Confidential Computing protects data at rest and in transit as well as during processing. Trusted Execution Environments (TEEs) use hardware to provide a secure region of the CPU, an enclave, in which code and data are physically isolated and cannot be tampered with. Confidential Computing provides data confidentiality (unauthorised entities cannot view data while in use in the TEE), data integrity (unauthorised entities cannot add, remove, or alter data while in use in the TEE) as well as code integrity (unauthorised entities cannot add, remove, or alter code executing in the TEE) throughout every stage in the data lifecycle.
The protection of sensitive data is paramount for businesses, particularly data privacy in the cloud. Encryption has been commonly used for data in rest and in transit while data remained vulnerable during processing. Data in use must be decrypted in memory and could be accessed or tampered with by unauthorised entities, like service providers, operating systems, and system administrators. With confidential computing, even highly-regulated industries like banking, insurances, and health care, can be assured that their data remains protected from potential attackers.
Secure collaboration: Share data across firms and departments without compromising on confidentiality.
Trust the cloud: Move sensitive workloads to the cloud and leverage the benefits of cloud computing.
Prevent data breaches: Provide security at the lowest level of the hardware to reduce exposure to potential attacks at any point in the system lifecycle.
Conclave is for firms who want to build products and services that provide transparency into how data is collected and processed. The businesses who are end-users of Conclave-based applications also benefit as their data is protected from misuse and they are able to retain ownership and control of their data. Conclave is also for software firms who are in the process of selecting a platform on which to build multi-party analytics. This allows companies to collaborate without exposing their private data to each other, helping to mitigate digital theft, fraud, and money laundering activities. Likewise, being able to comfortably share sensitive data from multiple sources can train a machine learning model far more effectively than working alone. And, by enabling multi-party analytics, Conclave can accelerate critical research and development in regulated industries such as government, financial services, insurances, and healthcare.
Conclave Cloud is a serverless confidential computing platform with built-in privacy-preserving features. It offers the quickest and most effective way to deploy confidential event-driven workloads by eliminating the complexities of building with secure enclaves. The Conclave Cloud platform will bring together an expanding set of services that will seamlessly integrate with each other providing a rich set of tools for implementing solutions without ever having to leave the Conclave Cloud platform.
Enclaves are regions of memory that are protected from attack by the owner of the computer on which they run, making them highly secure and ideal for multi-party applications and highly regulated industries where data privacy is a concern.
Intel® Software Guard Extensions (Intel® SGX) helps protect data in use via unique application isolation technology. Protect selected code and data from modification using hardened enclaves with Intel® SGX.