The Linux Foundation Projects
Skip to main content
Category

Announcement

Jan 30

The SIMI Group Joins the Confidential Computing Consortium to Advance Data Security and Public Health Innovation

By Announcement, Blog No Comments

The SIMI Group, Inc. (SIMI), a pioneer in health information exchange and analytics services since 1996, continues to push boundaries in public health and healthcare informatics. By addressing critical data gaps across public health agencies, healthcare systems, community organizations, payers, pharmaceutical companies, and researchers, SIMI delivers near real-time situation awareness while prioritizing privacy. Their expertise transforms complex data into actionable insights that drive community health and wellness.

The Confidential Computing Consortium (CCC) is excited to welcome The SIMI Group, Inc. (SIMI) as a startup member. By joining the CCC, SIMI reinforces its commitment to advancing data security and driving the global adoption of trusted execution environments (TEEs). This strategic collaboration with industry leaders like Microsoft and AMD positions SIMI to meet the rigorous privacy, security, and compliance standards of healthcare and public health, while building trust among the public and community partners.

“SIMI is excited to join the CCC and collaborate with Microsoft and AMD,” said Nilesh Dadi, Director of Trusted & Predictive Analytics at SIMI. “This partnership empowers us to support healthcare systems and public health by leveraging trusted execution environments. With this technology, we enable near real-time situation awareness of vaccinations, outbreaks, and medical emergencies in a transparent and privacy-protecting manner.”

SIMI’s leadership in public health innovation stems from firsthand experience with real-world challenges. “SIMI was boots-on-the-ground from the earliest days of the COVID-19 pandemic in the United States,” said Dan Desmond, President & Chief Innovation Officer at SIMI. “The world can no longer rely on faxes, massive group phone calls, and spreadsheets to manage medical and public health emergencies. We’re working with CCC collaborators to build on our progress with the Confidential Consortium Framework, moving toward an accountable and attestable zero-trust future.”

As a CCC member, SIMI is poised to drive the adoption of secure, privacy-first technologies, shaping the future of public health and healthcare informatics through collaboration and innovation.

Confidential Computing Consortium Resources:

Jan 27

MITRE Joins the Confidential Computing Consortium to Advance Cloud Security

By Announcement, Blog No Comments

We are thrilled to announce that MITRE has joined the Confidential Computing Consortium (CCC), further solidifying its commitment to advancing cybersecurity innovation. As a leader in providing technical expertise to the U.S. MITRE’s participation will play a pivotal role in shaping the future of secure cloud computing.

A New Era of Cloud Security

With the growing migration of IT resources to the cloud, securing sensitive data has become more critical than ever. Confidential Computing represents a groundbreaking advancement in cybersecurity by enabling encryption for “data in use” and supporting hardware-bound “enclave attestation.” These capabilities reduce the cyber threat surface, offering unparalleled protection for sensitive data processed in cloud environments.

MITRE’s cybersecurity engineers regularly address the most complex and critical challenges in information systems security as they partner with the Government. By leveraging Confidential Computing, MITRE seeks to enhance cloud security while addressing uncertainties and mitigating potential new risks introduced by emerging technologies.

Through its membership in the CCC, MITRE aims to stay at the forefront of:

  • Understanding Emerging Use Cases: Identifying practical applications of Confidential Computing across industries and government sectors.
  • Evaluating Implementation Methods: Exploring best practices for adopting Confidential Computing standards and technologies.
  • Assessing Value Propositions: Demonstrating the tangible benefits of Confidential Computing for cloud security and operational efficiency.
  • Analyzing Vulnerabilities: Investigating potential risks and threats associated with emerging products, standards, and cloud services.

Driving Collaboration and Innovation

MITRE’s expertise in cybersecurity will contribute significantly to the CCC’s mission of broadening the adoption of Confidential Computing. By collaborating with industry leaders, MITRE will help establish robust standards, develop practical solutions, and ensure secure implementation methods that meet the needs of both Government and private sectors.

