Australian Cyber Security Magazine, ISSUE 12, 2022

Page 38

Confidential Computing: Enforces the Trusted Execution Environment (TEE) By Vinoth Venkatesan

What is Confidential Computing? Organizations that manage sensitive data such as Personally Identifiable Information (PII), financial data, or health information need to alleviate threats that target the confidentiality and integrity of either the data in system memory or the application itself. Data is most often encrypted at rest in storage and transit across the network, but not while in use in memory. In addition, the ability to protect data and code while in use is limited in conventional computing infrastructure. Confidential computing guards data in use by performing the computation in a hardware-based Trusted Execution Environment. These isolated and secure environments prevent unauthorized access or modification of applications and data while in use, thus increasing the security level of organizations that manage sensitive and regulated data. Confidential computing is defined and managed by

the Confidential Computing Consortium(CCC) under the umbrella of The Linux Foundation. “CCC is a project community at the Linux Foundation dedicated to defining and accelerating the adoption of confidential computing. It will embody open governance and open collaboration that has aided the success of similarly ambitious efforts. The effort includes commitments from numerous member organizations and contributions from several open-source projects.”

How can confidential computing help? Confidential computing protects data in use using hardware-based Trusted Execution Environments. Through Confidential Computing, we can now protect against many known threats.

The entry of Trusted Execution Environments (TEE) A Trusted Execution Environment (TEE) is an environment that offers a level of assurance of data integrity, data confidentiality, and code integrity. A hardware-based TEE uses the techniques to provide increased security guarantees for code execution and data protection within that environment. In the framework of confidential computing,

38 | Australian Cyber Security Magazine


Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.