The planned introduction of electronic patient files is a milestone in the digitalisation of the German healthcare system. Patients and doctors will finally be able to manage health data centrally and digitally in cloud environments – a major step forward in terms of efficiency and user-friendliness. However, these opportunities also present major challenges: data protection and the security of sensitive information are becoming more important than ever. Confidential Computing is a pivotal element in meeting these requirements.
EuroCloud Germany has now presented a new white paper ‘Confidential Computing: Secure and Sovereign in the Cloud’ (in German only), which shows in a practical way how companies and organisations can use this key technology to meet data protection requirements, strengthen digital sovereignty and safely drive innovation.
What is confidential computing?
Confidential Computing is an innovative technology that ensures sensitive data remains protected during processing. While data is often stored (data at rest) or transmitted (data in transit) in encrypted form, it is usually unprotected during processing (data in use) and therefore vulnerable to attacks. Confidential Computing addresses this risk by creating so-called enclaves – isolated, encrypted environments within the hardware in which data can be processed securely.
These enclaves use hardware-based security features developed by leading manufacturers. ‘With confidential computing, companies and organisations can protect data even in uncontrolled cloud environments, thus meeting the highest security and compliance requirements,’ explains Prof. Dr. Pohlmann, eco Board Member for IT Security.
What makes it so secure?
The special security of confidential computing is based on several aspects:
- Hardware-based encryption: The data is encrypted within the CPU and is still available in encrypted form outside it, so it remains protected even if the operating system or hypervisor is accessed.
- Trusted Execution Environments (TEE): These trusted execution environments are secured by cryptographic methods and prevent unauthorised access – even by administrators.
- Workload Attestation: Before processing, a cryptographic procedure checks whether the environment has been manipulated and ensures that the enclave remains trusted.
Who is it relevant for?
Confidential Computing offers immense advantages for data-intensive industries that place the highest demands on data protection, security and compliance – even outside the healthcare sector. In the financial sector, for example, the technology enables compliance with regulations such as the Digital Operational Resilience Act (DORA) by securely protecting sensitive customer data and financial transactions. The technology also plays a central role in the public sector, as it allows public authorities to process highly sensitive citizen data while simultaneously meeting the requirements of the NIS2 directive, which strengthens the security of critical infrastructure such as energy, transport and healthcare. In industry and research, the technology enables trusted collaboration between partners by allowing data to be exchanged securely without disclosing trade secrets. Confidential Computing thus creates the basis for innovation, digital transformation and compliance with growing regulatory requirements across all industries.
By ensuring the protection of sensitive information during processing, Confidential Computing creates trust in digital applications – from electronic health records to AI-based industrial analytics. ‘Particularly in Europe, digital sovereignty is a priority,’ says Norbert Pohlmann. ’This technology gives organisations the ability to process data securely without giving up control over it – and thus provides a crucial basis for trustworthy and future-proof digital services.’
The complete German-language white paper is available for free download here!
-
Vorstand für IT-Sicherheit Prof. Dr. Norbert Pohlmann
