464:(FHE) is a form of encryption that permits users to perform computations on encrypted data without first decrypting it. Confidential computing, in contrast, transfers encrypted data inside a hardware-enforced, access-controlled TEE in the processor and memory, decrypts the data, and performs the required computations. Data may be re-encrypted before exiting the TEE. Compared to each other, FHE performance can suffer from higher computational overhead than confidential computing and require extensive application-specific coding but is less susceptible to side-channel attacks since data is never decrypted. Several researchers have described use cases where confidential computing TEEs and FHE work together to mitigate shortcomings of the technologies acting individually.
197:
475:(SMPC) is a privacy-preserving technology that allows multiple parties to jointly compute a task using distributed algorithms while keeping each party's data private from the others. Confidential computing can also be used for privacy-preserving multi-party collaboration. Compared to each other, distributed computing with SMPC can be more expensive in terms of computation and network bandwidth, but less susceptible to side-channel attacks since no party ever holds the complete data set.
432:"Confidential Remote Computing" (CRC) paradigm, reverts confidential computing to original design principles of TEEs and advocate for small enclaves, running in available end-users computers. CRC adds practices and templates for multiple stakeholders, such as different data owners, hardware owners and algorithm owners. CRC extends the broad notion of confidential computing by adding practices and methodologies for individual use.
491:
protocols. However, Trusted
Computing targets a different set of threat models and large variety of platforms (e.g., phones, laptops, servers, network equipment); confidential computing addresses attack vectors that target confidentiality and integrity of code and data in use, notably through the use of Trusted Execution Environments and memory encryption.
117:, individual application, or compute functions. Typically, data in use in a computer's compute components and memory exists in a decrypted state and can be vulnerable to examination or tampering by unauthorized software or administrators. According to the CCC, confidential computing protects data in use through a minimum of three properties:
389:
may require that sensitive data remain in a specific country or geographic bloc to provide assurance that the data will only be used in compliance with local law. Using confidential computing, only the workload owner holds the encryption keys required to decrypt data for processing inside a verified
293:
Upstream hardware supply-chain attacks: including attacks on the CPU manufacturing process, CPU supply chain in key injection/generation during manufacture. Attacks on components of a host system that are not directly providing the capabilities of the trusted execution environment are also generally
138:
attestation is an essential part of confidential computing. The attestation process assesses the trustworthiness of a system and helps ensure that confidential data is released to a TEE only after it presents verifiable evidence that it is genuine and operating with an acceptable security posture.
334:
of data and code from the infrastructure provider, unauthorized or malicious software and system administrators, and other cloud tenants, which may be a concern for organizations seeking control over sensitive or regulated data. The additional security capabilities offered by confidential computing
490:
that aim to establish trust in computing systems by using standardized hardware-based mechanisms like the
Trusted Platform Module (TPM). From a technical perspective, Trusted Computing and confidential computing rely on similar security concepts, such as trust architecture and remote attestation
143:
to execute attestation routines in a secure environment". Without attestation, a compromised system could deceive others into trusting it, claim it is running certain software in a TEE, and potentially compromise the confidentiality or integrity of the data being processed or the integrity of the
691:
Application software is required to enable most confidential computing use cases. Providers of confidential computing software applications include Anjuna, CanaryBit, Cosmian, CYSEC, Decentriq, Edgeless
Systems, Enclaive, Fortanix, IBM Hyper Protect Services, Mithril Security, Oblivious, Opaque
351:
Oxford
University researchers proposed the alternative paradigm called "Confidential Remote Computing" (CRC), which supports confidential operations in Trusted Execution Environments across endpoint computers considering multiple stakeholders as mutually distrustful data, algorithm and hardware
343:
Confidential computing can enable multiple parties to engage in joint analysis using confidential or regulated data inside a TEE while preserving privacy and regulatory compliance. In this case, all parties benefit from the shared analysis, but no party's sensitive data or confidential code is
104:
Trusted execution environments (TEEs) "prevent unauthorized access or modification of applications and data while they are in use, thereby increasing the security level of organizations that manage sensitive and regulated data". Trusted execution environments can be instantiated on a computer's
139:
It allows the verifying party to assess the trustworthiness of a confidential computing environment through an "authentic, accurate, and timely report about the software and data state" of that environment. "Hardware-based attestation schemes rely on a trusted hardware component and associated
188:
Virtual machine isolation removes the elements controlled by the computer infrastructure or cloud provider, but allows potential data access by elements inside a virtual machine running on the infrastructure. Application or process isolation permits data access only by authorized software
157:, defines which elements have the potential to access confidential data, whether they are acting benignly or maliciously. Confidential computing implementations enforce the defined trust boundary at a specific level of data isolation. The three main types of confidential computing are:
2271:
Wang, Wenhao; Jiang, Yichen; Shen, Qintao; Huang, Weihao; Chen, Hao; Wang, Shuang; Wang, XiaoFeng; Tang, Haixu; Chen, Kai; Lauter, Kristin; Lin, Dongdai (2019-05-19). "Toward
Scalable Fully Homomorphic Encryption Through Light Trusted Computing Assistance".
435:
None of the major microprocessor or GPU providers offer
Confidential computing hardware in devices for personal computers anymore, which limits use cases only to server-class platforms. Intel SGX was introduced for PCs in 6th Generation Intel Core
360:
Confidential computing assists in data protection and regulatory compliance by limiting which software and people may access regulated data, as well as providing greater assurance of data and code integrity. In addition, TEEs can assist with
87:
Confidential computing is promoted by the
Confidential Computing Consortium (CCC) industry group, whose membership includes major providers of the technology. In academia, Dr Küçük released Confidential Remote Computing (CRC) to
240:
Protocol attacks: including "attacks on protocols associated with attestation as well as workload and data transport". This includes vulnerabilities in the "provisioning or placement of the workload" or data that could cause a
256:". The CCC notes several caveats in this threat vector, including relative difficulty of upgrading cryptographic algorithms in hardware and recommendations that software and firmware be kept up-to-date. A multi-faceted,
768:
Intel deprecated Intel SGX on Intel Core-branded PC processors after 10th Gen and on Xeon E one-socket server processors after the 2300 series. It continues to be offered on Xeon
Scalable and Xeon D-branded server
429:, Germany called it, "imprecise, incomplete and even conflicting." Researchers have made recommendations to make it more detailed and exact to facilitate research and comparisons with other security technologies.
393:
Additional use cases for confidential computing include blockchain applications with enhanced record privacy and code integrity, privacy-preserving advertising technology, confidential databases and more.
152:
Technical approaches to confidential computing may vary in which software, infrastructure and administrator elements are allowed to access confidential data. The "trust boundary," which circumscribes a
2910:
344:
exposed to the other parties or system host. Examples include multiple healthcare organizations contributing data to medical research, or multiple banks collaborating to identify financial fraud or
3221:
390:
TEE. This provides a technological safeguard that reduces the risk of data being exfiltrated and processed in plaintext in other countries or jurisdictions without the workload owner's consent.
318:
Confidential computing can be deployed in the public cloud, on-premise data centers, or distributed "edge" locations, including network nodes, branch offices, industrial systems and others.
452:
Confidential computing is often compared to other security or privacy-enhancing technologies, including fully homomorphic encryption, secure multi-party computing and trusted computing.
1102:
72:, and the technology can be deployed in on-premise data centers, edge locations, or the public cloud. It is often compared with other privacy-enhancing computational techniques such as
290:
Sophisticated physical attacks: including physical attacks that "require long-term and/or invasive access to hardware" such as chip scraping techniques and electron microscope probes.
