Three Drivers Of Confidential Computing Adoption: Insights From Confidential Computing Summit 2024
While technical innovation moves quickly, most experts at the second annual Confidential Computing Summit agreed that the industry’s biggest challenge is building awareness of what’s already possible. Nearly everyone shared a vision that, in time, all computing will become confidential.
While technical innovation moves quickly, most experts at the second annual Confidential Computing Summit agreed that the industry’s biggest challenge is building awareness of what’s already possible. Nearly everyone shared a vision that, in time, all computing will become confidential.
“Confidential computing is an enabling technology that allows customers to move to the cloud more than ever before,” said NVIDIA Chief Security Officer and Head of Product Security Dave Reber. “Companies that traditionally had to be on-prem or couldn't take advantage of the cloud for very sensitive workloads can now take advantage of everything that the cloud service providers have to offer, while ensuring their data is protected.”
In short, confidential computing can unlock a whole world of cloud-powered innovation.But the problem today is that many businesses still don’t realize that confidential computing offers the protection they require to innovate. Speakers discussed at least three factors that could increase that awareness: emphasizing the business value of confidential computing, empowering developers to develop applications that leverage it, and improving the user experience of existing solutions.
Fueling Adoption With Compelling Use Cases
There are currently three main families of use cases for confidential computing, explained Giuseppe Giordano, R&D Principal Director at Accenture Labs. The first is data sharing and collaboration. There is risk involved with bringing sensitive workloads to the public cloud, potentially giving exposure to cloud operators or other users that aren’t authorized to access that cloud. Confidential computing addresses this vulnerability by enabling computations on encrypted data, ensuring that data remains secure throughout its entire lifecycle.
The second use case is multi-party collaboration. Confidential computing enables secure multi-party collaboration by allowing multiple parties to compute on shared data without exposing the underlying data to any of the involved parties. This is particularly useful in scenarios where data privacy and security are paramount, such as in financial services, healthcare, and collaborative research.
“Confidential computing looks to be the solution to enable this collaboration and help those companies extract the value that they couldn't create on their own with the data and the models that they have,” Giordano said.
The third and final use case is IP and model protection. A typical example is predictive maintenance models running in the cloud and having to send the data from an on-prem solution to the cloud to access those predictive maintenance use cases. Depending on the data, it can be very difficult to extract from a data center. Confidential computing moves the model instead of the data. “We move the model towards the edge so that the inference is done locally at the edge and the data stays local,” Giordano explained.
But these use cases, while exciting, aren’t enough to convey the full potential of confidential computing, said Anand Pashupathy, Vice President and General Manager Security Software and Services Division, at Intel. Awareness around not only the usages and applications, but also the outcomes, needs to increase tremendously.
“We need more use cases and production solutions to give confidence to general purpose industries that they can bring their solution and deliver it in a confidential computing manner,” he said. It’s essential, he added, to convey the outcome that was delivered as a result of confidential computing.
App Developers Hold the Key to Use Case Growth
Even as appetite increases, use cases won’t appear by magic. After more than a decade of planning and development on the hardware and software platform layers, application developers now have the power to unlock the market awareness that leads to ubiquity for confidential computing.
Over the next several years, SaaS applications will emerge to offer solutions where data is—by default—in a confidential computing enclave and available for further use in a secure way.
“You'll be able to break that data off into different PaaS offerings, creating your own development environments. And it will just continue to compound until eventually we have this microservice architecture that is already enabled by confidential computing,” NVIDIA’s Dave Reber said.
Some of the most important application developers in that vision may be those building in highly-regulated industries. “The early adopters tend to be large, more regulated industries that are big targets,” said security industry veteran Ayal Yogev, CEO of Anjuna. Banks, oil and gas companies aren’t typically early adopters in the tech space, but they are when it comes to security.
“It has to do with the amount of value they can unlock with their security,” he said. “Confidential computing makes new things possible: To leverage the cloud, to leverage AI, to leverage collaboration they couldn't do before. It opens up the door to do things they’ve always wanted to do, but they couldn't because the risk profile was too high without a solution like confidential computing.”
“There's data that we just wouldn't want to touch. We wouldn't want to inherit that risk,” James Edwards, Senior Director IT, Governance Planning and Strategy, Encore Capital Group, agreed. “Now we're really able to go to those organizations and say, ‘we can accept that data if you're willing to share it with us.’”
Confidential computing could unlock an explosion of innovation on the use case and application layers for other kinds of organizations, too. There’s a slew of user flows that e-commerce players could unlock once there is a foundation of confidential access to consumer data, investor and Confidential Computing Summit keynoter Jeremiah Owyang explained. He articulated a vision of the future of websites and apps shaped by AI and AI agents as the primary interface for users—in both B2C and B2B organizations.
UX Requirements for Confidential Computing
Most industry experts agree that eventually, all computing will be confidential. But to gain that mainstream status, solutions will have to meet two key requirements: ease of use and low-to-no performance impact.
“People don't want to spend so much effort to modify their applications or workloads. For them, confidential computing needs to be invisible,” said Nelly Porter, Google Director of Product Management, Encryption & Trusted AI.
Porter also added that for it to truly become ubiquitous, confidential computing must also be widely available wherever the user is and have no barriers to adoption. “I need to have the same performance, the same scalability, all of that,” she said.
Value-focused stories. Application-driven market maturation. Strong user experience without performance degradation. Those were the key themes that emerged at the Confidential Computing Summit regarding the industry’s biggest challenge: helping more people see what’s now technically possible.
There is a path for organizations to tap into generative AI, cloud computing, and a world of innovation even with their most sensitive data. The Confidential Computing community is working to illuminate that path, every day, and each year at the annual Summit.