The planned introduction of electronic patient files (ePA) marks a milestone in the digitalisation of the German healthcare system. Patients and doctors now finally have the opportunity to centrally and digitally manage health data in cloud environments – a significant step forward in terms of efficiency and user-friendliness. However, these opportunities also bring major challenges: data protection and the security of sensitive information are more in focus than ever before. A pivotal element in meeting these requirements is Confidential Computing.
Precisely for this reason, EuroCloud Germany has now presented a new white paper “Confidential Computing: Secure and Sovereign in the Cloud” (which currently is in German only, but will soon also be available in English). This practically demonstrates how companies and organisations can use this key technology to meet data protection requirements, strengthen digital sovereignty and safely drive innovations.
What is Confidential Computing?
Confidential Computing is an innovative technology that ensures sensitive data remains protected during processing. While data is often stored (data at rest) or transmitted (data in transit) in encrypted form, it is typically unprotected during processing (data in use) and therefore vulnerable to attacks. Confidential Computing addresses this risk by creating so-called enclaves – isolated, encrypted environments within the hardware where data can be processed securely.
These enclaves use hardware-based security features developed by leading manufacturers. “With Confidential Computing, companies and organisations can protect data even in uncontrolled cloud environments, thus meeting the highest security and compliance requirements,” explains Prof. Pohlmann, eco Board Member for IT Security.
What makes it so secure?
The special security of Confidential Computing is based on several aspects:
- Hardware-based encryption: The data is encrypted within the Central Processing Unit (CPU) and is still available in encrypted form outside, ensuring protection even if the operating system or hypervisor is accessed.
- Trusted Execution Environments (TEE): These trusted execution environments are secured by cryptographic methods and prevent unauthorised access – even by administrators.
- Workload Attestation: Before processing, a cryptographic procedure checks whether the environment has been manipulated and ensures that the enclave remains trustworthy.
Who is it relevant for?
Confidential Computing offers immense advantages for data-intensive industries that place the highest demands on data protection, security and compliance – even outside the healthcare sector. In the financial sector, for example, the technology enables compliance with regulations such as the Digital Operational Resilience Act (DORA) by securely protecting sensitive customer data and financial transactions. The technology also plays a central role in the public sector, as it allows public authorities to process highly sensitive citizen data while simultaneously meeting the requirements of the NIS2 Directive, which strengthens the security of critical infrastructure such as energy, transport and healthcare. In industry and research, the technology enables trusted collaboration between partners by allowing data to be exchanged securely without disclosing trade secrets. Across all industries, Confidential Computing thus creates the foundation for innovation, digital transformation and compliance with growing regulatory requirements.
By ensuring the protection of sensitive information during processing, Confidential Computing builds trust in digital applications – from electronic health records to AI-based industrial analytics. “Particularly in Europe, digital sovereignty is a priority,” says Norbert Pohlmann. “This technology gives organisations the ability to process data securely without losing control over it – and thus provides a crucial basis for trustworthy and future-proof digital services.”
The complete German-language white paper is available for free download here!
-
Vorstand für IT-Sicherheit Prof. Dr. Norbert Pohlmann
