A new project aims to ease the transition to confidential applications and services through collaborative development of open-source technologies, and standardizing an API for use in the field.
VMWare and other industry leaders are pushing forward the transition to confidential computing, announcing at the Confidential Computing Summit in San Francisco new collaborative efforts to increase the development and adoption of confidential applications.
For those unaware, confidential computing is the process of encrypting data in-use, instead of when it is stored or transferred. Even workloads that are operated on by others are secure, on everything from cloud to infrastructure to edge workloads.
Currently, public cloud services do not encrypt data while in-use as standard, meaning there is still a chance it can be intercepted. Confidential computing reduces this barrier significantly, by only allowing the user with a code on their system access to it. It also creates a security barrier between the customer and cloud service provider, as data will be hidden from them as well.
At the summit, VMWare announced the Certifier Framework for Confidential Computing, of which AMD and Samsung are partners. The project aims to ease the transition to confidential applications and services through collaborative development of open-source technologies, and standardizing an API for use in the field.
“This has the potential to secure workloads no matter where they run including in multi-cloud and edge settings,” said Kit Colbert, CTO at VMware. “The challenge has been to help customers adopt and implement the standard with ease. The collective efforts of the growing ecosystem of contributors to Certifier Framework will help bring those benefits to bear to ISVs, enterprise customers, and Sovereign Cloud providers—enabling them to use this emerging technology more easily and effectively.”
VMWare is not the only company pushing this new technology, although its focus on open-source operations and standardizing the frameworks could be of value to making this type of computing the standard for some workloads. Microsoft Azure, Google Cloud, and others offer confidential computing as a cloud security add-on.