Looking for enclaive's confidential multi-cloud solution. Click here.



Con­fi­den­tial Com­put­ing trans­forms the pub­lic sector

Insti­tu­tions around the world have seen a mas­sive shift toward dig­i­tal trans­for­ma­tion with­in the last cou­ple of years. And the pan­dem­ic has only accel­er­at­ed the government’s dig­i­tal change efforts. The pan­dem­ic has been speed­ing up the pace of inno­va­tion. Pub­lic insti­tu­tions are high­ly reg­u­lat­ed sec­tors because of their valu­able data­bas­es. There­fore, secu­ri­ty offi­cials have to make sure they are using the very high­est secu­ri­ty mea­sures avail­able on the mar­ket. That is why con­fi­den­tial com­put­ing tech­nol­o­gy can dri­ve change with­in the pub­lic sector.

Con­fi­den­tial Com­put­ing as the solu­tion for con­fi­den­tial­i­ty and integrity

With con­fi­den­tial com­put­ing tech­nol­o­gy emerg­ing last year, we see a great improve­ment in pri­va­cy and data pro­tec­tion across indus­tries. Hard­ware tech­nol­o­gy enables con­fi­den­tial com­put­ing, lead­ing to the exe­cu­tion of an appli­ca­tion and data in a so-called secure enclave. The CPU holds an encryp­tion key unique to the com­put­er sys­tem and the appli­ca­tion encrypts the mem­o­ry of the enclave. The infor­ma­tion trans­mit­ted stays encrypt­ed the entire time. Only inside the enclave, does it get decod­ed. A secure enclave is like a secure “box” that ensures only autho­rized code can access the data, keep­ing infor­ma­tion away not only from cloud or infra­struc­ture providers but also from exter­nal threat par­ties. The enclave denies the oper­a­tion when the code is altered or tam­pered with. It pro­tects it from unau­tho­rized access and manipulation.

The result of such cyber­se­cu­ri­ty in place is that pub­lic insti­tu­tions can now pro­tect high­ly sen­si­tive data in use, by plac­ing it togeth­er with the appli­ca­tion code into the enclave. Fur­ther­more, the tech­nol­o­gy comes with a remote attes­ta­tion fea­ture, that enables an orga­ni­za­tion to con­firm to oth­er par­ties that the data is secure with­in the enclave.

How can the pub­lic sec­tor ben­e­fit from Con­fi­den­tial Computing

Pub­lic sec­tor orga­ni­za­tions, which often need to com­ply with strict com­pli­ance reg­u­la­tions, could great­ly ben­e­fit from Con­fi­den­tial Com­put­ing. This tech­nol­o­gy enables agen­cies to build enclave-based appli­ca­tions to pro­tect data in use in a ded­i­cat­ed cloud that meets gov­ern­ment secu­ri­ty and com­pli­ance require­ments. Dif­fer­ent insti­tu­tions could now coop­er­ate with each oth­er to improve the pub­lic good. 

For instance, data man­agers can share datasets in ways that allow them to main­tain com­plete con­trol over the infor­ma­tion. Organ­i­sa­tions do not need to trust each oth­er any­more to keep the shared infor­ma­tion secure, ensur­ing zero trust imple­men­ta­tion. Con­fi­den­tial com­put­ing tech­nol­o­gy ensures the secu­ri­ty of the infor­ma­tion pro­vid­ed by mul­ti­ple par­ties. Appli­ca­tions run in a trust­ed envi­ron­ment for only those pur­pos­es the dif­fer­ent par­ties have agreed upon. Man­agers are in full con­trol of the shared data at any point in the pro­cess­ing process. 