60:(TEE). Confidential data is released to the TEE only once it is assessed to be trustworthy. Different types of confidential computing define the level of data isolation used, whether
1339:
49:
respectively. It is designed to address software, protocol, cryptographic, and basic physical and supply-chain attacks, although some critics have demonstrated architectural and
1892:
700:
Confidential computing is supported by an advocacy and technical collaboration group called the
Confidential Computing Consortium. The CCC was formed in 2019 under the
499:
Confidential computing use cases require a combination of hardware and software, often delivered in conjunction with cloud service providers or server manufacturers.
3075:
3010:
2835:
3121:
752:. The CCC states its efforts are "focused on projects securing data in use and accelerating the adoption of confidential computing through open collaboration."
1917:
2985:
2128:
van Schaik, Stephan; Seto, Alex; Yurek, Thomas; Batori, Adam; AlBassam, Bader; Garman, Christina; Genkin, Daniel; Miller, Andrew; Ronen, Eyal; Yarom, Yuval.
3036:
1265:
Russinovich, Mark; Costa, Manuel; Fournet, Cédric; Chisnall, David; Delignat-Lavaud, Antoine; Clebsch, Sylvan; Vaswani, Kapil; Bhatia, Vikas (2021-03-09).
1216:
Russinovich, Mark; Costa, Manuel; Fournet, Cédric; Chisnall, David; Delignat-Lavaud, Antoine; Clebsch, Sylvan; Vaswani, Kapil; Bhatia, Vikas (2021-05-24).
1393:
969:
2104:
1629:
Law, Andrew; Leung, Chester; Poddar, Rishabh; Popa, Raluca Ada; Shi, Chenyu; Sima, Octavian; Yu, Chaofan; Zhang, Xingmeng; Zheng, Wenting (2020-11-09).
297:
Availability attacks: confidential computing is designed to protect the confidentiality and integrity of protected data and code. It does not address
2534:
1816:
366:
2198:
2678:
3169:
2388:
2088:
2009:
1962:
1869:
1743:
1695:
1650:
1580:
1485:
1192:
1147:
867:
418:, as well as specifically Æpic and SGAxe against Intel SGX, and CIPHERLEAKS against AMD SEV-SNP. Update mechanisms in the hardware, such as
2810:
193:
or modules within a larger application, blocking access by any other system element, including unauthorized code in the larger application.
1817:"IT Security Act (Germany) and EU General Data Protection Regulation: Guideline 'state of the art' - Technical and organisational measures"
3243:
2653:
1340:"Understanding Confidential Computing with Trusted Execution Environments and Trusted Computing Base models | Dell Technologies Info Hub"
3095:
2509:
369:(ENISA) classifies confidential computing as a "State of the Art" technology with respect to protecting data under the European Union's
252:
due to a number of factors, including mathematical breakthroughs, availability of computing power and new computing approaches such as
1510:
1067:
370:
93:
2247:
1438:
2960:
2437:
1840:
Schmidt, Kaja; Munilla
Garrido, Gonzalo; Mühle, Alexander; Meinel, Christoph (2022). Katsikas, Sokratis; Furnell, Steven (eds.).
274:
Basic upstream supply-chain attacks: including attacks that would compromise TEEs through changes such as added debugging ports.
2727:
Andersch, Michael; Palmer, Greg; Krashinsky, Ronny; Stam, Nick; Mehta, Vishal; Brito, Gonzalo; Ramaswamy, Sridhar (2022-03-22).
2487:
1788:
1561:"Confidential Computing as an Attempt to Secure Service Provider's Confidential Client Data in a Multi-Tenant Cloud Environment"
2026:
426:
177:
69:
472:
77:
34:
2911:"Deeptech Cosmian Raises €4.2m to Accelerate the Deployment of Its Privacy-by-default Solutions Using Advanced Cryptography"
896:"The rise of confidential computing: Big tech companies are adopting a new security model to protect data while it's in use"
196:
2861:
2553:
2703:
2628:
2578:
306:
278:
The degree and mechanism of protection against these threats varies with specific confidential computing implementations.
57:
213:
can be addressed by this technique. Other types of attacks are better addressed by other privacy-enhancing technologies.
1318:
257:
73:
1846:. Trust, Privacy and Security in Digital Business. Vol. 13582. Springer International Publishing. pp. 50–65.
817:
425:
The definition of confidential computing itself has also been criticized by some academic researchers. Scholars at the
1014:
437:
2885:
1177:
2022 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks - Supplemental Volume (DSN-S)
2177:
Küçük, Kubilay Ahmet; Martin, Andrew (December 2020). "CRC: Fully General Model of Confidential Remote Computing".
791:
1843:
Mitigating Sovereign Data Exchange Challenges: A Mapping to Apply Privacy- and Authenticity-Enhancing Technologies
589:
365:
by providing evidence of steps taken to mitigate risks and demonstrate that these were appropriate. In 2021, the
1767:
Küçük, Kubilay Ahmet; Martin, Andrew (2023-04-16). "CRC: Fully General Model of Confidential Remote Computing".
1267:"Toward Confidential Cloud Computing: Extending hardware-enforced cryptographic protection to data while in use"
3285:
659:
Confidential computing technology and services can be accessed via public cloud computing providers, including
110:
89:
2076:
1126:
Mulligan, Dominic P.; Petri, Gustavo; Spinale, Nick; Stockwell, Gareth; Vincent, Hugo J. M. (September 2021).
189:
applications or processes. Function or library isolation is designed to permit data access only by authorized
3222:"Confidential Computing Consortium Establishes Formation with Founding Members and Open Governance Structure"
2758:
615:
487:
106:
522:
461:
419:
154:
2783:
2728:
943:
2293:
Coppolino, Luigi; D'Antonio, Salvatore; Formicola, Valerio; Mazzeo, Giovanni; Romano, Luigi (May 2021).
713:
2051:
993:
Poddar, Rishabh; Ananthanarayanan, Ganesh; Setty, Srinath; Volos, Stavros; Popa, Raluca (August 2020).
41:. Confidential computing can be used in conjunction with storage and network encryption, which protect
1604:
2462:
1464:"SoK: Confidential Quartet - Comparison of Platforms for Virtualization-Based Confidential Computing"
167:
65:
1467:
1368:
3060:
2077:"{CIPHERLEAKS}: Breaking Constant-time Cryptography on {AMD} {SEV} via the Ciphertext Side Channel"
403:
181:
171:
113:(GPU). In their various implementations, TEEs can provide different levels of isolation including
50:
1565:
2021 44th International Convention on Information, Communication and Electronic Technology (MIPRO)
2784:"Google Cloud announces Confidential Computing 'breakthrough' that encrypts customer data in-use"
2394:
2324:
2273:
2178:
1995:
1968:
1847:
1768:
1749:
1701:
1656:
1586:
1491:
1444:
1296:
1247:
1198:
1153:
925:
873:
121:
Data confidentiality: "Unauthorized entities cannot view data while it is in use within the TEE".
1535:
1419:"CoCoTPM: Trusted Platform Modules for Virtual Machines in Confidential Computing Environments"
335:
can help accelerate the transition of more sensitive workloads to the cloud or edge locations.
225:
Software attacks: including attacks on the host’s software and firmware. This may include the
130:
Code integrity: "Unauthorized entities cannot add, remove, or alter code executing in the TEE".
2384:
2316:
2084:
2005:
1958:
1918:"Why confidential computing will be critical to (not so distant) future data security efforts"
1865:
1739:
1691:
1674:
Dave, Ankur; Leung, Chester; Popa, Raluca Ada; Gonzalez, Joseph E.; Stoica, Ion (2020-04-15).
