We need a Let’s Encrypt movement for Confidential Computing
The importance of protecting data in use
- Track: Confidential Computing devroom
- Room: K.4.601
- Day: Sunday
- Start: 13:10
- End: 13:30
- Video only: k4601
- Chat: Join the conversation!
Most CISOs and a great majority of developers are not aware of the importance of encrypting data in use (the core idea behind Confidential Computing). Confidential Computing is evolving rapidly and is starting to gain adoption by CSPs, but user adoption is still slow. But what if encrypting data in use became the default way to deploy applications, both in the Cloud and even on premises? In this session, we’ll discuss what are the main roadblocks towards this vision, what we can do about it, and what are the main implications if encrypting data in use becomes the norm.
There are three states in which data can be protected: at rest, in transit, and in use. Encrypting data at rest (e.g. files, objects, storage) and in transit (e.g. TLS, HTTPS) have become a common practice, while encrypting data in use (the core idea behind Confidential Computing) is still an emerging concern.
But while a common practice today, encrypting data in transit only gained wide adoption with the Let’s Encrypt movement, which was fundamental in changing the general mindset from “encryption is only important for e-commerce and banking applications” to “let’s encrypt everything by default, no matter what’s the application”. Confidential Computing is just starting to emerge, and most use cases are restricted to sectors like healthcare and banking, which require greater assurances that their sensitive code and data are protected.
We will look back at the Let's Encrypt project, which started 10 years, to understand why this movement was so successful and how we can replicate this success for encrypting data in use. Our hope is to make encrypting data in use the default way for deploying applications, which will fundamentally change the security approach that exists today.
Speakers
Patrick Uiterwijk | |
Nick Vidal |