A raft of big technology firms is backing a new Linux Foundation-led initiative that aims to promote the concept of “confidential computing,” or encrypting data while it’s in use.

The Foundation said in a statement that the new Confidential Computing Consortium will focus on standardizing methods to ensure that data can be encrypted as it’s being processed in memory, without exposing to other parts of the computer system. The idea is to “reduce exposure for sensitive data and provide greater control and transparency for users,” it said in a statement.

Data in use, as it’s known, is a weak point in the data encryption landscape. Processes for encrypting data at rest and data in transit already exist and have been widely implemented across the technology industry, but there isn’t any reliable way for companies to protect their information as it’s being processed, and that’s what the new consortium is hoping to address.

The term “confidential computing” was coined by Microsoft Corp., which is one of the main backers and founding members of the consortium. Other members include Alibaba Group Holding Ltd., Arm Ltd., Baidu Inc., Google Cloud, IBM Corp., Intel Corp., Red Hat Inc., and Tencent Holdings Ltd.

The companies are pinning their hopes on an open-source framework called the Open Enclave Software Development Kit, which was first developed by Microsoft and is used to build what are called “Trusted Execution Environment applications” that can run on many types of computer architectures.

Open Enclave is still under development, but progress on this should be fairly fast as the Trusted Execution Environment is already a thing. It refers to a secure area of a computer chip that encrypts the data and code loaded inside it, meaning that other parts of the processor cannot access this information. In other words, TEE’s provide an isolated execution environment for protecting data in use, and the Open Enclave SDK is envisaged as a common framework for building apps that can take advantage of them.

“The Open Enclave SDK is already a popular tool for developers working on Trusted Execution Environments, one of the most promising areas for protecting data in use,” Mark Russinovich, chief technical officer at Microsoft, said in a statement. “We hope this contribution to the Consortium can put the tools in even more developers’ hands and accelerate the development and adoption of applications that will improve trust and security across cloud and edge computing.”

Constellation Research Inc. analyst Holger Mueller welcomed the confidential computing initiative, saying security and privacy are essential for cloud-based next-generation applications.

“Developers do not want to maintain code for different security mechanisms such as trusted enclaves in this case, so it’s good to see the Linux Foundation championing a working group that offers support across software, cloud infrastructures and hardware,” Mueller said. “And executives will welcome anything that enables them to focus more on the actual capabilities of their apps, rather than the necessary plumbing.”

The consortium will also work on other, so far unannounced open-source technologies and tools to enable confidential computing. The exact structure of the consortium is yet to be finalized, but it will be headed up by a Governing Board and a Technical Advisory Council, with separate technical oversight committees for each project it leads.

Image: typographyimages/Pixabay