1646:
1576:
1481:
1434:
1288:
1239:
1188:
1143:
917:
863:
483:
382:
302:
253:
200:
Note: Specific implementations may eliminate the Virtual Machine Administrator role altogether
127:: "Unauthorized entities cannot add, remove, or alter data while it is in use within the TEE".
81:
2376:
2306:
1950:
1857:
1731:
1683:
1638:
1568:
1473:
1426:
1278:
1229:
1180:
1135:
907:
855:
701:
386:
345:
264:
226:
17:
2986:"Is confidential computing the future of cybersecurity? Edgeless Systems is counting on it"
2679:"Intel Adds TDX to Confidential Computing Portfolio With Launch of 4th Gen Xeon Processors"
2295:"VISE: Combining Intel SGX and Homomorphic Encryption for Cloud Industrial Control Systems"
1469:
2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED)
1042:
852:
2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED)
221:
The following threat vectors are generally considered in scope for confidential computing:
2603:
1418:
848:"SoK: Limitations of Confidential Computing via TEEs for High-Performance Compute Systems"
676:
362:
327:
271:
and plugging attack devices into an existing port, such as a PCI Express slot or USB port.
161:
114:
61:
46:
1943:"Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems"
846:
Akram, Ayaz; Akella, Venkatesh; Peisert, Sean; Lowe-Power, Jason (26–27 September 2022).
3037:"Cybersecurity firm Fortanix secures capital to provide confidential computing services"
2343:
1986:
Lee, Dayeol; Jung, Dongha; Fang, Ian T.; Tsai, Chia-Che; Popa, Raluca Ada (2020-08-12).
1841:
209:
As confidential computing is concerned with the protection of data in use, only certain
2412:
994:
124:
1132:
2021 International Symposium on Secure and Private Execution Environment Design (SEED)
3279:
2328:
2157:
1987:
1705:
1660:
1590:
1572:
1495:
1448:
1300:
1251:
1202:
1157:
929:
877:
709:
705:
660:
542:
3145:
2398:
970:"Confidential computing: hardware-based trusted execution for applications and data"
3122:"Opaque Systems helps enterprises run collaborative analytics on confidential data"
1972:
1753:
1635:
Proceedings of the 2020 Workshop on Privacy-Preserving Machine Learning in Practice
668:
440:) processors in 2015, but deprecated in the 11th Generation Intel Core processors (
402:
Multiple academic and security research groups have demonstrated architectural and
298:
268:
210:
135:
56:
The technology protects data in use by performing computations in a hardware-based
42:
2629:"Intel launches the Xeon E-2100 and teases Cascade Lake Advanced Performance CPUs"
1184:
422:(TCB) recovery, can mitigate side-channel vulnerabilities as they are discovered.
1796:
Draft anonymisation, pseudonymisation and privacy-enhancing technologies guidance
1675:
1630:
1477:
1139:
859:
1861:
664:
441:
38:
2368:
2222:
1942:
1723:
1722:
Liu, Fangfei; Yarom, Yuval; Ge, Qian; Heiser, Gernot; Lee, Ruby B. (May 2015).
1560:
1463:
1172:
1127:
912:
895:
847:
2788:
1893:"Confidential Computing: A Win-Win For Both Data Providers And Data Consumers"
415:
407:
286:
Threats generally defined as out of scope for confidential computing include:
230:
190:
2320:
2075:
Li, Mengyuan; Zhang, Yinqian; Wang, Huibo; Li, Kang; Cheng, Yueqiang (2021).
1559:
Novković, Bojan; Božić, Anita; Golub, Marin; Groš, Stjepan (September 2021).
1292:
1243:
921:
92:
from Oxford University under CC0 license, reviewed by pioneers of the field,
2311:
2294:
1687:
1642:
1430:
1283:
1266:
737:
725:
672:
331:
249:
3076:"Mithril Security Democratizes AI Privacy Thanks To Daniel Quoc Dung Huynh"
2052:"Intel CPUs Vulnerable to New 'SGAxe' and 'CrossTalk' Side-Channel Attacks"
1173:"Understanding Trust Assumptions for Attestation in Confidential Computing"
3096:"Irish confidential computing start-up Oblivious has raised €5.35 million"
1068:"What Is Confidential Computing and Why It's Key To Securing Data in Use?"
2935:
2811:"Why IBM believes Confidential Computing is the future of cloud security"
2654:"Intel launches third-gen Intel Xeon Scalable processor for data centers"
741:
680:
626:
2023 on 4th Gen Intel Xeon Scalable processors via select cloud providers
140:
2510:"Confidential Computing: Arm Builds Secure Enclaves for the Data Center"
1511:"Protecting data on public clouds and edges with confidential computing"
1423:
Proceedings of the 38th Annual Computer Security Applications Conference
2380:
1954:
1735:
745:
729:
528:
AMD Secure Encrypted Virtualization- Secure Nested Paging (AMD SEV-SNP)
411:
406:
against CPU-based TEEs based on a variety of approaches. These include
2129:
602:
2018 on Intel Xeon E 2100 series server processors (later deprecated)
1462:
Guanciale, Roberto; Paladi, Nicolae; Vahidi, Arash (September 2022).
749:
717:
634:
245:
3270:
3197:
3061:"Streamline Fintech Data Management With IBM Hyper Protect Services"
1680:
Proceedings of the Fifteenth European Conference on Computer Systems
1234:
1217:
2836:"Azure confidential computing, AWS aim to better secure cloud data"
2278:
2183:
2027:"ÆPIC Leak: Architectural Bug in Intel CPUs Exposes Protected Data"
2000:
1852:
1773:
2579:"Intel's SGX deprecation impacts DRM and Ultra HD Blu-ray support"
2248:"Secure computation: Homomorphic encryption or hardware enclaves?"
733:
721:
583:
195:
2199:"New Intel chips won't play Blu-ray disks due to SGX deprecation"
2961:"Decentriq raises $ 15M to expand its data clean rooms platform"
234:
2438:"AMD launches third-generation Epyc processors for datacenters"
1992:
Proceedings of the 29th USENIX Conference on Security Symposium
818:"Constellation: The First Confidential Kubernetes Distribution"
2367:
Parno, Bryan; McCune, Jonathan M.; Perrig, Adrian (May 2010).
2344:"Cryptographic Techniques and the Privacy Problems They Solve"
564:
2535:"IBM Bolsters Z Portfolio With New Data Privacy Capabilities"
975:. Confidential Computing Consortium. November 2022. p. 2
3244:"Confidential computing: What is it and why do you need it?"
1988:"An off-chip attack on hardware enclaves via the memory bus"
1319:"Understanding the Confidential Containers Attestation Flow"
996:
Visor: Privacy-Preserving Video Analytics as a Cloud Service
600:
2015 on 6th Gen Intel Core PC processors (later deprecated)
2862:"OVHcloud releases new Advance Bare Metal Servers for SMEs"
2463:"Microsoft adds confidential VMs running on third-gen Epyc"
2158:"Confidential computing and related technologies: a review"
244:
Cryptographic attacks: including "vulnerabilities found in
3011:"Internationale Datentransfers – Sieht so die Lösung aus?"
2704:"Nvidia is bringing zero trust security into data centers"
1605:"Strengthening cloud security with confidential computing"
2223:"Building Hardware to Enable Continuous Data Protections"
1941:
Xu, Yuanzhong; Cui, Weidong; Peinado, Marcus (May 2015).
1676:"Oblivious coopetitive analytics using hardware enclaves"
1631:"Secure Collaborative Training and Inference for XGBoost"
2554:"Intel to begin shipping Skylake CPUs with SGX enabled"
2488:"Arm launches v9 with Realms and Confidential Compute"
134:
In addition to trusted execution environments, remote
1724:"Last-Level Cache Side-Channel Attacks are Practical"
2156:
Sardar, Muhammad; Fetzer, Christof (November 2021).
