The Role of Confidential Computing in Protecting Data in Use
In today’s digital society, data protection is one of the most critical challenges determining a company’s survival. Traditionally, data protection has focused on two primary states: “Data at Rest” (stored data) and “Data in Transit” (data being moved).
Encryption for data stored on HDDs or SSDs, and SSL/TLS for communication, are now standard security measures. However, the moment the computer actually processes the data—while calculations are being performed in the CPU and memory (Data in Use)—has long remained a security blind spot.
In traditional computer architectures, data had to be decrypted and returned to a “raw” state to be processed. This brief window of exposure created a security vacuum that could be exploited by side-channel attacks reading memory contents or unauthorized access by privileged administrators. This has been a major barrier to handling highly sensitive information. Confidential computing is the technology that completes the final piece of the data lifecycle puzzle by allowing calculations to be performed while the “data in use” remains encrypted.
By utilizing hardware-based execution environments, confidential computing provides a mechanism to prevent information leakage and unauthorized tampering in memory. This ensures that even if a cloud provider’s infrastructure administrator or the operating system itself is compromised, it remains impossible for outside parties to read the data or program contents during execution.
How TEEs Create a Secure Isolated Space
At the heart of confidential computing is a hardware-level isolation environment called a Trusted Execution Environment (TEE). Also commonly referred to as a “secure enclave,” it is a logically constructed, specialized region within the processor that is completely shielded from the outside.
Typically, applications running on a computer access hardware resources like memory and the CPU through software layers such as the OS or a hypervisor. Consequently, if these intermediate software layers have vulnerabilities or if those with administrative rights act maliciously, there is a risk that the running memory could be dumped (extracted) to steal data.
TEEs fundamentally change this structure by locking specific applications and their data inside a “black box” that even the OS cannot see.
Data processed within this region is treated as plaintext while it resides in the CPU’s internal registers or cache. However, the moment it is written to memory (RAM), it is instantaneously encrypted by a dedicated hardware encryption engine. The encryption keys exist only within the CPU and are never written to external storage. Therefore, even if a memory chip is physically removed for analysis or signals passing through the bus are intercepted, only a meaningless string of ciphertext can be obtained.
Because decryption occurs only within the “heart” of the CPU, data only exists in a meaningful form for the split second the calculation is performed within that isolated, secure space.
Remote Attestation: Proving the Integrity of the Execution Environment
No matter how powerful an isolation environment is, it is meaningless unless it can be verified remotely that the environment is running on truly trusted hardware and executing the intended program. Especially in cloud environments where users cannot physically touch the servers, this “verification of trust” is indispensable. The process that handles this role is called remote attestation.
When a TEE is launched, remote attestation creates an “evidence report” that includes configuration information, a hash of the code being executed, and the hardware status. This report is then digitally signed and sent to an external verifier. This signature uses a unique key burned into the processor by the hardware manufacturer during production. By checking this report, a verifier can mathematically confirm several facts:
- Code Integrity: The program being executed matches exactly what the user intended, down to the last bit, and no malicious code has been injected.
- Hardware Authenticity: The system is running on a genuine processor with security features from a specific manufacturer, rather than a software emulation or a faked environment.
- Up-to-Date Patch Level: The system was booted in a secure state with the latest security updates applied, rather than using firmware with known vulnerabilities.
Only after confirming that the verification result is a “pass” does the user transmit their sensitive data or encryption keys to that environment. This allows users to safely entrust their data based on mathematical and hardware-driven evidence, rather than blindly trusting human administrators or corporate brands “on the other side of the invisible cloud.”
Solving the Data Paradox Through Collaborative Analysis
One of the innovations brought by confidential computing is “collaborative analysis without revealing data” between multiple organizations. This approach is highly regarded as a key component of privacy-preserving computation.
Previously, when analyzing sensitive data from different organizations together, it was necessary to aggregate the data in a single location. However, due to constraints such as the General Data Protection Regulation (GDPR) and the risk of leaking trade secrets, the hurdles to providing raw data were extremely high.
Confidential computing solves this “data paradox”—the need to utilize data without being able to share it. Each organization sends its encrypted data to a common TEE without showing the contents to one another. Inside the TEE, the data from all participating organizations is integrated and processed as a batch, but during this process, no data or processing algorithms from any organization are leaked externally.
For example, multiple financial institutions could train a fraud detection model for the entire industry while protecting customer privacy. While the transaction data held by individual banks remains confidential, it is treated as a single massive dataset within the TEE, and only the resulting “fraud detection logic” is shared among the banks.
In this way, a world is realized where only the value (insights) derived from the data is shared, while data ownership and privacy are fully maintained.
Accelerating Cloud Shifts in Highly Regulated Industries
The spread of confidential computing is bringing significant changes to highly regulated industries that have previously hesitated to move to the cloud due to security concerns.
The financial industry handles massive amounts of data that cannot be leaked, such as payment information, asset management data, and customer credit info. By implementing confidential computing, cloud providers can be removed from the trust boundary, ensuring security on the cloud that is equivalent to or better than on-premises solutions. This allows these industries to enjoy the scalability and latest AI services unique to the cloud while maintaining extremely high security standards.
The impact is equally profound in the medical and life sciences fields. Personal genetic information and detailed medical records are the ultimate forms of personal data. By processing this data in TEEs on the cloud, research institutions worldwide can collaborate safely, accelerating the discovery of treatments for rare diseases and drug development while strictly complying with privacy regulations. For patients, the psychological barrier to providing data is lowered because there is a technical guarantee that their data is being properly protected.
Furthermore, adoption is progressing in various fields as a foundation for “secure data utilization,” including supply chain optimization in manufacturing and statistical processing of national data by government agencies. By basing “digital trust” on hardware and mathematics rather than centralized trust, it becomes possible to build social infrastructure that is more transparent and resilient.
Redefining Trust: A New Standard for Security
Confidential computing fundamentally changes the way we think about information security. Until now, trust was centered on human and organizational processes (Human-based Trust)—asking “who has access rights?” or “who can we trust to manage operations?” However, as systems become more complex and cyberattacks more sophisticated, it is impossible to keep human-led processes perfect.
Confidential computing shifts the object of this trust to hardware and cryptographic theory (Technical-based Trust). It neutralizes “uncertain elements” such as management errors, insider threats, and unknown vulnerabilities through physical isolation and mathematical proof. This is not just the addition of another security technology; it is an attempt to rebuild the very nature of computing to be “Secure by Default.”
The adoption of confidential computing is steadily expanding across environments provided by major processor manufacturers and cloud vendors. However, it is currently at a stage where organizations with high security requirements, such as those in finance, healthcare, and government, are adopting it selectively; it has not yet become standard for general-purpose workloads.
As challenges such as performance overhead and the maturity of development environments are resolved, expansion into a wider range of areas is expected. No matter where data is or whose infrastructure it runs on, its contents should be controlled only by the owner. “True privacy” in the digital age is being established through this technology.