Skip to main content

15 posts tagged with "Article"

View All Tags

Although WebAssembly brings languages other than HTML, CSS and JavaScript to the browser, it’s not a JavaScript replacement and it takes a very different approach from Flash, Active X plugins and other techniques that encapsulated non-web code for browsers. Think of it as a small, fast, efficient and very secure, stack-based virtual machine that doesn’t care what CPU or OS it runs on, that’s designed to execute portable bytecode — compiled from code originally written in C, C++, Rust, Python or Ruby — at near-native speed. WebAssembly doesn’t only run in the browser: It started on the client, but is proving very useful on the server.

Source: The New Stack


As computing moves to span multiple environments—from on-prem to public cloud to edge computing—organizations need security controls that can safeguard sensitive intellectual property (IP) and workload data wherever the data resides. Highly regulated applications and mission critical applications need data protection through all its modalities—at-rest, in-transit and in-use, for companies to migrate the data to the cloud where there is a lack of control and visibility in a multitenant environment. As an industry we have generally figured out how to protect data at-rest, and, in-transit. Confidential Computing (CC) is an emerging industry paradigm focused on securing the data in-use.

Source: Intel IT Peer Network


Privacy and Confidential Computing Gains Momentum. Another approach to shoring up cybersecurity, particularly when addressing communications and data privacy, is confidential computing. The idea of confidential computing is to encrypt the entire computing process, not just the data, creating additional layers of security around sensitive information. Google, Microsoft, IBM, Alibaba, and VMware are helping develop new protocols and best practices by way of the Confidential Computing Consortium. The tech is still in a state of relative infancy, but we should begin to see confidential computing slide into the mainstream in 2021.

Source: Forbes


Confidential computing — one of 33 technologies on the Gartner Hype Cycle for Cloud Security, 2020 — is a security mechanism that protects code and data from the host system. By making critical information invisible to third parties, including the host, it potentially removes the remaining barrier to cloud adoption for highly regulated businesses in the financial services, insurance and healthcare sectors.

Source: Gartner Hype Cycle for Cloud Security, 2020


I believe that cloud computing will increasingly shift to private, encrypted services where users can be confident that their software and data are not being exposed to cloud providers or unauthorized actors inside their own organizations. This approach will foster innovation, allowing organizations to adopt the latest cloud technologies and alleviate concerns when it comes to data privacy and compliance. When organizations, especially those in regulated industries, are ready to move workloads to the cloud, one of the biggest challenges is how to process sensitive data while still keeping it private. However, when data is being processed, there hasn't been an easy solution to keep it encrypted. Now there is. Confidential Computing is a breakthrough technology that encrypts data in use, while it is being processed.

Source: Dark Reading


Mike Bursell

Over the past few years, it's become difficult to find a website that is just "http://…" This is because the industry has finally realised that security on the web is "a thing," and also because it has become easy for both servers and clients to set up and use HTTPS connections. A similar shift may be on its way in computing across cloud, edge, Internet of Things, blockchain, artificial intelligence, machine learning, and beyond. We've known for a long time that we should encrypt data at rest (in storage) and in transit (on the network), but encrypting it in use (while processing) has been difficult and expensive. Confidential computing—providing this type of protection for data and algorithms in use using hardware capabilities such as trusted execution environments (TEEs)—protects data on hosted systems or vulnerable environments.