Fortanix, a cybersecurity company, is introducing Confidential Data Search, a new technology that incorporates hardware security to database search. This innovation aims to assist organizations in processing highly sensitive data while maintaining its security. By utilizing confidential computing technologies, Fortanix’s solution enables data to be searched within a secure hardware vault.
There are already various encryption schemes and technologies available to protect data both at rest and while in transit between systems. However, confidential computing takes data security to another level by providing layers of hardware protection, ensuring that data remains secure even during processing. This is achieved by storing the data in a secure hardware vault, which can only be unlocked by authorized parties using a specific code. The data is then processed within the vault without ever leaving its secure environment.
Recent advancements in chip technology have made it possible to embed these secure vaults directly into chips. In addition, chip manufacturers have integrated hardware mechanisms called attestation, which guarantee that only authorized parties can access the data stored in the secure vaults.
While homomorphic encryption is a commonly used method for enabling database searches without exposing unencrypted information, Fortanix’s Vice President of Confidential Computing, Richard Searle, suggests that this encryption scheme may not be suitable for all types of searches. According to Searle, complex query requests can make homomorphic encryption search slower and more complicated. To address this issue, Fortanix’s technology allows searches to be performed in plaintext within the confidential computing trusted execution environment. This environment shields the search process from external access, ensuring that the query can be run securely and efficiently.
Searle also notes that many vendors using homomorphic encryption often work with nonstandard hardware, rather than off-the-shelf Intel Xeon CPUs or standard server blades. Fortanix, on the other hand, supports Intel’s Trust Domain Extension (TDX) module, a confidential computing technology that is well-suited for AI applications. This support allows companies to feed diverse information into secure vaults, enhancing their proprietary AI learning models, and ensuring that no information is retained or stolen when third-party data enters or exits the vault.
While Fortanix’s technology shows great potential in the field of confidential computing, it still needs to prove itself in the market. James Sanders, Principal Analyst at CCS Insight, believes that the technology’s value proposition to enterprise buyers is of utmost importance. Fortanix must demonstrate either a significant performance improvement or substantial cost savings to gain a foothold in the market.
Nevertheless, Fortanix is positioned to educate the market about confidential computing, a relatively new concept. Sanders emphasizes the importance of utilizing validated third-party options rather than building custom solutions for cybersecurity, especially in industries like banking and healthcare. By offering a reliable and trusted solution, Fortanix can increase the adoption and utilization of confidential computing technologies.
Fortanix’s technology can be deployed either on-premises or in the cloud using various hardware enablement options, including Intel Secure Guard Extension (SGX) and AMD’s SEV-SNP. The deployment process is made easier with the help of a tool called Data Security Manager, which manages the confidential computing deployment and automates the interface for users.
In conclusion, Fortanix’s Confidential Data Search brings hardware security technology to database search, allowing organizations to process highly sensitive data securely. With the use of confidential computing and secure hardware vaults, Fortanix aims to revolutionize data searching while maintaining the utmost level of data protection. By providing a validated third-party option, Fortanix helps increase the adoption of confidential computing technologies and enlightens the market about their potential benefits.