Skip to main content

4 posts tagged with "Paper"

View All Tags

The Linux Foundation, the nonprofit organization enabling mass innovation through open source, along with the Confidential Computing Consortium today released findings from a market study by Everest Group which shows the Confidential Computing market is projected to grow at a CAGR of 90%-95% to reach US$ 54 billion in 2026.

Source: Confidential Computing Consortium


As an emerging technique for confidential computing, trusted execution environment (TEE) receives a lot of attention. To better develop, deploy, and run secure applications on a TEE platform such as Intel's SGX, both academic and industrial teams have devoted much effort to developing reliable and convenient TEE containers. In this paper, we studied the isolation strategies of 15 existing TEE containers to protect secure applications from potentially malicious operating systems (OS) or untrusted applications, using a semi-automatic approach combining a feedback-guided analyzer with manual code review. Our analysis reveals the isolation protection each of these TEE containers enforces, and their security weaknesses. We observe that none of the existing TEE containers can fulfill the goal they set, due to various pitfalls in their design and implementation. We report the lessons learnt from our study for guiding the development of more secure containers, and further discuss thetrend of TEE container designs. We also release our analyzer that helps evaluate the container middleware both from the enclave and from the kernel.



Recently, Confidential computing plays an important role in next-generation cloud technology along with the development of trusted execution environments(TEEs), as it guarantees the trustworthiness of applications despite of untrusted nature of the cloud. Both academia and industry have actively proposed commercialized confidential computing solutions based on Intel SGX technology. However, the lack of clear criteria makes developers difficult to select a proper confidential computing framework among the possible options when implementing TEE-based cloud applications. In this paper, we derive baseline metrics that help to clarify the pros and cons of each framework through in-depth comparative analysis against existing confidential computing frameworks. Based on the comparison, we propose criteria to application developers for effectively selecting an appropriate confidential computing framework according to the design purpose of TEE-based applications.

Source: Journal of the Korea Institute of Information Security & Cryptology


91% of Enterprises say Confidential Computing Improves Innovation. Securing third-party data has never been more critical for enterprises around the world. With rising cybersecurity concerns, a business’s ability to innovate and grow successfully can be tied closely to its ability to safeguard confidential data and meet legal mandates like GDPR. Arm and Pulse surveyed 250 enterprise IT, engineering, and security executives to find out how they’re protecting third-party data today, what their confidence is in current processes, and how they think confidential computing could improve their security position.

Source: Arm / Pulse