The Why and How of Confidential Computing

July 06, 2021

By: Emily Bowe, Software Engineering Intern at R3


R3 recently launched Conclave, a new confidential computing platform that allows multi-party data to be pooled privately and securely.

The Data Lifecycle

When it comes to data protection and the data lifecycle, there are three states:

    1.   Data at rest (currently protected by full disk/file encryption)
    2.   Data in transit (currently protected by transport layer security)
    3.   Data in use (now being protected by zero knowledge proofs, multi-party computation and confidential computing)

For years, cloud providers have offered encryption services for protecting data at rest (in storage and databases) and data in transit (moving over a network connection). However, it wasn’t until confidential computing was created that there was a solution for protecting data in use (during processing or runtime).

Intel® SGX

Intel® SGX, the technology behind Conclave, protects data in use using secure enclaves or Trusted Execution Environments (TEEs). It was initially only applied in hardware in the CPU. However with the increasing adoption of cloud computing, the need for this protection to be available on the cloud became more urgent. This is especially true for more sensitive workloads. It was with this awareness the industry realized it needed a name for the conceptand confidential computing was chosen.

With SGX, you can prove exactly how the data will be used. The content of the enclave—the data being processed and the techniques used to process it—are accessible only to the parties submitting the information and invisible to anything or anyone else, including the cloud provider. 

Conclave

SGX addresses the problem of how to protect data in use, but what does Conclave add to the mix? The key problem that Conclave addresses is the fact that implementing and using these technologies usually requires a deep understanding of data security in order to prevent side channel exposure, data leaks, holes in your implementation and other problems. Conclave makes it very easy to develop protected applications without having to hire data security specialists. 

There are other solutions in the market that seek to address this problem. One solution, known as “Lift and Shift,” involves taking a virtual machine and running it in the protected environment. However, when you access the data it will be vulnerable. Therefore, you have to compromise between protection and the need for access. 

Another solution is to develop a custom application or modify your existing application to separate the most important parts of the data and put them into the enclave. The problem with this is that it is very complex. You would need to do it in C++, go through lots of documentation and have a deep understanding of data security. 

In contrast to the above, Conclave provides deep protection in a JVM so you can build in Java, Kotlin or JavaScript. This offers a solution that will be secure and easier to use for the developer. 

By leveraging confidential computing, you will be able to provide technical assurances/cryptographic proof that you are running a real SGX-protected enclave (also known as attestation). With these assurances in hand, you won’t need to rely on a firm’s reputation to determine whether or not you can trust them with your data, as you will have technical attestation of how it is being used. The ability to prove how your data will be processed is making it possible for businesses to collaborate and share more sensitive datasets. 

How ClaimShare leverages the power of Conclave

As discussed, Conclave allows the pooling of sensitive data in a secure, invisible manner. This means companies can pool data together and run mutually beneficial algorithms and processes without exposing customer information or trade secrets to the other parties involved.

One application where this could be useful is in detecting multi-party insurance fraud. This could involve an item being purchased and then insured with multiple companies. The below example is from Richard Gendal Brown, R3’s CTO:

“Say a car is bought for $10,000. The car is then insured at a cost of $500. This insurance will net a compensation of $8,000 in the event the car is written off in an accident. Now more policies are taken out, until we have 10 policies on the same car all with different insurers. 10 policies x $500 = 5,000 + the price of the car = $15,000. Now we crash the car and start claiming all of those policies, 10 x 8,000 = $80,000.” 

This fraud is difficult for insurers to detect because there is no centralized insurance claims database. However, with confidential computing, this type of sensitive data can be pooled in a protected area, processed by verifiable algorithms, and only the fraudulent claims will be highlighted (all other claims will be kept private, even to those running the algorithm). Through collaboration with KPMG, IntellectEU used Conclave to develop ClaimShare, a solution designed to address the problem of duplicate claims in the insurance space. 

Want to learn more?

Here are some helpful resources to learn more about Conclave and Confidential Computing.