As Confidential Computing continues to evolve, MITRE’s involvement will enable greater innovation and confidence in cloud security, benefiting the Government and the broader technology community. Together, we can address the challenges of tomorrow and build a more secure digital landscape.

Confidential Computing Consortium Resources:

Jan 14

Applied Blockchain Joins the Confidential Computing Consortium as a General Member

By Announcement, Blog No Comments

We are excited to announce that Applied Blockchain has rejoined the Confidential Computing Consortium (CCC) as a General Member, reinforcing its longstanding commitment to advancing innovation in Confidential Computing and Trusted Execution Environment (TEE) technology. This move aligns with CCC’s mission to enhance trust and privacy in business applications and marks a continued dedication to tackling some of the most pressing challenges in digital privacy.

As one of the few organizations that are members of the Confidential Computing Consortium and the LF Decentralised Trust, Applied Blockchain stands out for its cross-domain expertise in privacy-preserving technology. This dual membership uniquely positions the company to foster collaboration and drive progress across both ecosystems, promoting secure, transparent, and trustworthy solutions for the future of technology.

Applied Blockchain’s renewed involvement comes directly from its groundbreaking work on the Silent Data platform. By integrating TEE technology with blockchain, Silent Data provides a robust solution for privacy-conscious companies.

“We are thrilled to rejoin the Confidential Computing Consortium as a General Member, reinforcing our commitment to advancing Trusted Execution Environment (TEE) technologies. Our continued work on Silent Data demonstrates how we can tackle privacy challenges, and we look forward to collaborating with CCC members to drive innovation, enhance trust, and protect sensitive data.”
— Adi Ben-Ari, Founder & CEO at Applied Blockchain

Applied Blockchain focuses on safeguarding consumer and business data in critical sectors such as banking, energy trading, and supply chains. With its renewed membership, the company is positioned to make significant strides in evolving privacy-enhancing technologies, helping organizations across industries protect sensitive data while driving trust and security in their operations.

We look forward to Applied Blockchain’s continued impact as they collaborate with CCC members and help shape the future of Confidential Computing.

Dec 02

Honeypotz Inc. Joins the Confidential Computing Consortium as a Startup Tier Member

By Announcement, Blog No Comments

Honeypotz Inc., a leader in the field of Confidential Computing, has joined the Confidential Computing Consortium (CCC) as a start up member. This partnership underscores Honeypotz’s commitment to enhancing data security and contributing to the broader adoption of trusted execution environments (TEEs) worldwide.

As part of the CCC, Honeypotz will collaborate with industry leaders like RedHat to elevate security standards and foster innovation in data privacy and protection. This partnership underscores a shared commitment to delivering cutting-edge solutions that ensure data remains secure and private, even in the most sensitive computing environments.

Honeypotz specializes in secure computing technologies that protect data in use, empowering organizations to confidently deploy and manage mission-critical applications. By working alongside RedHat and other CCC members, Honeypotz aims to push the boundaries of Confidential Computing, making secure and reliable solutions more accessible to businesses around the globe.

“We are excited to join the CCC and collaborate with RedHat,” said Vladimir Lialine, Founder of Honeypotz Inc. “This partnership will enable us to accelerate the adoption of trusted execution environments and continue delivering innovative solutions that address the evolving security needs of our customers.”

The CCC unites industry leaders, innovators, and experts to create a collaborative ecosystem for advancing the adoption of Confidential Computing technologies. By joining this consortium, Honeypotz reaffirms its position as a leader in data security and a driving force behind the future of Confidential Computing.

Learn more about Honeypotz’s mission and its role in the CCC by visiting Confidential Computing Consortium.

Confidential Computing Consortium Resources

Oct 28

Confidential Computing Consortium Welcomes ManaTEE as a New Open-Source Project

By Announcement No Comments

The Confidential Computing Consortium is delighted to announce ManaTEE, a new open-source project designed to enable secure data collaboration without compromising the privacy of individual data. Published by TikTok in June 2024 as part of their ongoing Privacy Innovation efforts, ManaTEE started as a core use case of TikTok. Now part of the Confidential Computing Consortium, ManaTEE addresses the growing challenges of balancing privacy, usability, and accuracy in enterprise data collaboration.