448:
Comparison with other privacy-enhancing technologies
1798:. Information Commissioner's Office. September 2022
486:is a concept and set of standards published by the
1399:. Confidential Computing Consortium. December 2022
1108:. Confidential Computing Consortium. November 2022
2110:. Confidential Computing Consortium. October 2020
1015:"Current Trusted Execution Environment landscape"
96:, Prof Chris Mitchell and Prof Ivan Martinovic.
3198:"What is the Confidential Computing Consortium?"
1317:Banerjee, Pradipta; Ortiz, Samuel (2022-12-02).
1103:"A technical analysis of confidential computing"
1394:"Common terminology for confidential computing"
605:2021 on 3rd Gen Intel Xeon Scalable processors
2604:"Intel issues patches for SGX vulnerabilities"
1417:Pecholt, Joana; Wessel, Sascha (2022-12-05).
8:
2759:"Compare Top Confidential Computing Vendors"
2369:"Bootstrapping Trust in Commodity Computers"
1425:. New York, NY, USA: ACM. pp. 989–998.
1363:
1361:
1359:
1097:
1095:
1093:
1091:
1089:
1087:
740:, Decentriq, Fortanix, Kindite, Oasis Labs,
534:2021 with 3rd Gen AMD EPYC server processors
377:Data localization, sovereignty and residency
2373:2010 IEEE Symposium on Security and Privacy
1947:2015 IEEE Symposium on Security and Privacy
1728:2015 IEEE Symposium on Security and Privacy
1369:"Intel SGX vs TDX: what is the difference?"
692:Systems, Scontain, Secretarium and others.
648:Virtual Machine or Multi-User GPU Instance
260:strategy is recommended as a best practice.
2886:"2022 Superuser Awards Nominee: CanaryBit"
2752:
2750:
2748:
1128:"Confidential Computing—a brave new world"
1036:
1034:
1013:Sturmann, Lily; Simon, Axel (2019-12-02).
2310:
2277:
2182:
2151:
2149:
1999:
1851:
1772:
1282:
1233:
911:
35:privacy-enhancing computational technique
2342:Hockenbrocht, Christopher (2020-02-01).
889:
887:
732:. The founding general members included
609:Application/Process or Library/Function
547:Arm Confidential Computing Architecture
501:
2241:
2239:
2130:"SoK: SGX.Fail: How Stuff Gets Exposed"
2105:"Confidential Computing Deep Dive v1.0"
1994:. SEC'20. USENIX Association: 487–504.
1789:"Privacy-enhancing technologies (PETs)"
841:
839:
837:
782:
761:
373:and Germany's IT Security Act (ITSiG).
367:European Union Agency for Cybersecurity
3192:
3190:
3009:Schonschek, Oliver (2 November 2022).
1717:
1715:
1312:
1310:
704:. The founding premiere members were
2729:"NVIDIA Hopper Architecture In-Depth"
1218:"Toward confidential cloud computing"
944:"Confidential Remote Computing (CRC)"
27:Privacy-enhancing computing technique
7:
1171:Sardar, Muhammad Usama (June 2022).
326:Confidential computing protects the
2940:TOP 1000 Swiss Startups awards 2022
2757:Preimesberger, Chris (2020-09-15).
1509:van Winkle, William (2019-12-31).
371:General Data Protection Regulation
263:Basic physical attacks: including
53:effective against the technology.
25:
3271:Confidential Computing Consortium
3202:Confidential Computing Consortium
2860:Spadafora, Anthony (2021-10-26).
2135:. Georgia Institute of Technology
1536:"What is confidential computing?"
1043:"What Is Confidential Computing?"
1002:. 29th USENIX Security Symposium.
696:Confidential Computing Consortium
2652:Condon, Stephanie (2021-04-06).
2533:Moorhead, Patrick (2020-04-14).
2050:Lakshmanan, Ravie (2020-06-10).
1573:10.23919/MIPRO52101.2021.9597198
894:Rashid, Fahmida Y. (June 2020).
105:processing components such as a
645:2022 on Nvidia H100 family GPUs
575:2020 with IBM z15 and LinuxONE
569:IBM Secure Execution for Linux
556:2021 with Arm v9-A architecture
427:Technical University of Dresden
237:, other software and workloads.
3120:Sharma, Shubham (2022-06-28).
3074:Thompson, David (2022-11-02).
2702:Columbus, Louis (2022-03-31).
2436:Takahashi, Dean (2021-03-15).
2299:IEEE Transactions on Computers
2081:30th USENIX Security Symposium
1041:Rashid, Fahmida (2020-05-27).
816:Schuster, Felix (2022-10-03).
473:Secure multi-party computation
468:Secure multi-party computation
78:secure multi-party computation
1:
2809:O'Brien, Chris (2020-10-16).
2677:Kovacs, Eduard (2023-01-10).
2577:Pezzone, Jimmy (2022-01-15).
2508:Korolov, Maria (2021-05-04).
2025:Kovacs, Eduard (2022-08-09).
1891:Basak, Anirban (2023-02-06).
1185:10.1109/DSN-S54099.2022.00028
1019:Red Hat Emerging Technologies
639:Nvidia Confidential Computing
307:Distributed Denial of Service
58:trusted execution environment
3035:Wiggers, Kyle (2022-09-15).
2959:Wiggers, Kyle (2022-03-22).
2602:Robinson, Dan (2023-02-15).
2486:Hamblen, Matt (2021-03-30).
1916:Shein, Esther (2023-02-01).
1534:Crouse, Megan (2022-11-07).
1478:10.1109/SEED55351.2022.00017
1344:infohub.delltechnologies.com
1140:10.1109/SEED51797.2021.00025
860:10.1109/SEED55351.2022.00018
456:Fully homomorphic encryption
155:trusted computing base (TCB)
74:fully homomorphic encryption
18:Draft:Confidential computing
2984:Plumb, Taryn (2022-09-13).
2834:Taft, Darryl (2019-12-19).
2246:Popa, Raluca (2021-10-01).
1862:10.1007/978-3-031-17926-6_4
3302:
2627:Synek, Greg (2018-11-05).
1730:. IEEE. pp. 605–622.
1472:. IEEE. pp. 109–120.
913:10.1109/MSPEC.2020.9099920
854:. IEEE. pp. 121–132.
3242:Gold, Jack (2020-09-28).
3015:cloudcomputing-insider.de
1222:Communications of the ACM
1066:Olzak, Tom (2021-09-20).
655:Cloud computing providers
590:Software Guard Extensions
582:
322:Data privacy and security
180:isolation, also known as
170:isolation, also known as
2782:Li, Abner (2020-07-14).
2552:Funk, Ben (2015-10-05).
792:"States of Digital Data"
111:graphics processing unit
2417:Trusted Computing Group
2312:10.1109/TC.2020.2995638
1688:10.1145/3342195.3387552
1643:10.1145/3411501.3419420
1637:. ACM. pp. 21–26.
1431:10.1145/3564625.3564648
1284:10.1145/3454122.3456125
616:Trust Domain Extensions
488:Trusted Computing Group
107:central processing unit
1682:. ACM. pp. 1–17.
1567:. pp. 1213–1218.
950:. University of Oxford
523:Advanced Micro Devices
462:homomorphic encryption
420:Trusted computing base
381:Regulations regarding
269:bus and cache snooping
201:
37:focused on protecting
31:Confidential computing
2514:Data Center Knowledge
687:Application providers
356:Regulatory compliance
339:Multi-party analytics
199:
2490:. Fierce Electronics
2375:. pp. 414–429.
