#科技头条#【阿里巴巴、谷歌、英特尔和微软等合作改善云安全】

#科技头条#【阿里巴巴、谷歌、英特尔和微软等合作改善云安全】据美国科技媒体GeekWire报道,微软、谷歌、阿里巴巴、Red Hat、IBM、英特尔等大型科技企业联合起来,希望增强云安全,以保护数据。大型科技企业组建的Confidential Computing Consortium(简称CCC),目标是设立标准和框架,开发工具,给数据加密。但目前的技术主要用来保护静止数据,不是传输中的数据。http://www.looooker.com/?p=68869

Google, Intel, and Microsoft partner to improve cloud security

Google, Intel, and Microsoft partner to improve cloud security

Credit: CCC
  • 6
    SHARES

Some of the biggest names in tech have banded together in an effort to promote industry-wide security standards for protecting data in use.

The initiative — dubbed Confidential Computing Consortium (CCC) — has Alibaba Cloud, Arm, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom, and Tencent as its founding members.

Volume 0%
00:00
01:35

Have you heard of Hard Fork Summit?

TNW’s finance, blockchain, and business event is coming up soon

It was formally launched yesterday at the Linux Foundation’s Open Source Summit in San Diego, California.

What is confidential computing?

“Confidential computing will enable encrypted data to be processed in memory without exposing it to the rest of the system and reduce exposure for sensitive data and provide greater control and transparency for users,” the group said in an announcement.

In doing so, the technology will allow organizations to securely collaborate on multi-party data sets and gain shared insights without giving access to that data.

“There are three types of possible data exposure to protect against,” said Mark Russinovich, CTO of Microsoft Azure. “One is data at rest and another data in transit. The third possible exposure … is data in use. Protecting data while in use is called confidential computing.”

The need for a trust infrastructure

One of the core tenets that underpins confidential computing is the broader use of secure enclaves (aka trusted execution environment or TEE), which refers to an area within a processor that ensures confidentiality and integrity of code and data.

Solutions like Intel Software Guard Extensions (SGX) SDK, Microsoft Open Enclave SDK, and IBM Red Hat Enarx — which are all being contributed to the CCC — help protect sensitive software and data from being modified by malicious actors that may have broken into the target (virtual) machine.

In fact, end-to-end encrypted messenger Signal employs SGX to securely determine whether contacts in your address book are Signal users without revealing the contact information to the Signal service.

Apple and Google, likewise, leverage a TEE — called security enclave processor and Titan M respectively — in their phones to store confidential on-device data, including passwords and payment information.

Where is Asylo?

A surprising no-show is Google’s Asylo framework, which the search giant’s cloud platform announced last year to develop applications that run in TEEs. But, in its current form, the solution still appears to be a work in progress (it’s at version 0.4).

Also absent are the company’s recent privacy-focused efforts like Federated Learning and Private Join and Compute.

Federated learning is an on-device machine learning technique that offloads computation to the device as opposed to storing the data in the cloud — a paradigm of edge computing — while the latter refers to a cryptographic method that helps organizations work together with confidential data sets in a privacy-preserving manner.

The way ahead

The CCC comes at a time cloud adoption is accelerating at a rapid pace, with risks from data loss and leakage emerging the top concerns.

Cybersecurity firm Check Point’s 2019 Cloud Security Report last month cited unauthorized cloud access and account hijacking as some of the major cloud vulnerabilities, while stressing the need for stronger authentication mechanisms to safeguard users against such stealth attacks.

There’s no doubting the potential of confidential computing. As organizations increasingly shift to the cloud, the need for keeping data private all the way from the edge to the public cloud calls for a platform-agnostic solution that allows developers to create software that can be deployed across different TEEs — an area CCC hopes to nurture.

“The earliest work on technologies that have the ability to transform an industry is often done in collaboration across the industry and with open source technologies,” said Linux Foundation’s Jim Zemlin. “The Confidential Computing Consortium is a leading indicator of what’s to come for security in computing and will help define and build open technologies to support this trust infrastructure for data in use.”

Read next: US government knows you’re buying opioids with Bitcoin — and it doesn’t like it

原文链接:https://thenextweb.com/security/2019/08/22/google-intel-and-microsoft-partner-to-improve-cloud-security/


Comments are closed.



无觅相关文章插件