The Challenge of Data Collaboration

While data collaboration is essential, designing and building a secure framework involves significant effort and numerous caveats. Existing solutions, such as differential privacy or commercial data clean rooms, often fail to provide a balance between privacy, accuracy, and usability, particularly when handling large-scale data.

Introducing ManaTEE: A Two-Stage Data Clean Room

ManaTEE introduces a two-stage data clean room model to provide an interactive interface for exploring data while protecting private data during processing. It combines different privacy-enhancing technologies (PETs) across two stages:

  • Programming Stage: Data consumers explore datasets using low-risk data, employing different PETs such as pseudonymization or differentially private synthetic data generation.
  • Secure Execution Stage: Workloads run in a trusted execution environment (TEE), which provides attestable integrity and confidentiality guarantees for the workload in the cloud.

Key Benefits of ManaTEE

  • Cloud-Ready: ManaTEE can be easily deployed to existing cloud TEE backends such as Google Confidential Space. We plan to support other backends as well, eliminating the need to build the entire TEE infrastructure to set up the framework.
  • Flexible PET: Data providers can control the protection mechanisms at each stage to tailor to specific privacy requirements of the data.
  • Trusted Execution Environment: By leveraging TEEs, ManaTEE ensures a high level of confidence in data confidentiality and program integrity for both data providers and data consumers.
  • Accuracy and Utility: ManaTEE employs a two-stage design to ensure that result accuracy is not compromised for the sake of privacy.

Features of ManaTEE’s Data Clean Room

  • Interactive Programming: Integrated with Jupyter Notebook, allowing data consumers to work with Python and other popular languages.
  • Multiparty Collaboration: Enables collaboration with multiple data providers.
  • Flexibility: Adaptable to specific enterprise needs.

ManaTEE Use Cases

  • Trusted Research Environments (TREs): Secure data analysis for public health, economics, and more, while maintaining data privacy.
  • Advertising & Marketing: Lookalike segment analysis and private ad tracking without compromising user data.
  • Machine Learning: Enables private model training without exposing sensitive data or algorithms.

Open Collaboration and Governance

ManaTEE encourages open collaboration within its growing community. Currently led by TikTok’s founding developers, ManaTEE plans to expand its leadership through a Technical Steering Committee (TSC). Eventually, future project milestones and growth plans will be publicly discussed and governed transparently.

The ManaTEE project welcomes anyone interested in confidential computing and private data collaboration to participate and contribute.

Conclusion

ManaTEE is a significant step forward in secure data collaboration, balancing privacy, usability, and accuracy. Organizations can safely collaborate on sensitive datasets by leveraging TEEs and a two-stage clean room approach.

To learn more, visit the Confidential Computing Consortium or explore ManaTEE on GitHub.

Aug 26

Fr0ntierX Joins the Confidential Computing Consortium as a Startup Member

By Announcement No Comments

 

August 26, 2024 – Fr0ntierX, a leader in secure AI and cybersecurity, has officially joined the Confidential Computing Consortium. This recognition, driven by Fr0ntierX’s cutting-edge Janus platform, marks a significant milestone for the company.

Janus offers a novel approach to secure AI through confidential computing. This technology ensures complete data encryption at every level, making it indispensable for industries requiring top-tier security.

Fr0ntierX’s inclusion in the Consortium underscores its commitment to advancing secure computing in collaboration with the industry’s best.

“This community is unique. Nowhere else do you have competing companies come together with a shared goal of advancing the industry together. For us, it’s an incredible opportunity to integrate Janus with new ideas, ensuring our solutions continue to meet the highest standards,” said Jonathan Begg, CEO of Fr0ntierX. 

With a team of industry experts, Ph.D.s, and strategic advisors, Fr0ntierX provides guidance and support to help businesses maximize the benefits of AI adoption while maintaining the highest standards of security and compliance.

