Top Confidential Computing Companies – MarkTechPost

Data processing can be isolated within a secure central processing unit (CPU) using cloud computing technology known as confidential computing. The CPU data and techniques employed to process that data are contained within the CPU environment. There are now more security risks due to cloud computing. Confidential IT handles additional IT security concerns by working with the cloud.

Confidential computing encrypts corporate data by running it in secure enclaves that isolate data and code to prevent unauthorized access even if the infrastructure is compromised. This means businesses can deploy mission-critical applications to public clouds or other hosted environments without worrying about the security of their data.

Global computing has changed dramatically over the past decade, thanks to cloud computing. Many businesses and organizations now use flexible solutions that scale up or down based on the amount of power and storage they need at any given time instead of dedicated managed servers at the sites they possess. It has changed the way applications are created, developed, and deployed, dramatically improving program automation and coordination.

Estimates show that between 50% and 60% of workloads are still running on on-premises servers. Even though more of this percentage is expected to migrate to the cloud over the next few years, there are some reasons why organizations might choose to keep their data and computing on-premises or by combining cloud services and their own managed servers. .

Highly sensitive data is subject to security concerns, and certain categories of data, such as health information, often have rules governing how it should be handled.

Using cloud-based resources introduces other types of security risks. Unlike cloud installations, where risks can also come from inside the infrastructure, attacks on on-premises servers mainly come from outside the system. The development of confidential computing has responded to the increased security concerns associated with cloud usage. In the strictest sense, it refers to safeguarding the confidentiality of a workload. However, they like to think of it as a more general word that covers three key ideas:

Privacy

In order to ensure that only consumers have access to the data, the data must be properly separated. Data protection is not a new concept and there are many techniques to implement it. Data in motion, or data transferred over the network, can be protected by encrypting data sent from an application. Current mechanisms focus on data at rest or data not currently in use, which may rely on encrypted data and/or disk images with a key known only to the tenant. In this case, the key can be randomly created while the application is running while the sender and receiver are connected.

The third type of data, called data in use, must be protected when using confidential computing. This involves providing safeguards to ensure that no other cloud tenant has access to the physical memory (such as RAM) used by a customer. The protection of virtual machines is generally provided by hardware (VM) techniques. This can be done either with memory encryption, where the CPU automatically encrypts the VM’s memory with separate keys for each VM, or with partitioning, where the CPU performs hard checks on the memory allocated to each VM and ensures that these limits are not exceeded. Both are offered by some operations, such as IBM Z Secure Execution.

Integrity

With the exception of the renter, no one else is authorized to modify or alter customer data. Some of the techniques used to protect data in early versions did not prevent data manipulation. This made it possible to employ a replay attack, which involves tricking a program into voluntarily divulging secrets by providing it with updated information. Therefore, newer applications of these technologies aim to prevent data manipulation.

Certificate

Even with secure computing, the system must remain reliable.

It is necessary to show the customer that the environment in which his application is executed is one that privileges confidentiality and integrity. They must start with a secure root of trust, a foundational element that is cryptographically secure, to accomplish this in a conventional setting. Typically, this comes in the form of a trusted hardware module, such as a Trusted Platform Module (TPM). It is a specialized microcontroller that uses an internal set of cryptographic keys to secure systems. Reliable platform module, but they are looking for multiple attestation techniques.

The CPU (or a security processor attached to it) attests that the contents of the VM and its encryption are correctly configured because, in most confidential computing implementations, the CPU becomes a trusted entity. In this situation, attestation from the hypervisor (or host operating system), which may not be reliable, is usually unnecessary. Under certain circumstances, a fully attested environment may still be recommended to avoid replay attacks and potential CPU vulnerabilities. In these situations, they want to certify the entire hardware and software environment that powers the customer’s application. However, to better attest the entire platform, attesting the underlying hardware requires rethinking some of the fundamental components of a processing system with a more complicated root of trust than a TPM.

