# Confidential Computing Consortium *The Confidential Computing Consortium is a community focused on projects securing data in use and accelerating the adoption of confidential computing through open collaboration.* https://confidentialcomputing.io/ Links: [[Linux Foundation]] - [Webinars](https://confidentialcomputing.io/webinars/) - [Blog](https://confidentialcomputing.io/blog/) The Confidential Computing Consortium (CCC) brings together hardware vendors, cloud providers, and software developers to accelerate the adoption of Trusted Execution Environment (TEE) technologies and standards. CCC is a project community at the [Linux Foundation](http://linuxfoundation.org/) dedicated to defining and accelerating the adoption of confidential computing. It will embody open governance and open collaboration that has aided the success of similarly ambitious efforts. The effort includes commitments from numerous [member organizations](https://confidentialcomputing.io/members/) and contributions from several [open source projects](https://confidentialcomputing.io/projects/). Confidential Computing protects data in use by performing computation in a hardware-based Trusted Execution Environment. These secure and isolated environments prevent unauthorized access or modification of applications and data while in use, thereby increasing the security assurances for organizations that manage sensitive and regulated data. Today, data is often encrypted at rest in storage and in transit across the network, but not while in use in memory. Additionally, the ability to protect data and code while it is in use is limited in conventional computing infrastructure. Organizations that handle sensitive data such as Personally Identifiable Information (PII), financial data, or health information need to mitigate threats that target the confidentiality and integrity of either the application or the data in system memory. ## [White Papers and Reports](https://confidentialcomputing.io/white-papers-reports/) ### [Confidential Computing – The Next Frontier in Data Security](https://confidentialcomputing.io/wp-content/uploads/sites/85/2021/10/Everest_Group_-_Confidential_Computing_-_The_Next_Frontier_in_Data_Security_-_2021-10-19.pdf) (slides, 40) [[2021-10]] ### [A Technical Analysis of Confidential Computing v1.2](https://confidentialcomputing.io/wp-content/uploads/sites/85/2022/01/CCC-A-Technical-Analysis-of-Confidential-Computing-v1.2.pdf) (18 page report) [[2021-10]] ### [Confidential Computing: Hardware-Based Trusted Execution for Applications and Data](https://confidentialcomputing.io/wp-content/uploads/sites/85/2021/03/confidentialcomputing_outreach_whitepaper-8-5x11-1.pdf) (15 page report) [[2021-01]] ## [Webinars](https://confidentialcomputing.io/webinars/) ## [Blog](https://confidentialcomputing.io/blog/) ### [The Confidential Computing Consortium Year in Review, 2021](https://confidentialcomputing.io/2021/10/06/the-confidential-computing-consortium-year-in-review-2021/) [[2021-10-06]] We launched the Consortium with 15 premier and general members, growing to 27 corporate members and 2 non-profits by the end of the first year. While we lost a few members this year as company priorities shift, we have continued to grow to [36 corporate members and 4 non-profits](https://confidentialcomputing.io/members/) over this past year. This year the Consortium welcomed four new projects: - [Keystone](https://keystone-enclave.org/): Keystone is an open-source project for building trusted execution environments (TEE) with secure hardware enclaves, based on the RISC-V architecture. Our goal is to build a secure and trustworthy open-source secure hardware enclave, accessible to everyone in industry and academia. - [Veracruz](https://github.com/veracruz-project/veracruz): Veracruz is a research project exploring the design of privacy-preserving distributed systems.  Veracruz uses strong isolation technology and remote attestation protocols to establish a “neutral ground” within which a collaborative, multi-party computation between a group of mistrusting principals takes place. - [Gramine:](https://grapheneproject.io/) Gramine is a rebranded Graphene project. A particular use case for Gramine is Intel Software Guard Extensions (SGX), where applications do not work out-of-the-box. Gramine solves this problem, with the added security benefits. Gramine can serve as a compatibility layer on other platforms. - [Occlum](https://occlum.io/): Occlum makes running applications inside enclaves easy. It allows one to run unmodified programs inside enclaves with just a few simple commands.