Fr0ntierX empowers enterprises, government agencies, and academic institutions to leverage the power of AI and Large Language Models (LLMs) without compromising security. Their flagship product, Janus, features advanced encryption and robust cybersecurity – powered by confidential computing – safeguarding data from storage to processing. By eliminating master keys, Janus mitigates common threats and ensures data integrity. Unlike typical AI models, which may expose data to third-parties, Janus operates within a fully isolated environment, providing a secure container for AI workflows and the compartmentalization of context data, making it ideal for sectors that handle sensitive information.

By joining the Confidential Computing Consortium, Fr0ntierX aims to further accelerate innovation in secure computing by collaborating with industry leaders to drive the adoption of confidential computing technologies.

Confidential Computing Consortium Resources

Aug 12

OPPO Joins the Confidential Computing Consortium: Advancing Privacy and Security for a Smarter Future

By Announcement No Comments

 

We are thrilled to announce that OPPO has become a General member of the Confidential Computing Consortium, a global community dedicated to advancing privacy and security through cutting-edge technology. This exciting development reflects our commitment to safeguarding user privacy and delivering secure, reliable smart life experiences.

Commitment to Privacy and Security

OPPO fully understands the significance of user privacy and consistently prioritizes security above all else. Their products and services are designed with robust security features, including high-strength data encryption, secure transmission and storage, and rigorous access control mechanisms. These measures ensure that our offerings meet high-level information security assessments and certifications, establishing a comprehensive privacy protection system.

As a member of the Confidential Computing Consortium, OPPO will collaborate with industry leaders, innovators, and researchers to push the boundaries of privacy protection. Our goal is to contribute to technological innovation and explore new frontiers in confidential computing, enhancing the security and reliability of smart devices and services.

By joining the Confidential Computing Consortium, OPPO aligns itself with a community committed to developing open-source technologies and standards that enhance data privacy. This partnership enables OPPO to: work alongside leading companies and organizations to share knowledge and best practices, drive innovation in privacy protection, enhance user trust and participate in groundbreaking research and development efforts that set new standards for data security in the technology industry.

What Is Confidential Computing?

Confidential computing is an emerging technology that focuses on protecting data while it is being processed. Unlike traditional security measures that protect data at rest or in transit, confidential computing ensures that data remains secure during computation by using hardware-based trusted execution environments (TEEs). This approach provides a higher level of assurance and privacy, particularly in cloud and edge computing environments

OPPO’s membership in the Confidential Computing Consortium is a significant milestone in our journey toward creating a more secure and trustworthy digital world. We are excited to work hand in hand with colleagues from various sectors to explore the limitless possibilities of confidential computing and to continue delivering unparalleled security and privacy to our users.

We invite our partners, customers, and stakeholders to join us in this exciting new chapter as we pave the way for a smarter, safer future. Together, we can make a difference in the world of technology and privacy.

Confidential Computing Consortium Resources

 

Aug 01

Automata Joins the Confidential Computing Consortium as a Startup Member

By Announcement No Comments

We are thrilled to announce that Automata has joined the Confidential Computing Consortium as the most recent Startup member and brings their expertise in machine attestation and secure computation to our community.  Automata is a machine attestation layer built by humans and designed for machines. It performs verifiable computation over stateless data using secure hardware, extending machine trust to Ethereum with Trusted Execution Environments (TEEs), also called TEE Coprocessors.

 Why TEE Coprocessors?

TEEs are a cornerstone of confidential computing. They create a secure enclave by encrypting the hardware memory, allowing us to guarantee the integrity and confidentiality of computations performed by a TEE.

  • Integrity: TEEs verify that the data and code being run are authentic. Through remote attestation, we can be confident that computations are executed by a genuine TEE.
  • Confidentiality: TEEs provide technical assurance that untrusted parties protect computations from access.

 Coprocessors extend blockchain functionality by performing off-chain computations over on-chain data within a parallel environment—in this case, a TEE. Our experience with TEEs on the blockchain, from moving TEE stack components on-chain to designing and deploying TEE-backed applications, has shown that secure hardware is a practical and promising way to handle workloads in a decentralized setting.