1949:. pp. 640–656.
1134:. pp. 132–138.
790:Fitzgibbons, Laura.
404:side-channel attacks
148:Technical approaches
51:side-channel attacks
2467:www.theregister.com
2413:"Trusted Computing"
2225:. DARPA. 2020-03-02
3224:. Linux Foundation
3176:. 28 February 2022
2381:10.1109/SP.2010.32
1955:10.1109/SP.2015.45
1736:10.1109/SP.2015.43
1277:(1): 20:49–20:76.
1179:. pp. 49–50.
202:
94:Prof Andrew Martin
33:is a security and
2390:978-1-4244-6894-2
2090:978-1-939133-24-3
2011:978-1-939133-17-5
1964:978-1-4673-6949-7
1871:978-3-031-17925-9
1822:. TeleTrusT. 2021
1745:978-1-4673-6949-7
1697:978-1-4503-6882-7
1652:978-1-4503-8088-1
1609:IBM Research Blog
1582:978-953-233-101-1
1487:978-1-6654-8526-5
1194:978-1-6654-0260-6
1149:978-1-6654-2025-9
869:978-1-6654-8526-5
652:
651:
505:Hardware provider
484:Trusted computing
479:Trusted computing
385:and residency or
383:data localization
303:Denial of Service
265:cold boot attacks
254:quantum computing
82:Trusted Computing
16:(Redirected from
3293:
3258:
3257:
3255:
3254:
3239:
3233:
3232:
3230:
3229:
3218:
3212:
3211:
3209:
3208:
3194:
3185:
3184:
3182:
3181:
3166:
3160:
3159:
3157:
3156:
3142:
3136:
3135:
3133:
3132:
3117:
3111:
3110:
3108:
3107:
3092:
3086:
3085:
3083:
3082:
3071:
3065:
3064:
3057:
3051:
3050:
3048:
3047:
3032:
3026:
3025:
3023:
3022:
3006:
3000:
2999:
2997:
2996:
2981:
2975:
2974:
2972:
2971:
2956:
2950:
2949:
2947:
2946:
2932:
2926:
2925:
2923:
2922:
2907:
2901:
2900:
2898:
2897:
2882:
2876:
2875:
2873:
2872:
2857:
2851:
2850:
2848:
2847:
2840:Software Quality
2831:
2825:
2824:
2822:
2821:
2806:
2800:
2799:
2797:
2796:
2779:
2773:
2772:
2770:
2769:
2754:
2743:
2742:
2740:
2739:
2733:NVIDIA Developer
2724:
2718:
2717:
2715:
2714:
2699:
2693:
2692:
2690:
2689:
2674:
2668:
2667:
2665:
2664:
2649:
2643:
2642:
2640:
2639:
2624:
2618:
2617:
2615:
2614:
2599:
2593:
2592:
2590:
2589:
2574:
2568:
2567:
2565:
2564:
2549:
2543:
2542:
2530:
2524:
2523:
2521:
2520:
2505:
2499:
2498:
2496:
2495:
2483:
2477:
2476:
2474:
2473:
2458:
2452:
2451:
2449:
2448:
2433:
2427:
2426:
2424:
2423:
2409:
2403:
2402:
2364:
2358:
2357:
2355:
2354:
2339:
2333:
2332:
2314:
2290:
2284:
2283:
2281:
2268:
2262:
2261:
2259:
2258:
2243:
2234:
2233:
2231:
2230:
2219:
2213:
2212:
2210:
2209:
2203:BleepingComputer
2195:
2189:
2188:
2186:
2174:
2168:
2167:
2165:
2164:
2153:
2144:
2143:
2141:
2140:
2134:
2125:
2119:
2118:
2116:
2115:
2109:
2101:
2095:
2094:
2072:
2066:
2065:
2063:
2062:
2047:
2041:
2040:
2038:
2037:
2022:
2016:
2015:
2003:
1983:
1977:
1976:
1938:
1932:
1931:
1929:
1928:
1913:
1907:
1906:
1904:
1903:
1888:
1882:
1881:
1879:
1878:
1855:
1837:
1831:
1830:
1828:
1827:
1821:
1813:
1807:
1806:
1804:
1803:
1793:
1785:
1779:
1778:
1776:
1764:
1758:
1757:
1719:
1710:
1709:
1671:
1665:
1664:
1626:
1620:
1619:
1617:
1616:
1601:
1595:
1594:
1556:
1550:
1549:
1547:
1546:
1531:
1525:
1524:
1522:
1521:
1506:
1500:
1499:
1459:
1453:
1452:
1414:
1408:
1407:
1405:
1404:
1398:
1390:
1384:
1383:
1381:
1380:
1365:
1354:
1353:
1351:
1350:
1336:
1330:
1329:
1327:
1326:
1314:
1305:
1304:
1286:
1262:
1256:
1255:
1237:
1213:
1207:
1206:
1168:
1162:
1161:
1123:
1117:
1116:
1114:
1113:
1107:
1099:
1082:
1081:
1079:
1078:
1063:
1057:
1056:
1054:
1053:
1038:
1029:
1028:
1026:
1025:
1010:
1004:
1003:
1001:
990:
984:
983:
981:
980:
974:
966:
960:
959:
957:
955:
940:
934:
933:
915:
891:
882:
881:
843:
832:
831:
829:
828:
813:
807:
806:
804:
803:
787:
770:
766:
702:Linux Foundation
629:Virtual Machine
578:Virtual Machine
559:Virtual Machine
537:Virtual Machine
517:Isolation level
502:
387:data sovereignty
346:money laundering
301:attacks such as
258:defense-in-depth
227:operating system
21:
3301:
3300:
3296:
3295:
3294:
3292:
3291:
3290:
3286:Data protection
3276:
3275:
3267:
3262:
3261:
3252:
3250:
3241:
3240:
3236:
3227:
3225:
3220:
3219:
3215:
3206:
3204:
3196:
3195:
3188:
3179:
3177:
3168:
3167:
3163:
3154:
3152:
3144:
3143:
3139:
3130:
3128:
3119:
3118:
3114:
3105:
3103:
3094:
3093:
3089:
3080:
3078:
3073:
3072:
3068:
3059:
3058:
3054:
3045:
3043:
3034:
3033:
3029:
3020:
3018:
3008:
3007:
3003:
2994:
2992:
2983:
2982:
2978:
2969:
2967:
2958:
2957:
2953:
2944:
2942:
2934:
2933:
2929:
2920:
2918:
2915:Fintech Futures
2909:
2908:
2904:
2895:
2893:
2884:
2883:
2879:
2870:
2868:
2859:
2858:
2854:
2845:
2843:
2833:
2832:
2828:
2819:
2817:
2808:
2807:
2803:
2794:
2792:
2781:
2780:
2776:
2767:
2765:
2756:
2755:
2746:
2737:
2735:
2726:
2725:
2721:
2712:
2710:
2701:
2700:
2696:
2687:
2685:
2676:
2675:
2671:
2662:
2660:
2651:
2650:
2646:
2637:
2635:
2626:
2625:
2621:
2612:
2610:
2601:
2600:
2596:
2587:
2585:
2576:
2575:
2571:
2562:
2560:
2558:The Tech Report
2551:
2550:
2546:
2532:
2531:
2527:
2518:
2516:
2507:
2506:
2502:
2493:
2491:
2485:
2484:
2480:
2471:
2469:
2461:Robinson, Dan.
