Confidential Computing protects data in use by performing computation in a hardware-based Trusted Execution Environment (TEE). These secure and isolated environments prevent unauthorized access or modification of applications and data while in use, thereby increasing the security assurances for organizations that manage sensitive and regulated data.

Today, data is often encrypted at rest in storage and in transit across the network, but not while in use in memory. Additionally, the ability to protect data and code while it is in use is limited in conventional computing infrastructure. Organizations that handle sensitive data such as Personally Identifiable Information (PII), financial data, or health information need to mitigate threats that target the confidentiality and integrity of either the application or the data in system memory.

CCC brings together hardware vendors, cloud providers, and software developers to accelerate the adoption of Trusted Execution Environment (TEE) technologies and standards.

CCC is dedicated to defining and accelerating the adoption of confidential computing. It will embody open governance and open collaboration that has aided the success of similarly ambitious efforts. The effort includes commitments from numerous member organizations and contributions from several open source projects.

Requirements:

• Future goal is to protect source code, data and sensitive keys in cloud infrastructure from third party access including cloud service providers.
• Only Future staff have the ability to access secure cloud platform.
• The proposed platform should have all security controls in place to protect sensitive Future assets at rest, in-transit and in-use.
• Protect confidentiality, integrity and availability of Future’s IP, data and other assets in entire life cycle.