Automata and Confidential Computing

Recently, Automata has made significant advancements in on-chain computation. We have implemented what we believe to be the first complete DCAP attestation workflow on the blockchain, allowing for the caching of attestation collaterals in a decentralized repository that the community can contribute to and maintain.

 Additionally, we introduced Multi-Prover AVS on EigenLayer, a restaking protocol that enhances the security of rollups with a secondary TEE Prover. Our work with TEEs demonstrates the feasibility of using secure hardware as the building blocks for interacting with blockchains, upholding core values of openness and verifiability.

 This aligns with the spirit of the Confidential Computing Consortium. We are excited about the renewed energy around confidential computing. We are committed to contributing to the long-term success of TEEs as the de-facto medium of computational integrity on the web. We also aim to motivate further research into trust-minimized, confidential implementations for both applications and infrastructure.

 Confidential Computing Consortium Resources

Jul 18

Announcing Invary’s Membership and Our New Start-Up Tier

By Announcement No Comments

We are thrilled to announce that Invary has joined the Confidential Computing Consortium (CCC) as a start-up member! Invary’s mission to protect people, organizations, and governments from hidden cyber threats aligns perfectly with our commitment to advancing secure computing technologies.

Invary brings a wealth of expertise in cyberthreat detection and mitigation, enhancing the Consortium’s efforts to foster secure, privacy-preserving computing environments. Their innovative solutions and dedication to cybersecurity will be invaluable as we work together to promote and develop open standards for confidential computing.

Invary’s remote attestation service enhances the security of Trusted Execution Environments (TEEs), ensuring data remains encrypted and inaccessible to unauthorized users during processing.

We look forward to collaborating with Invary to drive forward the adoption of confidential computing, ensuring robust protection against cyberthreats for all users. Welcome, Invary, to the Confidential Computing Consortium!

Jason Rogers, CEO of Invary, on joining the CCC said, “We are excited to join the Confidential Computing Consortium and look forward to collaborating with experts focused on data privacy and cybersecurity. We are grateful for the opportunity provided by the CCC’s Startup Program and eager to share our expertise in Runtime Integrity and Attestation.”

In addition to welcoming Invary, we are thrilled to introduce a new membership tier tailored specifically for start-ups. This initiative empowers emerging companies by offering them a unique opportunity to join the CCC community free of charge for the first 12 months. We are excited about the potential of this new offer and look forward to seeing the innovative contributions from start-ups.

Why This Matters

Confidential Computing is revolutionizing data protection and processing. The use of hardware-based techniques to isolate sensitive data ensures security even during processing. As the field evolves, collaboration and innovation become increasingly crucial to keep up with advancements. The CCC plays a pivotal role by uniting industry leaders, researchers, and innovators to drive the future of secure computing. This is a call for start-ups to join this collaborative effort and contribute to the future of secure computing.

Invary brings expertise in cyber threat detection and mitigation, enhancing the Consortium’s efforts to foster secure, privacy-preserving computing environments. Their innovative solutions and dedication to cybersecurity will be invaluable as we work together to promote and develop open standards for confidential computing.

Join Us

We look forward to collaborating with Invary to accelerate the adoption of confidential computing and ensure robust protection against cyber threats for all users. Welcome, Invary, to the Confidential Computing Consortium!

For start-ups interested in joining, our new membership tier provides an excellent opportunity to be part of a leading community in secure computing. Take advantage of this chance to contribute, collaborate, and innovate in Confidential Computing.

Welcome to the future of secure computing. Welcome to the CCC!

Confidential Computing Consortium Resources

Jul 02

COCONUT-SVSM Joins the Confidential Computing Consortium: Enhancing Security for SensitiveWorkloads

By Announcement, Blog No Comments

The Confidential Computing Consortium (CCC) welcomes a new project: The COCONUT
Secure VM Service Module (COCONUT-SVSM), which aims to be a game-changer for secure
service provision within confidential virtual machines (CVMs). This is a significant step forward
for the project.


