O'Reilly Media report: Azure Confidential Computing and Zero Trust
We are excited to announce the publication of our first O'Reilly Media report: Azure Confidential Computing and Zero Trust. We felt a need to make it clear to our customers, and the industry as a whole, what confidential computing is, how it relates to the foundational principles of zero trust, what use cases it enables, and the depth and breadth of confidential computing in Azure.
Confidential computing is the processing of data in a hardware based and attested trusted execution environment (TEE). This helps enforce zero-trust principles down to the hardware level in several ways. For example, it supports the principle of enforce least privileged access by ensuring only the software that writes to a memory location may read it or write over it. It also supports the principle of always verify access through the confidential computing requirement of attestation of the TEE. This allows the good state of the TEE hardware and software to be verified before sensitive data is unlocked and available for processing. And finally, it supports the principle of assume breach by removing the cloud provider's host OS and hypervisor from software that must be trusted.
Our report contains several links to industry standards, our ACC case studies, and other reference material. Please take a look and share with your colleagues!
Published on:
Learn moreRelated posts
Introducing Azure HorizonDB - PostgreSQL
Run enterprise Postgres workloads on Azure HorizonDB with around 3x the throughput of self-managed deployments — zone-resilient by default, no...
Azure DevOps and GitHub: Journeying into the AI Era
AI is changing how software gets planned, built, and reviewed. As teams adopt agentic development, the platform underneath those workflows mat...
Introducing azure-functions-skills: An AI-Era Workspace for Azure Functions (Preview)
azure-functions-skills gives GitHub Copilot CLI, Claude Code, Codex CLI, and VS Code the skills, MCP configuration, hooks, and instructions ne...
Announcing the Public Preview of Integrated Embeddings in Azure Cosmos DB: Build AI Apps With Embeddings That Stay in Sync
AI applications built on Azure Cosmos DB depend on embeddings for grounded results. Keeping them in sync with your data is the hard part: it m...
Introducing OmniVec: An Open-Source Embedding Platform for AI Apps on Azure
Today we are open-sourcing OmniVec, a platform for building and operating the embedding pipelines that keep the vector representation of your ...
Azure Cosmos DB All Versions and Deletes Change Feed Mode is Now Generally Available
Modern applications don’t just write data and move on. They react to it. A new order triggers an inventory update. A profile change sync...
Change Partition Keys in Azure Cosmos DB is Now Generally Available
We’re excited to announce the general availability of Change Partition Key in Azure Cosmos DB for NoSQL, now with online copy support. Y...