Let’s talk examples

Let’s be prac­ti­cal, how can this tech­nol­o­gy ben­e­fit us, cit­i­zens? At the cen­tre of all online activ­i­ties oper­at­ed by the admin­is­tra­tion are the dig­i­tal iden­ti­ty and the pos­si­bil­i­ty of pro­vid­ing evi­dence of who is apply­ing for the ser­vice. Each con­tract agree­ment pre­sumes that the con­trac­tu­al part­ners can iden­ti­fy them­selves unequiv­o­cal­ly and legal­ly. Thus, a dig­i­tal iden­ti­ty would ensure such an online iden­ti­fi­ca­tion. Such an eID func­tion would be a major game-chang­er with­in the pub­lic ser­vice sector.

Users can move around the Inter­net safe­ly and more freely by using this so-called eID func­tion. This would pave the way for a whole pack­age of cit­i­zen ser­vices or bank ser­vices that could be now oper­at­ed online. Cit­i­zens could now apply for ser­vices from insur­ance com­pa­nies or for child care online at the respec­tive gov­ern­ment author­i­ty. And such a ser­vice is only pos­si­ble in the online realm, as the cit­i­zens can iden­ti­fy them­selves via this so-called eID function. 

This means, no more walk­ing to the near­est gov­ern­ment agency and wait­ing in long lines. No more time-con­sum­ing clar­i­fi­ca­tion dis­cus­sions at the counter. In this respect, con­fi­den­tial com­put­ing promis­es to give the par­a­lyz­ing dig­i­ti­za­tion of the pub­lic sec­tor a long-over­due boost. How? By using secure enclaves while using a dig­i­tal iden­ti­ty ser­vice. Cit­i­zens are ensured that their high­ly sen­si­tive infor­ma­tion stays encrypt­ed all the time while, for exam­ple, they are apply­ing for a spe­cif­ic civ­il service.

Fur­ther poten­tial appli­ca­tions include also:

  • analysing and pre­vent­ing nation­al cyberattacks
  • secure mul­ti­par­ty col­lab­o­ra­tion between gov­ern­ment and third par­ties for new devel­op­ments (i.e. in the mil­i­tary sector)
  • secure data shar­ing between banks and gov­ern­ment to detect mon­ey laun­der­ing operations 
  • col­lab­o­ra­tion between inter­na­tion­al law enforce­ment agencies

How can enclaive dri­ve this dig­i­tal transformation?

And this is where enclaive can sup­port and help such insti­tu­tions push inno­va­tion. With its prod­ucts, it pro­vides a com­pre­hen­sive con­fi­den­tial­i­ty lay­er for the cloud, shield­ing the microser­vice and data against the infra­struc­ture provider and solu­tion provider. The con­fi­den­tial com­put­ing tech­nol­o­gy push­es the enable­ment of sophis­ti­cat­ed mul­ti-cloud appli­ca­tions. On top, all the prod­ucts pro­vide GDPR-com­pli­ant pro­cess­ing of data, includ­ing a remote attes­ta­tion functionality.

Such inno­va­tions allow gov­ern­ment and oth­er pub­lic organ­i­sa­tions to con­cen­trate on how to use the data for a greater pub­lic ben­e­fit, with­out giv­ing up any intel­lec­tu­al prop­er­ty, sen­si­tive infor­ma­tion or oth­er poten­tial­ly dam­ag­ing infor­ma­tion. They can derive new val­ue and busi­ness oppor­tu­ni­ties from sen­si­tive data assets that were pre­vi­ous­ly not possible.


This trend is only start­ing, which means we can expect to see some big changes in the near future. The oper­a­tional envi­ron­ment of pub­lic agen­cies will expe­ri­ence a mas­sive push for inno­va­tion and con­fi­den­tial com­put­ing is the solu­tion to deliv­er the advan­tages of a secure end-to-end data lifecycle.

More­over, thanks to the pri­va­cy box enclaive pro­vides, stor­ing and pro­cess­ing user data is now pos­si­ble in a pri­va­cy-enhanced way. Con­fi­den­tial com­put­ing tech­nol­o­gy is, there­fore, an effec­tive answer to gov­ern­ments’ need for dig­i­tal trans­for­ma­tion and cloud adop­tion across the world.

Contact us

Cookie Consent with Real Cookie Banner