Published by SUSE in March 2023 the project built an active developer community with major
industry players contributing, including AMD, Microsoft, IBM, Intel, Redhat and Google. By
joining the CCC the project gains enhanced visibility and even more collaboration opportunities
within the confidential computing community and is set for further community growth.

Building a Secure Foundation for Confidential VMs

COCONUT-SVSM was started by SUSE and is now hosted by the Linux Foundation (LF),
known for fostering open-source collaboration. This choice reflects the project’s commitment to
open development and community involvement. COCONUT-SVSM aims to become a platform
that delivers essential services to CVMs. These services, which can not be provided by the host
VMM in a secure way, include:

  • Virtual TPM emulation: This functionality provides a secure Trusted Platform Modulewithin the CVM, enabling functionalities like secure key generation and storage, but alsoenable full remote attestation of workloads.
  • UEFI variable store: This secure storage area safeguards critical configuration data forthe CVM and enables secure boot on some platforms.
  • Live migration for CVMs: This feature allows for seamless movement of running CVMsacross different physical hosts without compromising security.

The key advantage of COCONUT-SVSM lies in its secure execution environment. It operates
within the trust boundary of the CVM, but is still isolated from the actual operating system. This
isolation ensures that even if the underlying system gets compromised, the security of services
offered by COCONUT-SVSM remains intact

Benefits for Confidential Computing

This integration will enable users to enhance their confidential VM setups with features like:

  • Secure Remote Attestation: This allows for verifying the integrity and trustworthiness of the execution environment, a crucial requirement for running sensitive workloads and protecting data.
  • End-To-End Data Security: Users can guarantee that their data is always encrypted and never visible to any unauthorized party during storage, transmission, and processing.

Ultimately, these features empower users to fully protect their data even in untrusted
environments like the public cloud. This paves the way for secure cloud deployments and
confidential computing adoption across various industries.

Industry Leaders Support COCONUT-SVSM

COCONUT-SVSM is gaining traction within the tech industry, with key partners recognizing its
potential to advance confidential computing. Here’s what some industry leaders have to say
about COCONUT-SVSM:

AMD
“SUSE and AMD have a long history of collaborating on the development of the Linux
ecosystem and confidential computing technologies for AMD EPYC Processors” said
Frank Gorishek, corporate vice president, Software Development, AMD. “We are thrilled
to see COCONUT-SVSM join the CCC as an open source implementation of the AMD
SVSM specification for SEV-SNP. AMD is committed to open source technologies such
as COCONUT-SVSM as a catalyst for collaborative innovation on transformative
technologies such as confidential compute.”

Microsoft
“A secure environment like COCONUT-SVSM can play a valuable role in confidential
computing.” a spokesperson from Microsoft Hyper-V said. ”It can hold secrets and
provide virtualization services seamlessly to improve the usability of CVMs.”

Open Governance and Continued Growth

The COCONUT-SVSM project fosters open collaboration. SUSE’s Jörg Rödel, as the founding
developer, is the current lead maintainer. In the future, a broader project leadership will be
established by a Technical Steering Committee (TSC) consisting of at least 3 lead people to
ensure diverse perspectives guide the project’s direction.


The project community collaborates via its GitHub organization, a mailing list and in weekly
community meetings. There the project’s future, current challenges, and contributions from a
broad developer base are discussed.


Every developer passionate about confidential computing and secure service provisioning is
invited to start contributing to COCONUT-SVSM and support the continued growth of the
project.

The Meaning Behind the Name

The name COCONUT is a play on the term “CoCo,” a common abbreviation for confidential
computing. The “coconut” metaphor reflects the project’s focus on robust security, symbolizing a
hard-to-crack shell protecting the integrity of sensitive data.


By joining the Confidential Computing Consortium, COCONUT-SVSM is set to make significant
contributions to the field of confidential computing. The community excited to see the project
flourish within the CCC and invite all those interested in secure virtualization technology to join
the thriving COCONUT-SVSM project. Together, we can bring confidential computing and
end-to-end data protection forward for a wide range of industries and applications.

Close Menu