Автор: Vicente Garcia Diaz, Gloria Jeanette Rincón Aponte
Издательство: Springer
Год: 2022
Страниц: 216
Язык: английский
Формат: pdf (true)
Размер: 10.1 MB
Confidential computing is a cloud computing technology that isolates sensitive data during processing in a protected CPU enclave. The contents of the enclave—the data being processed and the techniques used to process it—are visible and unknown to anyone or anything else, including the cloud provider. As business leaders increasingly rely on public and hybrid cloud services, data privacy in the cloud is critical. The primary goal of confidential computing is to give leaders greater assurance that their data in the cloud is safe and secure and to encourage them to move more of their sensitive data and computing workloads to public cloud services.
This book highlights the three pillars of data security, viz. protecting data at rest, in transit, and in use. Protecting data at rest means using methods such as encryption or tokenization so that even if data is copied from a server or database an intruder cannot access the information. Protecting data in transit means making sure unauthorized parties cannot see information as it moves between servers and applications. There are well-established ways to provide both kinds of protection. Protecting data while in use, though, is especially tough because applications need to have data in the clear—not encrypted or otherwise protected—in order to compute. But that means malware can dump the contents of memory to steal information. It does not really matter if the data was encrypted on a server’s hard drive if it is stolen while exposed in memory.
As computing moves to span multiple environments—from on-premises to public cloud to edge—organizations need protection controls that help safeguard sensitive IP and workload data wherever the data resides. Many organizations have declined to migrate some of their most sensitive applications to the cloud because of concerns about potential data exposure.
Confidential computing makes it possible for different organizations to combine data sets for analysis without accessing each other’s data. The book consists of 22 chapters, arranged on the basis of their approaches and contributions to the book and theme. The chapters of this textbook present key algorithms and theories that form the core of the technologies and applications concerned, consisting mainly of secure enclave technologies, adopting cloud computing, rise of confidential computing, confidentiality of data, components of a confidential computing architecture, confidential computing matters, IBM Cloud Data Shield vs. Microsoft Azure Confidential Computing, isolating the software and data from the underlying infrastructure, hardware-level encryption, public clouds, secure and private analytics, blockchain, paradigm shift for data security in the cloud, benefits of confidential computing.
Скачать Confidential Computing: Hardware based Memory Protection