Importance of Hardware-based Confidential Computing

As more and more businesses embrace cloud computing technology, and migrate to the cloud, there remain concerns around privacy and data security. Data is encrypted when it’s at rest or in transit, but applications need access to data in an unencrypted form while it is processing. Confidential computing aims to eliminate this data security vulnerability by protecting data while it’s in use.

Confidential computing is a new security approach that is focused on protecting data in-use by encrypting workloads during operation. It works by using hardware-based techniques to isolate the software and data in a secure area of the central processor.

Data is stored in the trusted execution environment (TEE) to safeguard the confidentiality of user data and code. When the data is within this “enclave,” only authorized programming code can access the data, and if the code is altered or tampered with, the TEE will deny access.

With confidential computing, whether the data is in transit, at rest, or running, it will remain secure and protected from outside hackers, and internal threats.

Hardware-based Confidential Computing Protection

In 2019, major tech companies including Intel, Google, Microsoft, and IBM/Red Hat announced the launch of Confidential Computing Consortium (CCC), under the sponsor of The Linux Foundation. The CCC aims to build cross-platform tools for confidential computing in addition to developing a general framework for cloud computing environments.

Intel is driving enhanced security usages with an additional layer of hardware-based security and manageability through Intel® Software Guard Extensions (Intel® SGX). The 3rd Gen Scalable Intel Xeon processors enable servers to operate at 5.0 GHz frequencies and expanded capacity for hardware-enhanced security with double the Intel SGX Enclave Page Cache (EPC). The increased enclave sizes enable larger code and datasets to be encrypted to further expand usage scenarios and improved performance.

Intel SGX can accelerate the development of cyber security appliance for Telco service providers, edge, public and private clouds.

Advantages of Confidential Computing

The key benefits of confidential computing include protecting sensitive data and application during processing, secure intellectual property, enable complete end-to-end encryption of cloud data, and prevent insider attacks and unauthorized access to user data. Confidential computing allows data to be transferred between different environments without exposing any sensitive data to unauthorized parties, which opens new opportunities for collaborations between different organization without accessing each other data.

Embracing Confidential Computing Advancement

Through utilizing confidential computing, organizations can enhance cloud data privacy, prevent external and internal malicious access and build multi-party cross-cloud data application workloads.

Lanner NCA-5220 network appliance built with Intel® Xeon® E is an ideal solution that realizes a simple and effective confidential computing implementation.

Featured Products


NCA-5220

1U Rackmount Network Appliance for Network Traffic Security, Cloud Computing and Data Centers.

CPU Intel® Xeon® E or Core™ i7/i5/i3 or Pentium® or Celeron® (Coffee Lake)
Chipset Intel® C246

Read more