O'Reilly Media report: Azure Confidential Computing and Zero Trust
We are excited to announce the publication of our first O'Reilly Media report: Azure Confidential Computing and Zero Trust. We felt a need to make it clear to our customers, and the industry as a whole, what confidential computing is, how it relates to the foundational principles of zero trust, what use cases it enables, and the depth and breadth of confidential computing in Azure.
Confidential computing is the processing of data in a hardware based and attested trusted execution environment (TEE). This helps enforce zero-trust principles down to the hardware level in several ways. For example, it supports the principle of enforce least privileged access by ensuring only the software that writes to a memory location may read it or write over it. It also supports the principle of always verify access through the confidential computing requirement of attestation of the TEE. This allows the good state of the TEE hardware and software to be verified before sensitive data is unlocked and available for processing. And finally, it supports the principle of assume breach by removing the cloud provider's host OS and hypervisor from software that must be trusted.
Our report contains several links to industry standards, our ACC case studies, and other reference material. Please take a look and share with your colleagues!
Published on:
Learn moreRelated posts
Announcing latest Azure Cosmos DB Python SDK: Powering the Future of AI with OpenAI
We’re thrilled to announce the stable release of Azure Cosmos DB Python SDK version 4.14.0! This release brings together months of innov...
How Azure CLI handles your tokens and what you might be ignoring
Running az login feels like magic. A browser pops up, you pick an account, and from then on, everything just works. No more passwords, no more...
Boost your Azure Cosmos DB Efficiency with Azure Advisor Insights
Azure Cosmos DB is Microsoft’s globally distributed, multi-model database service, trusted for mission-critical workloads that demand high ava...
Microsoft Azure Fundamentals #5: Complex Error Handling Patterns for High-Volume Microsoft Dataverse Integrations in Azure
🚀 1. Problem Context When integrating Microsoft Dataverse with Azure services (e.g., Azure Service Bus, Azure Functions, Logic Apps, Azure SQ...
Using the Secret Management PowerShell Module with Azure Key Vault and Azure Automation
Automation account credential resources are the easiest way to manage credentials for Azure Automation runbooks. The Secret Management module ...
Microsoft Azure Fundamentals #4: Azure Service Bus Topics and Subscriptions for multi-system CRM workflows in Microsoft Dataverse / Dynamics 365
🚀 1. Scenario Overview In modern enterprise environments, a single business event in Microsoft Dataverse (CRM) can trigger workflows across m...
Easily connect AI workloads to Azure Blob Storage with adlfs
Microsoft works with the fsspec open-source community to enhance adlfs. This update delivers faster file operations and improved reliability f...
Microsoft Azure Fundamentals #3: Maximizing Event-Driven Architecture in Microsoft Power Platform
🧩 1. Overview Event-driven architecture (EDA) transforms how systems communicate.Instead of traditional request–response or batch integration...
Azure Developer CLI (azd) – October 2025
This post announces the October release of the Azure Developer CLI (`azd`). The post Azure Developer CLI (azd) – October 2025 appeared f...
Microsoft Azure Fundamentals #2: Designing Real-Time Bi-Directional Sync Between Dataverse and Azure SQL for Multi-Region Deployments
Here’s a detailed technical breakdown of designing a real-time bi-directional sync between Dataverse and Azure SQL for multi-region deployment...