2460:
2459:
2455:
2446:
2444:
2435:
2434:
2430:
2421:
2419:
2411:
2410:
2406:
2391:
2366:
2365:
2361:
2352:
2350:
2341:
2340:
2336:
2292:
2291:
2287:
2270:
2269:
2265:
2256:
2254:
2245:
2244:
2237:
2228:
2226:
2221:
2220:
2216:
2207:
2205:
2197:
2196:
2192:
2176:
2175:
2171:
2162:
2160:
2155:
2154:
2147:
2138:
2136:
2132:
2127:
2126:
2122:
2113:
2111:
2107:
2103:
2102:
2098:
2091:
2074:
2073:
2069:
2060:
2058:
2056:The Hacker News
2049:
2048:
2044:
2035:
2033:
2024:
2023:
2019:
2012:
1985:
1984:
1980:
1965:
1940:
1939:
1935:
1926:
1924:
1915:
1914:
1910:
1901:
1899:
1890:
1889:
1885:
1876:
1874:
1872:
1839:
1838:
1834:
1825:
1823:
1819:
1815:
1814:
1810:
1801:
1799:
1791:
1787:
1786:
1782:
1766:
1765:
1761:
1746:
1721:
1720:
1713:
1698:
1673:
1672:
1668:
1653:
1628:
1627:
1623:
1614:
1612:
1603:
1602:
1598:
1583:
1558:
1557:
1553:
1544:
1542:
1533:
1532:
1528:
1519:
1517:
1508:
1507:
1503:
1488:
1461:
1460:
1456:
1441:
1416:
1415:
1411:
1402:
1400:
1396:
1392:
1391:
1387:
1378:
1376:
1367:
1366:
1357:
1348:
1346:
1338:
1337:
1333:
1324:
1322:
1316:
1315:
1308:
1264:
1263:
1259:
1235:10.1145/3453930
1215:
1214:
1210:
1195:
1170:
1169:
1165:
1150:
1125:
1124:
1120:
1111:
1109:
1105:
1101:
1100:
1085:
1076:
1074:
1065:
1064:
1060:
1051:
1049:
1040:
1039:
1032:
1023:
1021:
1012:
1011:
1007:
999:
992:
991:
987:
978:
976:
972:
968:
967:
963:
953:
951:
942:
941:
937:
893:
892:
885:
870:
845:
844:
835:
826:
824:
815:
814:
810:
801:
799:
796:Data Management
789:
788:
784:
779:
774:
773:
767:
763:
758:
698:
689:
677:Microsoft Azure
657:
497:
481:
470:
458:
450:
400:
379:
363:data governance
358:
341:
328:confidentiality
324:
316:
284:
219:
207:
162:Virtual machine
150:
115:virtual machine
102:
62:virtual machine
47:data in transit
28:
23:
22:
15:
12:
11:
5:
3299:
3297:
3289:
3288:
3278:
3277:
3274:
3273:
3266:
3265:External links
3263:
3260:
3259:
3234:
3213:
3186:
3161:
3137:
3112:
3087:
3066:
3052:
3027:
3001:
2976:
2951:
2927:
2902:
2877:
2852:
2826:
2801:
2774:
2744:
2719:
2694:
2669:
2644:
2619:
2594:
2569:
2544:
2525:
2500:
2478:
2453:
2428:
2404:
2389:
2359:
2334:
2305:(5): 711–724.
2285:
2263:
2235:
2214:
2190:
2169:
2145:
2120:
2096:
2089:
2067:
2042:
2017:
2010:
1978:
1963:
1933:
1908:
1883:
1870:
1832:
1808:
1780:
1759:
1744:
1711:
1696:
1666:
1651:
1621:
1596:
1581:
1551:
1526:
1501:
1486:
1454:
1439:
1409:
1385:
1355:
1331:
1306:
1257:
1208:
1193:
1163:
1148:
1118:
1083:
1058:
1030:
1005:
985:
961:
935:
883:
868:
833:
808:
781:
780:
778:
775:
772:
771:
760:
759:
757:
754:
697:
694:
688:
685:
656:
653:
650:
649:
646:
643:
640:
637:
631:
630:
627:
624:
621:
611:
610:
607:
598:
595:
586:
580:
579:
576:
573:
570:
567:
561:
560:
557:
554:
551:
545:
539:
538:
535:
532:
529:
526:
519:
518:
515:
512:
509:
506:
496:
493:
480:
477:
469:
466:
457:
454:
449:
446:
399:
396:
378:
375:
357:
354:
340:
337:
323:
320:
315:
312:
311:
310:
295:
291:
283:
280:
276:
275:
272:
261:
242:
238:
218:
215:
206:
203:
186:
185:
175:
165:
149:
146:
144:trusted code.
132:
131:
128:
125:Data integrity
122:
101:
98:
26:
24:
14:
13:
10:
9:
6:
4:
3:
2:
3298:
3287:
3284:
3283:
3281:
3272:
3269:
3268:
3264:
3249:
3245:
3238:
3235:
3223:
3217:
3214:
3203:
3199:
3193:
3191:
3187:
3175:
3171:
3170:"Secretarium"
3165:
3162:
3151:
3147:
3141:
3138:
3127:
3123:
3116:
3113:
3101:
3097:
3091:
3088:
3077:
3070:
3067:
3062:
3056:
3053:
3042:
3038:
3031:
3028:
3016:
3012:
3005:
3002:
2991:
2987:
2980:
2977:
2966:
2962:
2955:
2952:
2941:
2937:
2931:
2928:
2916:
2912:
2906:
2903:
2891:
2887:
2881:
2878:
2867:
2863:
2856:
2853:
2841:
2837:
2830:
2827:
2816:
2812:
2805:
2802:
2791:
2790:
2785:
2778:
2775:
2764:
2760:
2753:
2751:
2749:
2745:
2734:
2730:
2723:
2720:
2709:
2705:
2698:
2695:
2684:
2680:
2673:
2670:
2659:
2655:
2648:
2645:
2634:
2630:
2623:
2620:
2609:
2605:
2598:
2595:
2584:
2580:
2573:
2570:
2559:
2555:
2548:
2545:
2540:
2536:
2529:
2526:
2515:
2511:
2504:
2501:
2489:
2482:
2479:
2468:
2464:
2457:
2454:
2443:
2439:
2432:
2429:
2418:
2414:
2408:
2405:
2400:
2396:
2392:
2386:
2382:
2378:
2374:
2370:
2363:
2360:
2349:
2345:
2338:
2335:
2330:
2326:
2322:
2318:
2313:
2308:
2304:
2300:
2296:
2289:
2286:
2280:
2275:
2267:
2264:
2253:
2249:
2242:
2240:
2236:
2224:
2218:
2215:
2204:
2200:
2194:
2191:
2185:
2180:
2173:
2170:
2159:
2152:
2150:
2146:
2131:
2124:
2121:
2106:
2100:
2097:
2092:
2086:
2082:
2078:
2071:
2068:
2057:
2053:
2046:
2043:
2032:
2028:
2021:
2018:
2013:
2007:
2002:
1997:
1993:
1989:
1982:
1979:
1974:
1970:
1966:
1960:
1956:
1952:
1948:
1944:
1937:
1934:
1923:
1919:
1912:
1909:
1898:
1894:
1887:
1884:
1873:
1867:
1863:
1859:
1854:
1849:
1845:
1844:
1836:
1833:
1818:
1812:
1809:
1797:
1790:
1784:
1781:
1775:
1770:
1763:
1760:
1755:
1751:
1747:
1741:
1737:
1733:
1729:
1725:
1718:
1716:
1712:
1707:
1703:
1699:
1693:
1689:
1685:
1681:
1677:
1670:
1667:
1662:
1658:
1654:
1648:
1644:
1640:
1636:
1632:
1625:
1622:
1610:
1606:
1600:
1597:
