Confidential Computing: A Key To Secure Cloud And Edge Environments


Historically, data security was primarily focused on safeguarding data residing within systems controlled by the users themselves, such as on-premise storage and server infrastructure. In such a siloed environment, information stored on the storage media, Data-at-Rest, was encrypted to ensure security. Data-in-Motion (aka Data-in-Transit) was safeguarded by encrypting it before transmitting it ... » read more

A Practical Approach To Inline Memory Encryption And Confidential Computing For Enhanced Data Security


In today's technology-driven landscape in which reducing TCO is top of mind, robust data protection is not merely an option but a necessity. As data, both personal and business-specific, is continuously exchanged, stored, and moved across various platforms and devices, the demand for a secure means of data aggregation and trust enhancement is escalating. Traditional data protection strategies o... » read more

Private Delegated Computations Using Strong Isolation


Computations are now routinely delegated to third-parties. In response, Confidential Computing technologies are being added to microprocessors offering a trusted execution environment (TEE) that provides confidentiality and integrity guarantees to code and data hosted within—even in the face of a privileged attacker. TEEs, along with an attestation protocol, permit remote third-parties to est... » read more

Formally Modeling A Security Monitor For Virtual Machine-Based Confidential Computing Systems (IBM)


A technical paper titled “Towards a Formally Verified Security Monitor for VM-based Confidential Computing” was published by researchers at IBM Research and IBM T.J. Watson Research Center. Abstract: "Confidential computing is a key technology for isolating high-assurance applications from the large amounts of untrusted code typical in modern systems. Existing confidential computing syste... » read more

Making It Easier To Build Platforms That Support Confidential Computing


With the rise of the cloud, computation has become highly distributed. Workloads can be running on many compute nodes and often span multiple data centers. A workload consists of a combination of code and data, and both are often valuable and sensitive. A data center is often managed by a third-party, such as Cloud Service Provider (CSP), and may reside in a different legal jurisdiction to the ... » read more

Hardware-Based Confidential Computing (NIST)


NIST has published a draft report, titled “Hardware Enabled Security: Hardware-Based Confidential Computing,” which presents an approach for managing machine identities for protection against malware and other security vulnerabilities. Comments are due April 10, 2023. Abstract "Organizations employ a growing volume of machine identities, often numbering in the thousands or millions per ... » read more

Week In Review: Auto, Security, Pervasive Computing


Rambus will begin selling Arm's CryptoCell embedded security platform and CryptoIsland root-of-trust cores, setting the stage for a much broader push by Rambus into security for a wide range of connected devices, and ultimately into security as a service. Under the terms of the deal, Rambus' customers will be able to license Arm IP directly from Rambus. For Arm's existing customers, there will ... » read more

HW-Enabled Security Techniques To Improve Platform Security And Data Protection For Cloud Data Centers And Edge Computing (NIST)


A technical paper titled "Hardware-Enabled Security: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases" was published by NIST, Intel, AMD, Arm, IBM, Cisco and Scarfone Cybersecurity. Abstract: "In today’s cloud data centers and edge computing, attack surfaces have shifted and, in some cases, significantly increased. At the same time, hacking has becom... » read more

Performance Implications for Multi-Core RISC-V Systems with Dedicated Security Hardware


Abstract "The RISC-V instruction set architecture (ISA) is a promising open-source architecture supporting the Open Era of Computing. As RISC-V matures, consumers, industry leaders, and nation states are looking at the potential benefits RISC-V offers –especially for secure systems which may require privileged architecture implementations, physical memory protection (PMP), or trusted executi... » read more

More Data, More Processing, More Chips


Simon Segars, CEO of Arm, sat down with Semiconductor Engineering to talk about the impact of heterogeneous computing and new packaging approaches on IP, the need for more security, and how 5G and the edge will impact compute architectures and the chip industry. SE: There are a whole bunch of new markets opening up. How does Arm plan to tackle those? Segars: Luckily for us, we can design ... » read more