We're pleased to announce that Profian has joined the Confidential Computing Consortium.
Two years ago, the Linux Foundation formed the Confidential Computing Consortium, a community dedicated to defining and accelerating the adoption of Confidential Computing. Jim Zemlin, executive director at the Linux Foundation, highlighted the importance of bringing together different entities to reach these common goals:
Every time that you have a major initiative to advance technology as complicated as this, the industry realizes that it takes a whole ecosystem. You need hardware vendors working together with software vendors working with cloud providers working with academics to accelerate something like this... The key here is that you have a broad set of stakeholders across the different components in the technical supply chain coming together. Essentially, the end goal is to enable better data security by protecting that data in use. To do that, you need to make the technology that you use to create those environments accessible, well understood, and built in a standardized way, and that’s why it’s really important for the whole industry to come together like this.
One of the very first projects that was donated to this newly formed organization was the Enarx project, led by Mike Bursell and Nathaniel McCallum, who at the time were working at Red Hat, and who went on to found Profian in 2021.
Mike and Nathaniel have been part of the Confidential Computing Consortium since its very inception, so it's only natural for Profian to join this organization. Mike and Nathaniel also fundamentally share the same sentiment eloquently expressed by Jim and equally shared by other members of this community: of the utmost importance of coming together to make Confidential Computing accessible, well understood, and built in a standardized way.
Making Confidential Computing accessible is a challenge because the technology is evolving rapidly and involves complex concepts, from attestation to cryptography, and is being made available across a wide range of architectures (from Intel's SGX and TDX, AMD's SEV, Arm's Realms, to IBM's PEF). Mike and Nathaniel built Enarx to be simple, abstracting away complex concepts and supporting multiple architectures transparently so that users don't have to worry about these. To make this technology even more accessible and secure, they've also decided to make Enarx open source.
Additionally, making Confidential Computing well understood means reaching a clear definition of what actually constitutes Confidential Computing together with the community - this is not something that will be defined by a single company. Fundamentally, defining Confidential Computing is about providing users of this technology the ultimate level of trust and assurance, without compromises. Among the risks of getting the definition wrong are limiting the true potential of the technology and misleading users into believing that their data is fully protected, when in fact it's not.
And finally, making Confidential Computing built in a standardized way will require working together with several organizations to develop common protocols and standards. Enarx offers a run-time "Keep", running in a TEE instance and based on WebAssembly, an open standard that was designed by the W3C (World Wide Web Consortium) and on which the Bytecode Alliance builds. The Confidential Computing Consortium also collaborates with standards organizations like the IETF (Internet Engineering Task Force) and the IEEE (Institute of Electrical and Electronics Engineers).
Profian believes that working together with the Linux Foundation and other organizations to make Confidential Computing accessible, well understood, and built in a standardized way is not only important, but key to bringing cryptographic proof and verifiable trust to general computing. By joining the Confidential Computing Consortium, it reaffirms its commitment to advance this technology that will have a major impact across all industries.