We routinely encrypt data at rest (on disk) and in transit (over the network), but during processing data must be decrypted in memory — where a compromised OS, hypervisor or cloud operator could read it. Confidential computing closes this gap by protecting data in use inside a hardware-enforced Trusted Execution Environment (TEE).
Working principle
A TEE is an isolated region of the CPU whose memory is encrypted and inaccessible even to privileged software (kernel, hypervisor). Code and data run inside this enclave; the processor enforces the boundary. Crucially, remote attestation lets a TEE prove to a third party exactly what code is running inside it before any secret is released — establishing trust without trusting the host. Examples include Intel SGX/TDX, AMD SEV-SNP and Arm CCA.
| State | Threat | Protection |
|---|---|---|
| At rest | Stolen disk | Disk / DB encryption |
| In transit | Network sniffing | TLS |
| In use | Compromised host | Confidential computing (TEE) |
Why it mattersConfidential computing enables privacy-preserving collaboration: parties can pool sensitive data for joint computation without any of them — or the cloud — seeing the others' raw inputs.
Applications
- Processing regulated data (health, finance) in public cloud
- Multi-party analytics and confidential AI inference
- Protecting keys and proprietary models at runtime
References & further reading
- Confidential Computing Consortium, “A Technical Analysis of Confidential Computing,” 2021.
- Costan & Devadas, “Intel SGX Explained,” IACR ePrint, 2016.
- Sabt et al., “Trusted Execution Environment: What It is, and What It is Not,” IEEE TrustCom, 2015.