The concept of confidential computing has been around for years, but the technology is gaining momentum with an introduction into the cloud arena. Google and Microsoft this week both upgraded their confidential computing offerings during the Google Cloud Next and Microsoft Ignite events.

What is confidential computing? It aims to enable data to remain encrypted while in use by performing the computation in hardware-based trusted execution environments (TEE), which can prevent unauthorized modification or access of data and applications in use.

Cloud providers’ confidential computing solutions are built on technologies from chip makers such as Intel’s Software Guard Extension (SGX), AMD Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP), or Arm’s Confidential Compute Architecture (CCA).

Confidential computing has evolved dramatically over the last few years as workloads have grown larger and more complex. Its market size is projected to reach around $8.16 billion by 2027 with a compound annual growth rate of 24.46%, according to a recent report.

Microsoft Azure announced its confidential virtual machines (VMs) in April 2020. Later that year, Google Cloud also introduced its confidential virtual machines as the first product in its confidential computing portfolio, while Amazon Web Services (AWS) announced the general availability of its Nitro Enclaves on top of its basic confidential computing capabilities from its Nitro System.

Those capabilities in general cover two dimensions of confidential computing. In addition to preventing cloud providers from seeing your data, the technology also can provide a secure platform for multiple parties to combine and analyze sensitive data without exposing the data to the other party. This enables use cases such as multi-party computing or federated learning, which can benefit health care, financial, and Web3 organizations.

To this end, Google Cloud announced Confidential Space this week, which provides an isolated and secure space for organizations to perform collaborative tasks such as joint data analysis and machine learning (ML) model training while ensuring private data stays private. Earlier this year, the company launched its Confidential Google Kubernetes Engine (GKE) Nodes.

Microsoft announced this week the general availability of its confidential virtual machine (VM) nodes in Azure Kubernetes Service (AKS) based on 3rd generation AMD EPYC processors with SEV-SNP, and the company claims AKS is the first in the market to use AMD SEV-SNP confidential VMs for memory-encrypted nodes. The company also launched SQL Server and guest attestation features on confidential VMs.

A Microsoft Azure executive noted the company’s confidential computing offerings are in line with its zero-trust policy that helps customers “verify that they’re running on genuine and trusted hardware.”

The technology can offer an additional protection layer for organizations’ sensitive data. These data protection and enclave technologies from chip makers and cloud providers can play into the overall zero-trust strategies.

Intel enhanced its confidential computing services through Project Amber and plans to launch a customer pilot by the end of 2022, aiming to create a new multi-cloud, multi-TEE service for third-party attestation.

“With the introduction of Project Amber, Intel is taking confidential computing to the next level in our commitment to a zero-trust approach to attestation and the verification of compute assets at the network, edge, and in the cloud,” Intel CTO Greg Lavender touted.