English
HomeKnowledge CenterDPU: Confidential Computing: Empowering Robust Security for Cloud Data

DPU: Confidential Computing: Empowering Robust Security for Cloud Data

Updated on Mar 7, 2024 by
  Howard
331

In AI applications, data privacy is a major concern. During the AI model training process, especially in distributed learning scenarios like federated learning, cloud data may be distributed in different places, including user devices, edge servers, and cloud services. Confidential Computing is absolutely an ideal option for providing the basis for security and privacy protection in AI development.

What Is Confidential Computing?

Confidential Computing is a cloud computing technology that stores sensitive data in an isolated CPU enclave during processing. That secure cyberspace accepts a cryptographically signed demonstration that the hardware and firmware are properly configured to prevent unauthorized access or change of its data or application code. Thus, Confidential Computing may protect data in use while also maintaining data and code privacy and integrity.

How Does Confidential Computing Work?

Before an application can process data, it must be unencrypted in memory. As a result, cloud data is susceptible to being attacked throughout the entire data lifecycle. Fortunately, Confidential Computing will carry out the following main steps to avoid this crisis:

  • 1. Check the firmware: The processor checks the correctness of the firmware, ensuring that the chip may begin operation with a safe, measured boot.

  • 2. Build a TEE: The processor establishes a trusted execution environment (TEE) separate from the rest of the system in which the user's application runs.

  • 3. Receive and send data: The app loads encrypted data into the TEE, decrypts it, executes the user's program, encrypts the resultant data, and sends it.

So, the cloud server or machine owner was never able to examine or modify the user's code or data.

How Can Confidential Computing Maximize Data Protection?

Confidential Computing Secures Data Across the Entire Lifecycle

For a long time, computer systems have used encryption technologies to protect data in transit across a network and when stored at rest on drives or non-volatile memory chips. However, the absence of a viable method for performing computations on encrypted data posed a substantial risk for users, potentially exposing their data to unauthorized access, alteration, or theft while in run within a processor or main memory.

Confidential Computing allows systems to cover all three legs of the data-lifecycle stool, ensuring that cloud data is never exposed.

Confidential Computing Prioritizes Data Protection from Cloud Providers

Traditionally, computer security focused mostly on securing data on user-owned computers. In this case, it is acceptable for system software to access the user's data and code.

With the rise of cloud and edge computing, customers are increasingly running their workloads on machines they don't host. So Confidential Computing changes the emphasis to securing users' data from anyone who controls the system. With confidential computing, work is still managed by software operating in the cloud or on an edge computer. However, it cannot read or modify data in the user-allocated memory.

The Confidential Computing Use Cases

Confidential Computing facilitates data sharing between separate organizations, supporting previously challenging or impractical use cases and benefiting a wide range of businesses. The main cases are as follows:

  • Professional clinical knowledge sharing: Hospitals can now securely use federated learning, which allows them to capture professional clinical knowledge from all around the world in a single AI model.

  • Transactional data sharing: Financial institutions could collaborate on anti-money laundering efforts by forming a governance network to share transactional data.

  • Edge personal information protecting: Everyone on the network's edge can secure personal information in places where physical access to the computer is possible.

  • Intellectual property protecting: Software vendors can deliver goods containing AI models and proprietary algorithms while protecting their intellectual property.

How Does Confidential Computing Develope?

Confidential Computing has evolved from a conceptual idea to a concrete technological framework. This evolution has propelled Confidential Computing into a critical component of cybersecurity, offering enhanced protection for sensitive data across cloud and edge environments. The following two events demonstrate the rapid development of Confidential Computing implementation:

SEV-SNP Launched By AMD

At the CPU level, AMD has launched Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). This development broadens the process-level protection found in Intel SGX to include complete virtual machines, allowing customers to seamlessly adopt Confidential Computing without demanding program rewriting.

VM-style Confidential Computing

At the GPU level, NVIDIA's Hopper architecture GPUs will provide GPU acceleration for VM-style confidential computing. The H100 Tensor Core GPUs provide Confidential Computing across a wide range of AI and high-performance computing applications, giving consumers of these security services faster processing capabilities.

The Future of Confidential Computing

With the increasing demand for both AI capabilities and heightened privacy measures, leveraging all components within the contemporary privacy toolkit will be essential for success. Industry guidelines and standards will emerge and undergo development concerning various facets of confidential computing. Despite being a relatively recent addition to privacy tools, the potent ability of Confidential Computing to safeguard code and data, coupled with its assurance of confidentiality, renders it formidable.

Tags

You might be interested in

Knowledge
See profile for Moris.
 Moris
Layer 2 vs Layer 3 Switch: Which One Do You Need?
Oct 6, 2021
563.6k
Knowledge
See profile for John.
 John
Fiber Optic Cable Types: Single Mode vs Multimode Fiber Cable
May 10, 2022
875.5k
Knowledge
See profile for Sheldon.
 Sheldon
Running 10GBASE-T Over Cat6 vs Cat6a vs Cat7 Cabling?
Mar 18, 2024
430.0k
Knowledge
See profile for Sheldon.
 Sheldon
Decoding OLT, ONU, ONT, and ODN in PON Network
Mar 14, 2023
386.1k
Story
See profile for Jason Paul.
 Jason Paul
Server re-rack is complete! Thanks to Primespec Inc and FS.com for the great customer service, and a
Jul 29, 2021
17.1k
Knowledge
See profile for Irving.
 Irving
What's the Difference? Hub vs Switch vs Router
Dec 17, 2021
367.5k
Knowledge
See profile for Sheldon.
 Sheldon
What Is SFP Port of Gigabit Switch?
Jan 6, 2023
335.5k
Knowledge
See profile for Migelle.
 Migelle
PoE vs PoE+ vs PoE++ Switch: How to Choose?
Mar 16, 2023
420.5k
Knowledge
See profile for Jason.
 Jason
The Advantages and Disadvantages of Fiber Optic Transmission
Sep 29, 2021
122.1k
Knowledge
See profile for Sheldon.
 Sheldon
Fiber Optic Cable vs Twisted Pair Cable vs Coaxial Cable
Dec 22, 2021
267.9k
Knowledge
See profile for Sheldon.
 Sheldon
TCP/IP vs. OSI: What’s the Difference Between the Two Models?
Sep 29, 2021
272.7k
Knowledge
See profile for Moris.
 Moris
How Much Do You Know About Power Cord Types?
Sep 29, 2021
294.6k
News Letter
Videos
FS Same Day Shipping Ensures Your Business Success
01:28
Nov 20, 2023
652
FS Same Day Shipping Ensures Your Business Success
Recent Trend
Cloud-based Networks Grow with Your Business

Cloud-based Networks Grow with Your Business

Anchor Your Hybrid Cloud Networking Strategy

Anchor Your Hybrid Cloud Networking Strategy

Hot Tags
Popular
FS.com About FS FS APP Contact Privacy Terms