– Linux Foundation recently announced that 10 tech giants have joined together for a joint data security consortium designed to define and accelerate the adoption of confidential computing.
Alibaba, Google Cloud, Microsoft, IBM, Red Hat, Swisscom, Baidu, Arm, Intel, and Tencent have all committed to joining the Confidential Computing Consortium, targeted on supporting all industries as they move into the cloud and edge computing.
A 2018 Gartner report showed that 30 percent of health centers will be based in the cloud within the next three years. However, Netwrix researchers found that 32 percent of providers are storing data in the cloud despite a lack of security resources.
The consortium is meant to close some of these common security gaps and act as a resource to these types of vulnerable organizations and will bring together hardware vendors, cloud vendors, developers, open sources experts.
The goal is to fuel the confidential computing market and influence technical and regulatory standards, as well as building open source tools to create a secure environment for Trusted Execution Environment development. The consortium will also support industry outreach and education initiatives.
“The earliest work on technologies that have the ability to transform an industry is often done in collaboration across the industry and with open source technologies,” Jim Zemlin, executive director at The Linux Foundation, said in a statement.
“The Confidential Computing Consortium is a leading indicator of what’s to come for security in computing and will help define and build open technologies to support this trust infrastructure for data in use,” he added.
Three participants have already planned contribute several open source projects. Intel will share its Software Guard Extensions (SGX) Software Development Kit, which will support application developers in protecting select code and data from disclosure or modification at the hardware layer through protected enclaves.
Microsoft will contribute its Open Enclave SDK, an open source framework for developers building TEE applications with a single enclaving abstraction, while Red Hat will share its Enarx project that provides hardware independence for securing applications using TEEs.
The consortium also includes a governing board, a technical advisory council, and a separate technical oversight for each project. Officials said they’ll host a wide range of open source projects and open specifications to support confidential computing. Membership dues will fund the consortium.
“The formation of Confidential Computing Consortium under Linux Foundation is an important step towards the future of technologies across cloud computing, blockchain and security,” Fei Song, head of product committee, AI Cloud, Baidu, said in a statement. “It will help to create the global technical standards of confidential computing and promote its business use at the enterprise level in different industries.”
“To help users make the best choice for how to protect their workloads, they need to be met with a common language and understanding around confidential computing,” Royal Hansen, vice president, Security, Google, said in a statement. “As the open source community introduces new projects like Asylo and OpenEnclave SDK, and hardware vendors introduce new CPU features that change how we think about protecting programs, operating systems, and virtual machines, groups like the Confidential Computing Consortium will help companies and users understand its benefits and apply these new security capabilities to their needs.”