Challenges of “Data in Use” in Modern Cloud Security
With the advancement of digital transformation, data from companies and organizations has rapidly migrated from on-premises servers to the cloud. Until now, the primary focus of cloud security has been on encrypting “data at rest” stored in storage and “data in transit” flowing through networks. In these areas, advanced encryption technologies have ensured sufficient security.
However, a challenge that has been difficult to solve with conventional technology is the protection of “data in use,” which occurs when programs are executed and data is processed. When a computer processes data, the processor must load the data into memory and perform calculations in plaintext. At this moment, the data becomes viewable by the operating system, hypervisor, or administrators with privileged access.
TEE (Trusted Execution Environment) is attracting attention as a technology that fills this “gap during processing” at the hardware level. TEE builds a “secure area” inside the main processor that is completely isolated from the normal execution environment, and by cutting off processing there from the outside, it is a technology that increases data confidentiality and integrity to the extreme.
How the “Hardware Isolation Wall” Built by TEE Works
The core of TEE lies in creating an isolated environment through the hardware structure itself, rather than software. In a typical computing environment, applications trust the operating system, and the operating system trusts the hypervisor that controls the hardware, forming a hierarchical structure.
However, in this structure, if there is a vulnerability in the upper layers (privileged layers) or if a malicious administrator exists, the data of the lower-level applications can be easily snooped upon.
In an environment where TEE is introduced, the processor defines a specific memory area as an “enclave” (isolated area). Data and execution code stored in this area are constantly encrypted by a powerful hardware encryption engine, and their contents cannot be read from outside the enclave.
Even an administrator with full authority over the server, or even if the operating system is infected and taken over by malware, the system is designed so that data inside the enclave cannot be accessed.
When calculations are performed inside the processor, data is temporarily decrypted only within the enclave, and it is immediately re-encrypted once the processing is finished. Since this series of operations is completed at the circuit level inside the chip, even if the external bus lines or memory chips were physically scanned, it would be impossible to obtain any meaningful information.
In this way, building a “hardware wall” that transcends software walls is the greatest feature of TEE.
Technical Elements Supporting Confidential Computing
The method of performing calculations using TEE while protecting data in use is called “confidential computing.” To realize this paradigm, major processor manufacturers and cloud vendors provide their own TEE implementations.
For example, Intel SGX (Software Guard Extensions) enables protection at a very fine granularity by executing part of an application directly as an enclave.
On the other hand, AMD SEV (Secure Encrypted Virtualization) takes the approach of encrypting and protecting the entire virtual machine, which has the advantage of being deployable without significantly changing existing applications.
Furthermore, in the field of mobile devices and embedded systems, ARM TrustZone is widely used. This mechanism separates the processor into two states, “Secure World” and “Normal World,” and limits the execution of extremely important processes such as fingerprint authentication and payment information to the Secure World side.
In the world of public clouds, services such as AWS Nitro Enclaves, Azure Confidential Computing, and Google Cloud’s Confidential VMs have appeared, creating an environment where the benefits of TEE can be enjoyed on the cloud without being conscious of physical hardware.
Common to these technologies is an important process called “remote attestation.” This is a mechanism where a third party can verify, via a digital signature issued by the processor, that the execution environment is a genuine TEE and that the code to be executed has not been tampered with before the program is run.
This allows users to be mathematically and physically certain that “the data they have submitted is being processed by the correct program in a secure environment.”
Use Cases of TEE Expanding Across Various Fields
The characteristic of TEE as a “secure calculation room where no one can see the contents” enables collaborative data utilization that was previously difficult due to security and privacy concerns.
In the financial industry, TEE is being used in systems to detect fraudulent transfers and money laundering by matching customer data held by multiple banks without disclosing each other’s confidential information. By bringing each bank’s data into the TEE and outputting only the calculation results (presence or absence of fraud) in an encrypted state, security accuracy can be improved while protecting customer privacy.
In the field of medicine and life sciences, TEE is also a powerful tool. By integrating and analyzing clinical data and genomic information held by different hospitals on a secure platform using TEE, it is possible to accelerate the discovery of new treatments and drug discovery research while keeping the risk of personal information leakage to zero.
Furthermore, the importance of TEE is increasing in the field of AI (Artificial Intelligence), which is a modern technical trend. Training AI models requires vast amounts of confidential data, but by using TEE, data owners can allow training to be performed without giving raw data to the model creators. Business models such as providing inference services while protecting the uniquely developed high-value AI models (algorithms) themselves by storing them in TEE are also becoming realistic.
The “Redefinition of Trust” Brought by TEE and Future Outlook
“Trust” in the computer world until now has largely depended on the operation of people and organizations, such as trusted companies, trusted administrators, or trusted software. However, TEE shifts the basis of that trust to hardware design based on the laws of physics.
The spread of TEE will contribute significantly to the establishment of “data sovereignty,” where data owners can fully control their own data. While entrusting the operation of infrastructure to cloud providers, it becomes possible to keep the confidentiality of data in one’s own hands.
This is the key to balancing the conflicting demands of relying on centralized platforms while reliably protecting individual privacy and corporate trade secrets.
In the future, with improvements in TEE processing performance and the development of environments that transcend programming language barriers, an era will come where all workloads are executed on TEE by default. As the protection of data in use, the “third encryption” following network and storage, becomes commonplace, the trust foundation of digital society will evolve into something even more robust.
There is no doubt that TEE is not just a type of security technology, but will strengthen its presence as an indispensable infrastructure supporting a secure digital society.