Microsoft has broken its silence on its Azure Confidential Computing service and announced a preview. The service was first introduced by Mark Russinovich last year and was made in collaboration with Intel.
It brings new data security capabilities to the cloud, including Trusted Execution Environments, Intel SGX, and Virtualization Based Security. Today Russinovich took to the Azure blog once more to explain Microsoft's vision for the service and its use cases.
According to Russinovich, Azure Confidential Computing is looking to ensure the following for its customers:
- “Top data breach threats are mitigated
- Data is fully in the control of the customer regardless of whether in rest, transit, or use and even though the infrastructure is not
- Code running in the cloud is protected and verifiable by the customer
- Data and code are opaque to the cloud platform, or put another way the cloud platform is outside of the trusted computing base”
The software is meant for organizations with high-security standards, such as healthcare providers, government agencies, and more. With Microsoft's offering that data can be used to train machine learning algorithms while still keeping up with regulations.
With the preview release, Microsoft is also announcing a number of hardware, development, and compute features. Firstly the latest generation of Intel Xeon Processors is now available with Intel SGX technology in Azure US East.
With that comes a new DC-series of virtual machines that utilize Intel Xeon SGX technology. The idea is to run enabled applications in the cloud to keep integrity. Finally, Microsoft is letting developers build C/C++ applications with an Intel SGX SDK and enclave APIs.
“While today this technology may be applied to a subset of data processing scenarios, we expect as it matures that it will become the new norm for all data processing, both in the cloud and on the edge,” said Russinovich.
You can sign up for the Azure Confidential Computing preview here.