1592:
1588:
1584:
1578:
1574:
1570:
1566:
1562:
1555:
1552:
1541:
1537:
1530:
1527:
1516:
1512:
1505:
1502:
1497:
1493:
1489:
1483:
1479:
1475:
1471:
1470:
1465:
1458:
1455:
1450:
1446:
1442:
1440:9781450397599
1436:
1432:
1428:
1424:
1420:
1413:
1410:
1395:
1389:
1386:
1374:
1370:
1364:
1362:
1360:
1356:
1345:
1341:
1335:
1332:
1320:
1313:
1311:
1307:
1302:
1298:
1294:
1290:
1285:
1280:
1276:
1272:
1268:
1261:
1258:
1253:
1249:
1245:
1241:
1236:
1231:
1227:
1223:
1219:
1212:
1209:
1204:
1200:
1196:
1190:
1186:
1182:
1178:
1174:
1167:
1164:
1159:
1155:
1151:
1145:
1141:
1137:
1133:
1129:
1122:
1119:
1104:
1098:
1096:
1094:
1092:
1090:
1088:
1084:
1073:
1069:
1062:
1059:
1048:
1047:IEEE Spectrum
1044:
1037:
1035:
1031:
1020:
1016:
1009:
1006:
998:
997:
989:
986:
971:
965:
962:
949:
945:
939:
936:
931:
927:
923:
919:
914:
909:
905:
901:
900:IEEE Spectrum
897:
890:
888:
884:
879:
875:
871:
865:
861:
857:
853:
849:
842:
840:
838:
834:
823:
822:The New Stack
819:
812:
809:
797:
793:
786:
783:
776:
765:
762:
755:
753:
751:
747:
743:
739:
735:
731:
727:
723:
719:
715:
711:
707:
703:
695:
693:
686:
684:
682:
678:
674:
670:
666:
662:
661:Alibaba Cloud
654:
647:
644:
641:
638:
636:
633:
632:
628:
625:
622:
620:
617:
613:
612:
608:
606:
603:
599:
596:
594:
591:
587:
585:
581:
577:
574:
571:
568:
566:
563:
562:
558:
555:
552:
550:
546:
544:
541:
540:
536:
533:
530:
527:
524:
521:
520:
516:
513:
510:
507:
504:
503:
500:
494:
492:
489:
485:
478:
476:
474:
467:
465:
463:
455:
453:
447:
445:
443:
439:
433:
430:
428:
423:
421:
417:
413:
409:
405:
397:
395:
391:
388:
384:
376:
374:
372:
368:
364:
355:
353:
349:
347:
338:
336:
333:
329:
321:
319:
313:
308:
304:
300:
296:
294:out-of-scope.
292:
289:
288:
287:
281:
279:
273:
270:
266:
262:
259:
255:
251:
247:
243:
239:
236:
232:
228:
224:
223:
222:
216:
214:
212:
211:threat models
204:
198:
194:
192:
183:
179:
176:
173:
169:
166:
163:
160:
159:
158:
156:
147:
145:
142:
137:
136:cryptographic
129:
126:
123:
120:
119:
118:
116:
112:
108:
99:
97:
95:
91:
90:Public Domain
85:
83:
79:
75:
71:
67:
63:
59:
54:
52:
48:
44:
40:
36:
32:
19:
3251:. Retrieved
3247:
3237:
3226:. Retrieved
3216:
3205:. Retrieved
3201:
3178:. Retrieved
3173:
3164:
3153:. Retrieved
3150:VentureRadar
3149:
3140:
3129:. Retrieved
3125:
3115:
3104:. Retrieved
3102:. 2023-04-17
3099:
3090:
3079:. Retrieved
3069:
3055:
3044:. Retrieved
3040:
3030:
3019:. Retrieved
3014:
3004:
2993:. Retrieved
2989:
2979:
2968:. Retrieved
2964:
2954:
2943:. Retrieved
2939:
2930:
2919:. Retrieved
2917:. 2022-06-20
2914:
2905:
2894:. Retrieved
2892:. 2022-05-03
2889:
2880:
2869:. Retrieved
2865:
2855:
2844:. Retrieved
2842:. TechTarget
2839:
2829:
2818:. Retrieved
2814:
2804:
2793:. Retrieved
2787:
2777:
2766:. Retrieved
2762:
2736:. Retrieved
2732:
2722:
2711:. Retrieved
2707:
2697:
2686:. Retrieved
2683:SecurityWeek
2682:
2672:
2661:. Retrieved
2657:
2647:
2636:. Retrieved
2632:
2622:
2611:. Retrieved
2608:The Register
2607:
2597:
2586:. Retrieved
2582:
2572:
2561:. Retrieved
2557:
2547:
2538:
2528:
2517:. Retrieved
2513:
2503:
2492:. Retrieved
2481:
2470:. Retrieved
2466:
2456:
2445:. Retrieved
2441:
2431:
2420:. Retrieved
2416:
2407:
2372:
2362:
2351:. Retrieved
2347:
2337:
2302:
2298:
2288:
2266:
2255:. Retrieved
2251:
2227:. Retrieved
2217:
2206:. Retrieved
2202:
2193:
2172:
2161:. Retrieved
2137:. Retrieved
2123:
2112:. Retrieved
2099:
2080:
2070:
2059:. Retrieved
2055:
2045:
2034:. Retrieved
2031:SecurityWeek
2030:
2020:
1991:
1981:
1946:
1936:
1925:. Retrieved
1921:
1911:
1900:. Retrieved
1896:
1886:
1875:. Retrieved
1842:
1835:
1824:. Retrieved
1811:
1800:. Retrieved
1795:
1783:
1762:
1727:
1679:
1669:
1634:
1624:
1613:. Retrieved
1611:. 2021-02-09
1608:
1599:
1564:
1554:
1543:. Retrieved
1540:TechRepublic
1539:
1529:
1518:. Retrieved
1514:
1504:
1468:
1457:
1422:
1412:
1401:. Retrieved
1388:
1377:. Retrieved
1375:. 2022-07-27
1372:
1347:. Retrieved
1343:
1334:
1323:. Retrieved
1274:
1270:
1260:
1228:(6): 54–61.
1225:
1221:
1211:
1176:
1166:
1131:
1121:
1110:. Retrieved
1075:. Retrieved
1071:
1061:
1050:. Retrieved
1046:
1022:. Retrieved
1018:
1008:
995:
988:
977:. Retrieved
964:
952:. Retrieved
948:ora.ox.ac.uk
947:
938:
903:
899:
851:
825:. Retrieved
821:
811:
800:. Retrieved
798:. TechTarget
795:
785:
764:
714:Google Cloud
699:
690:
683:and others.
669:Google Cloud
658:
619:(Intel TDX)
618:
604:
601:
593:(Intel SGX)
592:
548:
514:Introduction
498:
482:
471:
459:
451:
434:
431:
424:
401:
392:
380:
359:
350:
342:
325:
317:
299:availability
285:
282:Out of scope
277:
220:
208:
205:Threat model
187:
151:
133:
103:
86:
55:
43:data at rest
30:
29:
3126:VentureBeat
3017:(in German)
2990:VentureBeat
2965:VentureBeat
2815:VentureBeat
2708:VentureBeat
2442:VentureBeat
2083:: 717–732.
1922:VentureBeat
1515:VentureBeat
769:processors.
665:Baidu Cloud
444:) in 2022.
442:Rocket Lake
408:page faults
352:providers.
241:compromise.
