A Technical Analysis of Confidential Computing

In classical computing, data exists in three states: in transit, at rest, and in use. Data traversing the network is “in transit,” data in storage is “at rest,” and data being processed is “in use.” In a world where we are constantly storing, consuming, and sharing sensitive data – from credit card data to medical records, from firewall configurations to our geolocation data – protecting sensitive data in all of its states is more critical than ever. Cryptography is now commonly deployed to provide both data confidentiality (stopping unauthorized viewing) and data integrity (preventing or detecting unauthorized changes). While techniques to protect data in transit and at rest are now commonly deployed, the third state – protecting data in use – is the new frontier.

A Confidential Computing Consortium whitepaper[1] provides an overview of how Confidential Computing addresses this problem, along with use cases and motivation. This paper provides more details for a technical audience.

A Technical Analysis of Confidential Computing