The Linux Foundation recently formed the Confidential Computing Consortium, a community dedicated to defining and accelerating the adoption of confidential computing. Red Hat and other organizations deeply interested in breathing life into confidential computing solutions are coming together to advance the capabilities of secure computing through the use of Trusted Execution Environments (TEEs).
In a typical computing environment, whether located in our datacenter, the cloud, or a hybrid of the two, our computational workloads are (at a very high level) served by a triad of physical equipment running software to provide compute, networking and storage.
As stored data is needed, it is delivered over a network to our application workloads running on servers. To help protect this flow of information over the network, tools and techniques like Transport Layer Security (TLS), point-to-point encryption and virtual private networks (VPNs) were created to deliver confidentiality and encryption in transit. To provide safety for the data at rest, we use techniques such as full disk encryption. These tools and techniques added greater security to networks and storage, but leave applications, servers, workloads and hardware exposed for exploitation within the central processing unit (CPU).
To advance securing data in use, participating members of the Consortium are working to heighten security and privacy for data in use. TEEs are a way of doing this, by creating an isolated execution environment that provides application execution integrity and confidentiality of assets. Red Hat is contributing an open source project called Enarx, a system designed to simplify running applications within TEEs while offering high levels of trust and confidentiality.
First announced at Red Hat Summit, Enarx is a project designed to enable hardware independence for applications running in TEEs. Because security is so important to all of us, and especially our customers, we are creating a project that aims to make it easier for developers to more securely deploy applications on a broad range of processor platforms in a hybrid multi-cloud world. Coupled with encryption for data at rest and data in transit, Enarx is designed to bring encryption to data in use, which secures the execution of applications, algorithms, and protection of data that should be private to all but its owners. Being a Red Hat project, Enarx is an upstream open source community project to which everyone is welcome to contribute. It will provide open source software under the Apache License 2.0 to provide a simple and flexible framework to deploy applications into TEEs on any supported platform without the need for recompilation, having to choose an obscure language or write to a particular SDK.
Enarx uniquely brings to the Consortium a hardware-agnostic approach to improve security in computing environments. With its built-in security capabilities, Enarx suppresses vulnerabilities with transparency and addresses many of today’s compliance concerns. To enable Enarx to achieve its goals, it is being mainly programmed in Rust, a programming language focused on performance, reliability, and productivity, which includes protecting memory and threads for computing. With Enarx, you will be able to provide confidentiality to your workloads and abstract the need to trust many layers of the computing stack. By reducing what you need to trust, thereby limiting your risk, you will be able to close the encryption loop by encrypting your data in use.
For most organizations, today’s computing ecosystem is a complex one of multiple platforms, with varied underlying hardware and software provided by various vendors in an ever-changing environment. Red Hat’s vision is to unite this heterogeneous landscape under one open hybrid cloud, helping customers be in control. Enarx contributes to this vision by giving customers the power to use the advanced security capabilities of their hardware while only having to trust a minimal, open source code base, provided by a trusted partner.
To learn more about and contribute to Enarx, visit https://enarx.io.
저자 소개
Ben is a Principal Product Marketing Manager for Emerging Security and Risk Technologies at Red Hat, driving thought leadership, looking at emerging technologies, and curating C-level messaging, positioning, and stories. Ben has more than 15 years of security experience in roles ranging from Network & Security Engineer to Product Manager and Product Marketing Manager at RSA, Cisco, Arbor Networks (Netscout), and Pulse Secure (spin-out from Juniper). In these roles, he has delivered presentations at various conferences including Cisco Live training and webinars. Ben earned his Engineering degree from Worcester Polytechnic Institute and MBA from Rice University.
유사한 검색 결과
채널별 검색
오토메이션
기술, 팀, 인프라를 위한 IT 자동화 최신 동향
인공지능
고객이 어디서나 AI 워크로드를 실행할 수 있도록 지원하는 플랫폼 업데이트
오픈 하이브리드 클라우드
하이브리드 클라우드로 더욱 유연한 미래를 구축하는 방법을 알아보세요
보안
환경과 기술 전반에 걸쳐 리스크를 감소하는 방법에 대한 최신 정보
엣지 컴퓨팅
엣지에서의 운영을 단순화하는 플랫폼 업데이트
인프라
세계적으로 인정받은 기업용 Linux 플랫폼에 대한 최신 정보
애플리케이션
복잡한 애플리케이션에 대한 솔루션 더 보기
오리지널 쇼
엔터프라이즈 기술 분야의 제작자와 리더가 전하는 흥미로운 스토리
제품
- Red Hat Enterprise Linux
- Red Hat OpenShift Enterprise
- Red Hat Ansible Automation Platform
- 클라우드 서비스
- 모든 제품 보기
툴
체험, 구매 & 영업
커뮤니케이션
Red Hat 소개
Red Hat은 Linux, 클라우드, 컨테이너, 쿠버네티스 등을 포함한 글로벌 엔터프라이즈 오픈소스 솔루션 공급업체입니다. Red Hat은 코어 데이터센터에서 네트워크 엣지에 이르기까지 다양한 플랫폼과 환경에서 기업의 업무 편의성을 높여 주는 강화된 기능의 솔루션을 제공합니다.