Microsoft Open Enclave SDK, an open source framework that allows developers to build Trusted Execution Environment (TEE) applications using a single enclaving abstraction. Developers can build applications once that run across multiple TEE architectures.
  • Red Hat Enarx, a project providing hardware independence for securing applications using TEEs.

The proposed structure for the Consortium includes a Governing Board, a Technical Advisory Council and separate technical oversight for each technical project. It is intended to host a variety of technical open source projects and open specifications to support confidential computing. Confidential Computing Consortium will be funded through membership dues. For more information and to contribute to the project, please visit: https://confidentialcomputing.io

Supporting Quotes

Alibaba
“Confidential computing provides new capabilities for cloud customers to reduce trusted computing base in cloud environments and protect their data during runtime. Alibaba launched Alibaba Encrypted Computing technology powered by Intel SGX in Sep 2017 and has provided commercial cloud servers with SGX capability to our customers since April 2018. We are very excited to join CCC and work with the community to build a better confidential computing ecosystem,” said Xiaoning Li, chief security architect, Alibaba Cloud.

Arm
“Arm’s vision for the next-generation infrastructure requires complete edge-to-cloud security for protecting and managing the data across a trillion connected devices,” said Richard Grisenthwaite, senior vice president, chief architect and fellow, Architecture and Technology Group, Arm. “Arm is already very involved in helping to develop the Confidential Compute Consortium’s charter, and we see our participation and the new Open Enclave SDK as a critical collaboration with the rest of the industry in making TEE’s easy to deploy.”

Baidu
“The formation of Confidential Computing Consortium under Linux Foundation is an important step towards the future of technologies across cloud computing, blockchain and security. It will help to create the global technical standards of confidential computing and promote its business use at the enterprise level in different industries,” said Fei Song, head of product committee, AI Cloud, Baidu.

Google
“To help users make the best choice for how to protect their workloads, they need to be met with a common language and understanding around confidential computing. As the open source community introduces new projects like Asylo and OpenEnclave SDK, and hardware vendors introduce new CPU features that change how we think about protecting programs, operating systems, and virtual machines, groups like the Confidential Computing Consortium will help companies and users understand its benefits and apply these new security capabilities to their needs,” said Royal Hansen, vice president, Security, Google.

IBM
“IBM was one of the earliest companies to champion open source, and now aligned with Red Hat we are excited for the future. One of the emerging areas of interest to our IBM Cloud and Systems clients is Trusted Execution Environments (TEEs). Combined with new open software projects like Enarx and OpenEnclave SDK, they hold the promise of making future workloads as secure as possible in the next chapter of cloud. IBM has a history of leadership in secure computing, and we are proud to join the Confidential Computing Consortium to help it fulfill its promise of spanning multiple hardware architectures and cloud platforms, to protect tomorrow’s applications and data,” said Todd Moore, vice president, Open Technology and Developer Advocacy, IBM.

Intel
“Software developed through this consortium is critical to accelerating confidential computing practices built with open source technology and Intel SGX,” said Imad Sousou, corporate vice president and general manager, System Software Products at Intel. “Combining the Intel SGX SDK with Microsoft’s Open Enclave SDK will help simplify secure enclave development and drive deployment across operating environments.”

Microsoft
“The Open Enclave SDK is already a popular tool for developers working on Trusted Execution Environments, one of the most promising areas for protecting data in use,” said Mark Russinovich, chief technical officer, Microsoft. “We hope this contribution to the Consortium can put the tools in even more developers’ hands and accelerate the development and adoption of applications that will improve trust and security across cloud and edge computing.”

Red Hat
“Security is consistently top of mind for our customers, and, really, for all of us, as security incidents and data breaches make the headlines. While hardware support for security continues to advance, creating secure computing environments can still be challenging,” said Chris Wright, senior vice president and Chief Technology Officer at Red Hat. “We are developing the Enarx project to help developers deploy applications into computing environments which support higher levels of security and confidentiality and intend to bring it to the Confidential Computing Consortium. We look forward to collaborating with the broader industry and the Confidential Computing Consortium to help make confidential computing the norm.”

Swisscom
“As the leading telecom and ICT provider in Switzerland, we adhere to the highest security standards. Something that is particularly important given the increasing relevance of security for our customers in the wake of new technologies such as 5G and critical IoT or cloud applications. It is a privilege that we, as a Swiss company, are able to join forces with internationally leading technology companies to launch the Confidential Computing Consortium and are thus helping to define standards, frameworks and tools for securing data in the cloud,” said Christoph Aeschlimann, CTO & CIO, Swisscom.

Tencent
“Confidential computing offers CPU-based hardware technology to protect cloud users’ data in use, which we believe will become a basic capability for cloud provider in future,” said Wei Li, vice president of Tencent Security, the head of Cloud Security.

About the Linux Foundation
Founded in 2000, the Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation projects like Linux, Kubernetes, Node.js and more are considered critical to the development of the world’s most important infrastructure. Its development methodology leverages established best practices and addresses the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

###

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

Media Contact
Jennifer Cloer
reTHINKit Media
503-867-2304
jennifer@rethinkitmedia.com