191:subroutines
168:Application
109:(CPU) or a
66:application
39:data in use
3253:2023-03-12
3248:CSO Online
3228:2023-03-12
3207:2023-03-12
3180:2023-05-09
3155:2023-03-12
3146:"Scontain"
3131:2023-03-12
3106:2024-01-18
3081:2023-03-12
3046:2023-03-12
3041:TechCrunch
3021:2023-03-12
2995:2023-03-12
2970:2023-03-12
2945:2023-04-18
2921:2023-03-12
2896:2023-03-12
2871:2023-03-12
2846:2023-03-12
2820:2023-03-12
2795:2023-03-12
2789:9to5Google
2768:2023-03-12
2738:2023-03-12
2713:2023-03-12
2688:2023-03-12
2663:2023-03-12
2638:2023-03-12
2613:2023-03-12
2588:2023-03-12
2563:2023-05-01
2519:2023-03-12
2494:2023-03-12
2472:2023-03-20
2447:2023-03-12
2422:2023-03-12
2353:2023-03-12
2279:1905.07766
2257:2023-03-12
2229:2023-03-12
2208:2023-04-26
2184:2104.03868
2163:2023-03-12
2139:2023-03-12
2114:2023-03-12
2061:2023-03-12
2036:2023-03-12
2001:1912.01701
1927:2023-03-12
1902:2023-03-12
1877:2023-03-12
1853:2207.01513
1826:2023-03-12
1802:2023-03-12
1774:2104.03868
1615:2023-03-12
1545:2023-03-12
1520:2023-03-12
1403:2023-03-12
1379:2023-03-12
1349:2023-03-20
1325:2023-03-12
1112:2023-03-12
1077:2023-03-12
1072:Spiceworks
1052:2023-03-12
1024:2023-03-12
979:2023-03-12
906:(6): 8–9.
827:2023-03-12
802:2023-03-12
777:References
549:(Arm CCA)
508:Technology
416:memory bus
414:, and the
250:algorithms
231:hypervisor
100:Properties
3174:IQCapital
2890:Superuser
2866:TechRadar
2329:219488231
2321:1557-9956
1706:215728912
1661:222142203
1591:244147507
1496:253270880
1449:254151740
1373:CanaryBit
1301:232368388
1293:1542-7730
1252:235171921
1244:0001-0782
1203:251086713
1158:244273336
930:219767651
922:1939-9340
878:253271359
738:ByteDance
726:Microsoft
673:IBM Cloud
511:Component
495:Providers
398:Criticism
332:integrity
314:Use cases
184:isolation
174:isolation
164:isolation
3280:Category
2633:TechSpot
2583:TechSpot
2399:10346304
2348:LeapYear
2252:RISE Lab
1321:. RedHat
742:Swisscom
681:OVHcloud
309:attacks.
217:In scope
178:Function
141:firmware
70:function
3100:Tech.eu
2936:"CYSEC"
1973:6344906
1754:2741260
954:23 July
746:Tencent
730:Red Hat
706:Alibaba
438:Skylake
412:caching
246:ciphers
182:library
172:process
2539:Forbes
2397:
2387:
2327:
2319:
2087:
2008:
1971:
1961:
1897:Forbes
1868:
1752:
1742:
1704:
1694:
1659:
1649:
1589:
1579:
1494:
1484:
1447:
1437:
1299:
1291:
1250:
1242:
1201:
1191:
1156:
1146:
928:
920:
876:
866:
750:VMware
718:Huawei
635:Nvidia
614:Intel
588:Intel
460:Fully
80:, and
2763:eWEEK
2658:ZDNET
2395:S2CID
2325:S2CID
2274:arXiv
2179:arXiv
2133:(PDF)
2108:(PDF)
1996:arXiv
1969:S2CID
1848:arXiv
1820:(PDF)
1792:(PDF)
1769:arXiv
1750:S2CID
1702:S2CID
1657:S2CID
1587:S2CID
1492:S2CID
1445:S2CID
1397:(PDF)
1297:S2CID
1271:Queue
1248:S2CID
1199:S2CID
1154:S2CID
1106:(PDF)
1000:(PDF)
973:(PDF)
926:S2CID
874:S2CID
756:Notes
734:Baidu
722:Intel
584:Intel
525:(AMD)
68:, or
2385:ISBN
2317:ISSN
2085:ISBN
2006:ISBN
1959:ISBN
1866:ISBN
1740:ISBN
1692:ISBN
1647:ISBN
1577:ISBN
1482:ISBN
1435:ISBN
1289:ISSN
1240:ISSN
1189:ISBN
1144:ISBN
956:2024
918:ISSN
864:ISBN
748:and
728:and
572:CPU
330:and
248:and
235:BIOS
45:and
2377:doi
2307:doi
1951:doi
1858:doi
1732:doi
1684:doi
1639:doi
1569:doi
1474:doi
1427:doi
1279:doi
1230:doi
1181:doi
1136:doi
908:doi
856:doi
710:Arm
642:GPU
623:CPU
597:CPU
565:IBM
553:CPU
543:Arm
531:CPU
305:or
3282::
3246:.
3200:.
3189:^
3172:.
3148:.
3124:.
3098:.
3039:.
3013:.
2988:.
2963:.
2938:.
2913:.
2888:.
2864:.
2838:.
2813:.
2786:.
2761:.
2747:^
2731:.
2706:.
2681:.
2656:.
2631:.
2606:.
2581:.
2556:.
2537:.
2512:.
2465:.
2440:.
2415:.
2393:.
2383:.
2371:.
2346:.
2323:.
2315:.
2303:70
2301:.
2297:.
2250:.
2238:^
2201:.
2148:^
2079:.
2054:.
2029:.
2004:.
1990:.
1967:.
1957:.
1945:.
1920:.
1895:.
1864:.
1856:.
1794:.
1748:.
1738:.
1726:.
1714:^
1700:.
1690:.
1678:.
1655:.
1645:.
1633:.
1607:.
1585:.
1575:.
1563:.
1538:.
1513:.
1490:.
1480:.
1466:.
1443:.
1433:.
1421:.
1371:.
1358:^
1342:.
1309:^
1295:.
1287:.
1275:19
1273:.
1269:.
1246:.
1238:.
1226:64
1224:.
1220:.
1197:.
1187:.
1175:.
1152:.
1142:.
1130:.
1086:^
1070:.
1045:.
1033:^
1017:.
946:.
924:.
916:.
904:57
902:.
898:.
886:^
872:.
862:.
850:.
836:^
820:.
794:.
744:,
736:,
724:,
720:,
716:,
712:,
708:,
679:,
675:,
671:,
667:,
663:,
410:,
348:.
267:,
233:,
229:,
84:.
76:,
64:,
3256:.
3231:.
3210:.
3183:.
3158:.
3134:.
3109:.
3084:.
3063:.
3049:.
3024:.
2998:.
2973:.
2948:.
2924:.
2899:.
2874:.
2849:.
2823:.
2798:.
2771:.
2741:.
2716:.
2691:.
2666:.
2641:.
2616:.
2591:.
2566:.
2541:.
2522:.
2497:.
2475:.
2450:.
2425:.
2401:.
2379::
2356:.
2331:.
2309::
2282:.
2276::
2260:.
2232:.
2211:.
2187:.
2181::
2166:.
2142:.
2117:.
2093:.
2064:.
2039:.
2014:.
1998::
1975:.
1953::
1930:.
1905:.
1880:.
1860::
1850::
1829:.
1805:.
1777:.
1771::
1756:.
1734::
1708:.
1686::
1663:.
1641::
1618:.
1593:.
1571::
1548:.
1523:.
1498:.
1476::
1451:.
1429::
1406:.
1382:.
1352:.
1328:.
1303:.
1281::
1254:.
1232::
1205:.
1183::
1160:.
1138::
1115:.
1080:.
1055:.
1027:.
982:.
958:.
932:.
910::
880:.
858::
830:.
805:.
436:(
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.