Where is secure computing today?

They believe covert computing will spread like wildfire to strengthen security perimeters and enable increasingly sensitive workloads to be successfully deployed on public clouds. To get there, however, huge technology gaps need to be filled.

One of the major concerns that remains unresolved is how to ensure the reliability of components inside secure enclaves and the components that control them. They also seek to automate the process of exploiting the latest hardware capabilities and provide a secure system for exchanging decryption keys and other sensitive information.

Here are some of the coolest companies in the field of confidential computing:

Fortanix

Fortanix’s goal is to help solve cloud security and privacy issues. Without having to trust the cloud, Fortanix enables users to run even the most critical applications more securely. With its Runtime Encryption technology, based on Intel SGX, Fortanix delivers distinctive deterministic security by encrypting applications and data wherever they reside – at rest, in motion, and while in use. F100 global customers are protected by Fortanix, which also powers IBM Data Shield and Equinix SmartKey? HSM as a service. Gartner Cool Vendor based in Mountain View, Calif., Fortanix is ​​backed by venture capital.

Inpher.io

Secret Computing®, a cryptography technology invented by Inpher, enables advanced analytics and machine learning models while maintaining the privacy, security, and distributed nature of data. Due to increasing regulations around corporate and sovereign data privacy, security and compliance, it is increasingly difficult to access valuable data sources as data-driven businesses and Ubiquitous AI consume more information. Data scientists can compliantly, securely, and privately compute on dispersed data with Inpher’s Secret Computing® products without ever moving or exposing the data.

Profien

“A security company called Profian offers goods and services in the confidential computing industry. The company is dedicated to open source software and bases its products on the Enarx open source project, which uses WebAssembly, a binary format portable runtime systems supported by all major hardware platforms and currently undergoing standardization by the W3C.As new platforms are released, such as AMD SEV and Arm Confidential Compute Architecture (Arm CCA), and IBM Power Series PEF, Profian enables enterprises to deploy their current cloud-native applications on these platforms without redesigning or recompiling them. Existing platforms include Intel SGX and AMD SEV.

great protocol

“A universal decentralized protocol for distributed confidential computing has been developed by Super Protocol using the most recent advances in blockchain and TEE. Within the Web3 community, Super Protocol offers an alternative to established cloud service providers and enables everyone to participate in creating cutting-edge technologies for the Internet of the future.

LTD Secretariat

Data protection is ensured during processing using a special combination of secure hardware and cryptography by Secretarium’s secure cloud technology. A new generation of privacy-aware products that keep data owners in control of their data, secure sensitive data, and enable secure collaboration on the data it powers.

off center

Decentriq was created to solve the problems that many companies are currently facing with data sharing and collaboration. Anyone, internal or external, can effortlessly work on our platform’s most sensitive data without worrying about being exposed. Our secret computing core technology makes this possible, ensuring that all transferred data is 100% secure and encrypted from start to finish. Our technology is adaptable and supports a variety of use cases, including standalone analytics platforms and API integrations into your current infrastructure. No other IT expenditure is necessary. As you would with your current analytics platform, run and analyze queries against your data. You can customize user access, types of requests, and what data to share or hide centrally.

Note: We tried our best to feature the cool AI startups, but if we missed anything, then please feel free to reach out at Asif@marktechpost.com 
Please Don't Forget To Join Our ML Subreddit

References:

  • https://research.ibm.com/blog/what-is-confidential-computing
  • https://www.forbes.com/sites/forbestechcouncil/2022/03/31/why-now-is-the-time-for-confidential-computing/?sh=403b5e17176a
  • https://www.ventureradar.com/keyword/Confidential%20Computing


Ashish Kumar is an intern consultant at MarktechPost. He is currently pursuing his Btech from Indian Institute of Technology (IIT), Kanpur. He is passionate about exploring new technological advances and applying them to real life.


Sherry J. Basler