Access and Feeds

Security: Keeping In-Process Data Confidential

By Dick Weisinger

Data security. There are three data-protection scenarios for securing data in the cloud:

  • Data at rest.
  • Data in transit.
  • Data in use.

Traditionally the focus on data protection has been with data at rest and data in transit. Keeping data secure while it is being used is more tricky. To process data, the data needs to be decrypted and moved into computer memory. Attacks can target the data stored in memory. The Meltdown attack against Intel chips was an example of how data stored in memory can be compromised. Protecting data while it is being used is being called “Confidential Computing.”

Lorie Wigle, vice-president at Intel, said that “whether running on your own servers on-prem, in an edge deployment, or in the heart of a cloud service provider’s datacentre, this ‘in-use’ data is almost always unencrypted and potentially vulnerable.”

To develop open source Confidential Computing security, the Linux Foundation along with many large technology vendors have created the Confidential Computing Consortium. Founding members of the group include Alibaba, ARM, Baidu, Google Cloud, IBM, Intel, Red Hat, Swisscom and Tencent.

In a joint statement, the Linux foundation announced that “confidential computing will enable encrypted data to be processed in memory without exposing it to the rest of the system and reduce exposure for sensitive data and provide greater control and transparency for users.”

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Leave a Reply

Your email address will not be published. Required fields are marked *

*