The Biggest tech Giants — Google, Microsoft, Alibaba, Red Hat, IBM, Intel, Arm, Baidu, Swisscom, and Tencent are joining forces to protect data by boosting Cloud Security; which is needed now more than ever as the cloud is scaling up to an unmanageable position which makes it vulnerable to threats and malicious attacks, potentially affecting millions.
The Confidential Computing Consortium by The Linux Foundation has announced the launch of a new community of tech all-stars focused on advancing trust and security for cloud and edge computing. Ongoing techniques focus on data at rest and traffic. The group describes the encryption of data in use as “the third and most challenging step in providing a fully encrypted life cycle for sensitive data”.
The issue “affects the privacy and security of almost every single person on Earth who interacts with these systems every single day;” said Jim Zemlin, executive director of the Linux Foundation; in an interview, explaining why competing companies are joining in the effort. “The urgency here is not lost on anyone.”
Open-source projects contributed by the group members:
- Intel is contributing to its Software Guard Extensions SDK;
- Red Hat is contributing its Enarx project, and
- Microsoft is contributing to its Open Enclave Software Development Kit (SDK) open-source project to the consortium.
Furthermore, by the contribution of these open-source projects to the consortium makes it more possible for other companies to participate in more reliable projects with greater confidence; overseen by a neutral group.
Microsoft Azure CTO Mark Russinovich in a post-Wednesday morning said Protecting data in use means data is not visible in unencrypted form during computation except to the code authorized to access it”. It’s not even accessible to edge device vendors or public cloud service providers. This capability enables new solutions where the data is private all the way from the edge to the public cloud.”
Mike Bursell, chief information security architect at Red Hat said, “If the consortium achieves their goals; “we’ll see people being able to deploy applications much more securely and easily; making use of these new developments,” in an interview.
Zemlin said, “The challenges of cybersecurity are global.” The work of the consortium will be done in the open and made freely available. Moreover, in a security-related consortium; the participation of three Chinese companies – Baidu, Tencent, and Alibaba, may raise eyebrows given geopolitical concerns about cybersecurity.
One notable absentee from the Confidential Computing Consortium party is Amazon Web Services (AWS). The launch at the open-source summit, there may be some clues. Although AWS promotes its open-source initiative through its @AWSOpen Twitter handle, among others; many in the community feel differently about AWS’s relationships with open-source players.