Source: thenewstack.io
Microsoft Azure Brings Confidential Computing to KubernetesCategory: Software, Business, Data, Microsoft, Redis, Kubernetes, Ubuntu, nginx, encryption
There are plenty of solutions for protecting data at rest and in motion; protecting data while you’re using it is less common. Last year Microsoft introduced a Kubernetes SGX plugin to support “confidential computing” — running workloads like NGINX, Redis Cache and MemCache that were built to use trusted execution environments, or your own apps written with its open source Open Enclave SDK, which supports both Intel SGX and Arm TrustZone in encrypted memory.
Confidential computing isn’t yet at the stage where it will appeal to mainstream cloud users, but bringing it to Kubernetes is a sign that the platform is maturing in terms of the workloads it supports. Customers are saying our most secure workloads, our most privileged workloads are coming to Kubernetes and containers and cloud native computing,” Burns said.
It used to be that the cloud said ‘public networks — just deal with it and if you don’t like it, fine, go do something else.’ Now we supply private networks and private API endpoints and I think confidential computing is the next thing where we’re saying ‘We’re going to put our super privileged, our high-value intellectual property in a privileged container.’ But I think over time, we’re going to find is that it just becomes standard, where everybody just runs everything in it because that’s the way they think it needs to be.”
Confidential computing isn’t yet at the stage where it will appeal to mainstream cloud users, but bringing it to Kubernetes is a sign that the platform is maturing in terms of the workloads it supports. Customers are saying our most secure workloads, our most privileged workloads are coming to Kubernetes and containers and cloud native computing,” Burns said.
It used to be that the cloud said ‘public networks — just deal with it and if you don’t like it, fine, go do something else.’ Now we supply private networks and private API endpoints and I think confidential computing is the next thing where we’re saying ‘We’re going to put our super privileged, our high-value intellectual property in a privileged container.’ But I think over time, we’re going to find is that it just becomes standard, where everybody just runs everything in it because that’s the way they think it needs to be.”
Related Articles
Community Partners
DevOps Careers