Microsoft has been a pioneer in bringing new confidential computing technology to market. As we have been talking to customers,we have identified customer challenges with scenarios that require a combination of multi-party governance, integrity protection, and programmable confidentiality, even in the face of datacenter or host operator compromise.
The framework design decouples node provisioning and operation from network and application governance, making it possible for the solution providerto maintain the set of nodes executing the transactions, without having any access to their contents. Network governance on the other hand, for example, deciding what code to execute, is entirely driven by a consortium, is rule-based, and is programmable and auditable to all participants through an immutable verifiable history. In addition, the immutable history is produced by and resides on the network to support non-repudiation and transparency of participant transactions, through the emission of offline-verifiable receipts.
Examples that customers have shared with us where an Azure managed service can be useful include:
A consortium of banks wanting to share reference data about securities to understand if they are within market consensus. To form an accurate market view, the individual data points must come from authenticated participants without revealing the contents of the submissions and on aggregating correctly.
A payment provider can run payment data through regulator-provided fraud-detection algorithms, which can flag a transaction but not reveal personaldata. Then, an independent authority can audit and confirm the accuracy of the fraud detection algorithm for flagged payments while protecting user privacy.
One or more software publishers can submit their Software Bill of Materials (SBOMs) to a service that provides receipts that guarantee their provenance, total ordering, immutability and compliance with registration policies. The end users benefit from transparency over the published software by checking offline-verifiable receipts without needing access to the service.
To express your interest in the preview, please complete the sign-up form.
Learn more about the open-source framework on thenewCCF website.
Read about the evolution of Confidential Consortium Framework and its products via this blog.