피드 구독

The Linux Foundation recently formed the Confidential Computing Consortium, a community dedicated to defining and accelerating the adoption of confidential computing. Red Hat and other organizations deeply interested in breathing life into confidential computing solutions are coming together to advance the capabilities of secure computing through the use of Trusted Execution Environments (TEEs).

In a typical computing environment, whether located in our datacenter, the cloud, or a hybrid of the two, our computational workloads are (at a very high level) served by a triad of physical equipment running software to provide compute, networking and storage.

As stored data is needed, it is delivered over a network to our application workloads running on servers. To help protect this flow of information over the network, tools and techniques like Transport Layer Security (TLS), point-to-point encryption and virtual private networks (VPNs) were created to deliver confidentiality and encryption in transit. To provide safety for the data at rest, we use techniques such as full disk encryption. These tools and techniques added greater security to networks and storage, but leave applications, servers, workloads and hardware exposed for exploitation within the central processing unit (CPU).

To advance securing data in use, participating members of the Consortium are working to heighten security and privacy for data in use. TEEs are a way of doing this, by creating an isolated execution environment that provides application execution integrity and confidentiality of assets. Red Hat is contributing an open source project called Enarx, a system designed to simplify running applications within TEEs while offering high levels of trust and confidentiality.

First announced at Red Hat Summit, Enarx is a project designed to enable hardware independence for applications running in TEEs. Because security is so important to all of us, and especially our customers, we are creating a project that aims to make it easier for developers to more securely deploy applications on a broad range of processor platforms in a hybrid multi-cloud world. Coupled with encryption for data at rest and data in transit, Enarx is designed to bring encryption to data in use, which secures the execution of applications, algorithms, and protection of data that should be private to all but its owners. Being a Red Hat project, Enarx is an upstream open source community project to which everyone is welcome to contribute. It will provide open source software under the Apache License 2.0 to provide a simple and flexible framework to deploy applications into TEEs on any supported platform without the need for recompilation, having to choose an obscure language or write to a particular SDK.

Enarx uniquely brings to the Consortium a hardware-agnostic approach to improve security in computing environments. With its built-in security capabilities, Enarx suppresses vulnerabilities with transparency and addresses many of today’s compliance concerns. To enable Enarx to achieve its goals, it is being mainly programmed in Rust, a programming language focused on performance, reliability, and productivity, which includes protecting memory and threads for computing. With Enarx, you will be able to provide confidentiality to your workloads and abstract the need to trust many layers of the computing stack. By reducing what you need to trust, thereby limiting your risk, you will be able to close the encryption loop by encrypting your data in use.

For most organizations, today’s computing ecosystem is a complex one of multiple platforms, with varied underlying hardware and software provided by various vendors in an ever-changing environment. Red Hat’s vision is to unite this heterogeneous landscape under one open hybrid cloud, helping customers be in control. Enarx contributes to this vision by giving customers the power to use the advanced security capabilities of their hardware while only having to trust a minimal, open source code base, provided by a trusted partner.

To learn more about and contribute to Enarx, visit https://enarx.io.


저자 소개

Ben is a Principal Product Marketing Manager for Emerging Security and Risk Technologies at Red Hat, driving thought leadership, looking at emerging technologies, and curating C-level messaging, positioning, and stories. Ben has more than 15 years of security experience in roles ranging from Network & Security Engineer to Product Manager and Product Marketing Manager at RSA, Cisco, Arbor Networks (Netscout), and Pulse Secure (spin-out from Juniper). In these roles, he has delivered presentations at various conferences including Cisco Live training and webinars. Ben earned his Engineering degree from Worcester Polytechnic Institute and MBA from Rice University.

Read full bio
UI_Icon-Red_Hat-Close-A-Black-RGB

채널별 검색

automation icon

오토메이션

기술, 팀, 인프라를 위한 IT 자동화 최신 동향

AI icon

인공지능

고객이 어디서나 AI 워크로드를 실행할 수 있도록 지원하는 플랫폼 업데이트

open hybrid cloud icon

오픈 하이브리드 클라우드

하이브리드 클라우드로 더욱 유연한 미래를 구축하는 방법을 알아보세요

security icon

보안

환경과 기술 전반에 걸쳐 리스크를 감소하는 방법에 대한 최신 정보

edge icon

엣지 컴퓨팅

엣지에서의 운영을 단순화하는 플랫폼 업데이트

Infrastructure icon

인프라

세계적으로 인정받은 기업용 Linux 플랫폼에 대한 최신 정보

application development icon

애플리케이션

복잡한 애플리케이션에 대한 솔루션 더 보기

Original series icon

오리지널 쇼

엔터프라이즈 기술 분야의 제작자와 리더가 전하는 흥미로운 스토리