Microsoft, Intel and others are doubling down on open source Linux security

Microsoft is continuing its broad ongoing push to contribute with open source projects, joining the newly created Confidential Computing Consortium, an initiative launched by The Linux Foundation which aims to provide better security for data which is actually in use by apps on a computer, or in the cloud (as opposed to at rest, or not being used).

Microsoft is far from alone in this endeavor, and is joined by Intel in the consortium, along with ARM, Baidu, Google Cloud, IBM, Red Hat and other tech giants.

The overarching aim is the adoption of ‘confidential computing’ and the use of Trusted Execution Environments (TEEs) to secure data which is actively being used.

The Linux Foundation explains: “Current approaches in cloud computing address data at rest and in transit but encrypting data in use is considered the third and possibly most challenging step to providing a fully encrypted lifecycle for sensitive data.

“Confidential computing will enable encrypted data to be processed in memory without exposing it to the rest of the system and reduce exposure for sensitive data and provide greater control and transparency for users.”

In other words, the operating system could be compromised by some kind of malware, but the data being used in a program would still be encrypted, and therefore safe from an attacker.

Open Enclave

There are a number of central elements going towards achieving this, and Microsoft’s contribution is its Open Enclave SDK, an open source framework that facilitates the building (and verifying) of hardware-protected trusted apps. These TEE-toting apps will be able to run across multiple hardware architectures, currently including Intel SGX and ARM TrustZone (and Linux and Windows on the software front).

The SGX (Software Guard Extensions) SDK is a big part of the puzzle which Intel is open sourcing here, along with Red Hat Enarx, which provides hardware independence when it comes to securing apps via TEEs. The latter is similar to Open Enclave, but unsurprisingly with more of a Linux focus.

The ultimate end goal here should be better security for important data across the board, broadly speaking, and while this consortium and its aims obviously have a business focus, remember it’s often your personal data that these big organizations are processing and crunching. So, in a very real way when it comes to data breaches and the like, it’s often your security that is at stake.

Mark Russinovich, chief technical officer at Microsoft, enthused: “The Open Enclave SDK is already a popular tool for developers working on Trusted Execution Environments, one of the most promising areas for protecting data in use.

“We hope this contribution to the Consortium can put the tools in even more developers’ hands and accelerate the development and adoption of applications that will improve trust and security across cloud and edge computing.”

Via Tom’s Hardware

How It works

Search Crack for

Latest IT News

Feb 22
CMS use in the enterprise continues to increase with WordPress and Adobe Experience Manager taking the top spots.
Feb 21
Microsoft doesn’t want users to set up with a local account, it would seem – and less choice is never a good thing.
Feb 20
Microsoft has a new plan for taking the pain out of driver updates – or at least that’s the theory.
Feb 20
Mac users are finally getting a feature which iPhone and iPad owners have had for some time.
Feb 20
There are new icons for the Mail and Calendar apps, and a number of others besides.
Feb 19
Kaspersky denies a recent faulty Windows 10 update was because of its software.
Feb 19
Tutanota is the latest secure email provider to be blocked in Russia as the country looks to stop encrypted communication.

Latest cracks