Microsoft Partners With Google, Intel, And Others To Form Data Protection Consortium
Microsoft is teaming up with fellow giants in the tech industry to form a global consortium that would ensure the security of private data
The software maker joined Google Cloud, Intel, IBM, Alibaba, Arm, Baidu, Red Hat, Swisscom, and Tencent to establish the Confidential Computing Consortium, a group committed to providing better private data protection, promoting the use of confidential computing, and advancing open source standards among members of the technology community.
Formed in partnership with The Linux Foundation, the Consortium hopes to bring together various stakeholders such as software developers, hardware vendors, academics, and open source experts.
The Confidential Computing Consortium
In its statement, The Linux Foundation explained the companies’ reasoning for banding together.
While current approaches to data security is mostly focused on addressing data at rest (storage) and in transit (network), the foundation said encrypting data in use is potentially the most difficult step for developers to provide a completely encrypted lifecycle for private data.
The group believes that confidential computing will allow people to process encrypted data in memory without the risk of exposing other parts of the system. It will also limit the exposure of sensitive data and allow for better transparency and control for users.
“The earliest work on technologies that have the ability to transform an industry is often done in collaboration across the industry and with open source technologies,” said Jim Zemlin, The Linux Foundation’s executive director.
“The Confidential Computing Consortium is a leading indicator of what’s to come for security in computing and will help define and build open technologies to support this trust infrastructure for data in use.”
Promoting Open Source Standards
As part of their goal to advance open source standards in the tech industry, members of the newly formed consortium will contribute several projects to the effort. These include:
- Open Enclave SDK – Microsoft’s open source framework designed to let developers create Trusted Execution Environment applications using only a single enclaving abstraction. The system allows the development of applications that can be operated across several TEE architectures.
- Software Guard Extensions (SGX) – An Intel software development kit specially designed to allow app creators to protect data and codes from modification or disclosure at the hardware level. The system uses protected enclaves to secure sensitive data.
- Enarx – A project developed by Red Hat that makes use of TEEs to secure applications.
Microsoft’s Chief Technical Officer Mark Russinovich pointed to the Open Enclave SDK as a popular choice among developers working on TEEs.
He said that the company hopes its contribution to the Consortium will allow more developers to have access to the Open Enclave SDK. This in turn can help speed up the development and adoption of applications that can improve data security across cloud and edge computing.