IBM Cloud Data Shield Brings Confidential Computing to Public Cloud
The National Law Review
IBM today announced the general availability of IBM Cloud Data Shield, a service built to better protect business applications while information is at rest, in transit, and in use. The platform, developed in a partnership with Fortanix, relies on confidential computing, a technology gaining traction as more organizations seek new ways to secure their sensitive data in the cloud.
Cloud Data Shield, which went into beta in late February, contains Fortanix's Runtime Encryption platform and Intel Software Guard Extensions technology. The combination enables "confidential computing," a term used to describe the protection of data in use by performing processes in a hardware-based trusted execution environment (TEE). A TEE ensures that only authorized code can execute in an environment and that external forces can't tamper with it.
Modern approaches to cloud security address data at rest, when it's on a hard drive or in a storage system, and in transit, when it's moving between locations. Few secure data when it's in use by an application and exposed in memory. Data must be ...