Confidential Computing transforms the public sector

Confidential Computing as the solution for confidentiality and integrity

Institutions around the world have seen a massive shift toward digital transformation within the last couple of years. And the pandemic has only accelerated the government’s digital change efforts. The pandemic has been speeding up the pace of innovation. Public institutions are highly regulated sectors because of their valuable databases. Therefore, security officials have to make sure they are using the very highest security measures available on the market. That is why confidential computing technology can drive change within the public sector.

With confidential computing technology emerging last year, we see a great improvement in privacy and data protection across industries. Hardware technology enables confidential computing, leading to the execution of an application and data in a so-called secure enclave. The CPU holds an encryption key unique to the computer system and the application encrypts the memory of the enclave. The information transmitted stays encrypted the entire time. Only inside the enclave, does it get decoded. A secure enclave is like a secure “box” that ensures only authorized code can access the data, keeping information away not only from cloud or infrastructure providers but also from external threat parties. The enclave denies the operation when the code is altered or tampered with. It protects it from unauthorized access and manipulation.

The result of such cybersecurity in place is that public institutions can now protect highly sensitive data in use, by placing it together with the application code into the enclave. Furthermore, the technology comes with a remote attestation feature, that enables an organization to confirm to other parties that the data is secure within the enclave.

How can the public sector benefit from Confidential Computing

Public sector organizations, which often need to comply with strict compliance regulations, could greatly benefit from Confidential Computing. This technology enables agencies to build enclave-based applications to protect data in use in a dedicated cloud that meets government security and compliance requirements. Different institutions could now cooperate with each other to improve the public good.

For instance, data managers can share datasets in ways that allow them to maintain complete control over the information. Organisations do not need to trust each other anymore to keep the shared information secure, ensuring zero trust implementation. Confidential computing technology ensures the security of the information provided by multiple parties. Applications run in a trusted environment for only those purposes the different parties have agreed upon. Managers are in full control of the shared data at any point in the processing process.

Let’s talk examples

Let’s be practical, how can this technology benefit us, citizens? At the centre of all online activities operated by the administration are the digital identity and the possibility of providing evidence of who is applying for the service. Each contract agreement presumes that the contractual partners can identify themselves unequivocally and legally. Thus, a digital identity would ensure such an online identification. Such an eID function would be a major game-changer within the public service sector.

Users can move around the Internet safely and more freely by using this so-called eID function. This would pave the way for a whole package of citizen services or bank services that could be now operated online. Citizens could now apply for services from insurance companies or for child care online at the respective government authority. And such a service is only possible in the online realm, as the citizens can identify themselves via this so-called eID function.

This means, no more walking to the nearest government agency and waiting in long lines. No more time-consuming clarification discussions at the counter. In this respect, confidential computing promises to give the paralyzing digitization of the public sector a long-overdue boost. How? By using secure enclaves while using a digital identity service. Citizens are ensured that their highly sensitive information stays encrypted all the time while, for example, they are applying for a specific civil service.

Further potential applications include also:

• analysing and preventing national cyberattacks
• secure multiparty collaboration between government and third parties for new developments (i.e. in the military sector)
• secure data sharing between banks and government to detect money laundering operations
• collaboration between international law enforcement agencies

How can enclaive drive this digital transformation?

And this is where enclaive can support and help such institutions push innovation. With its products, it provides a comprehensive confidentiality layer for the cloud, shielding the microservice and data against the infrastructure provider and solution provider. The confidential computing technology pushes the enablement of sophisticated multi-cloud applications. On top, all the products provide GDPR-compliant processing of data, including a remote attestation functionality.

Such innovations allow government and other public organisations to concentrate on how to use the data for a greater public benefit, without giving up any intellectual property, sensitive information or other potentially damaging information. They can derive new value and business opportunities from sensitive data assets that were previously not possible.

Conclusion

This trend is only starting, which means we can expect to see some big changes in the near future. The operational environment of public agencies will experience a massive push for innovation and confidential computing is the solution to deliver the advantages of a secure end-to-end data lifecycle.

Moreover, thanks to the privacy box enclaive provides, storing and processing user data is now possible in a privacy-enhanced way. Confidential computing technology is, therefore, an effective answer to governments’ need for digital transformation and cloud adoption across the world.