Alibaba, Google Cloud and Microsoft among inaugural members of cloud security consortium
The Linux Foundation has announced the launch of a new community of tech all-stars focused on advancing trust and security for cloud and edge computing.
The open source community, dubbed the Confidential Computing Consortium (CCC), has 10 initial members: Alibaba, Arm, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom and Tencent.
“Current approaches in cloud computing address data at rest and in transit but encrypting data in use is considered the third and possibly most challenging step to providing a fully encrypted lifecycle for sensitive data,” the foundation noted in its press materials. “Confidential computing will enable encrypted data to be processed in-memory without exposing it to the rest of the system and reduce exposure for sensitive data and provide greater control and transparency for users.”
Members are encouraged to bring their own projects to the consortium, with Microsoft offering Open Enclave SDK, a framework which allows developers to build trusted execution environment (TEE) applications using a single enclaving abstraction. Intel’s Software Guard Extensions (SGX) SDK aims to help app developers protect select code and data from disclosure or modification at the hardware layer, while Red Hat’s Enarx provides hardware independence for securing applications using TEEs.
This is by no means the only cross-industry collaboration taking place in the cloud space right now. In March Intel led a launch of cohorts in a campaign to improve data centre performance through Compute Express Link (CXL), an emerging high-speed technology standard.
Alibaba, Google, and Microsoft are, alongside Intel, members of both initiatives. The three pretenders to the cloud infrastructure throne made all the right noises upon launch, with the three gifts of the Magi being looked upon with awe.
“We hope the [Open Enclave SDK] can put the tools in even more developers’ hands and accelerate the development and adoption of applications that will improve trust and security across cloud and edge computing,” said Mark Russinovich, Microsoft CTO.
“As the open source community introduces new projects like Asylo and Open Enclave SDK, and hardware vendors introduce new CPU features that change how we think about protecting programs, operating systems, and virtual machines, groups like the CCC will help companies and users understand its benefits and apply these new security capabilities to their needs,” said Royal Hansen, Google vice president for security.
The FAQ section also provides some interesting titbits. Under the question of ‘why does this require a cross-industry effort?’, the CCC responds with the following. “Of the three data states, ‘in use’ has been less addressed because it is arguably the most complicated and difficult. Currently confidential computing solutions are manifesting in different ways in hardware, with different CPU features and capabilities, even from the same vendor.
“A common, cross-industry way of describing the security benefits, risks, and features of confidential computing will help users make better choices for how to protect their workloads in the cloud,” it adds.
One notable absentee from the CCC party is Amazon Web Services (AWS). The launch, at Open Source Summit, may be something of a clue. While AWS promotes its open source initiatives through its @AWSOpen Twitter handle among others, several in the community feel differently about AWS’ relationship with open source players. The launch of DocumentDB, a database offering compatible with MongoDB in January caused TechCrunch to lead with the brazen headline that AWS had ‘[given] open source the middle finger’. Yet as reported by Business Insider in June, the company is increasingly ‘listening’ to the community.
You can find out more about CCC here.
Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.
- » Microsoft to acquire Affirmed Networks to get onto AWS’ wavelength
- » AWS makes Amazon Detective generally available for greater security awareness
- » Keep your foot on the gas: Maintaining momentum after your cloud migration
- » Waste not, want not: How enterprises can avoid an idle cloud estate
- » How cloud providers are changing the outlook for IoT data and analytics management