The Linux Foundation has signed up the likes of Microsoft and Google for its Confidential Computing Consortium, a group with the laudable goal of securing sensitive data.
The group – which also includes Alibaba, Arm, Baidu, IBM, Intel, Red Hat, Swisscom and Tencent – will be working on open-source technologies and standards to speed the adoption of confidential computing.
The theory goes that while approaches to encrypting data at rest and in transit have supposedly been dealt with, assuming one ignores the depressingly relentless splurts of user information from careless vendors, keeping it safe while in use is quite a bit more challenging. Particularly as workloads spread to the cloud and IoT devices.
Confidential Computing is therefore all about processing that encrypted data in memory without having it exposed to the rest of the system. After all, who would want a rogue process peeking into places it shouldn't? Right, Intel?
Chipzilla and Arm have signed up to the consortium, with Intel contributing its Software Guard Extensions (SGX) SDK to the project. SGX is aimed at keeping code and data safe from prying eyes or sticky fingers at the hardware layer thanks to protected enclaves.
Microsoft, in line with its caring, sharing open-source image, is also lobbing in some of its software, in the form of its Open Enclave SDK. The open-source framework allows developers to build Trusted Execution Environment (TEE) applications using a single enclaving abstraction.
The Linux Foundation expects the results of the consortium's efforts to lead to "greater control and transparency for users".
Microsoft, of course, has what could be charitably described as a challenging relationship with transparency and control, lurching from eye-searing frankness in what it is slurping and how to stop it in PowerShell 7, to the shenanigans surrounding Skype, Cortana and its Speech Services.
Azure CTO Mark Russinovich was chuffed that the Windows giant was to be part of the consortium. He highlighted data at rest and data in transit as challenges that already enjoy standards, before going on to describe the possible exposure of data in use as "the critical third leg of the stool".
Notable missing members from the gang include Apple. We contacted the fruity firm to get its take on the Confidential Computing Consortium, but have yet to receive a response. There's a surprise. ®