Google Cloud launches Confidential Space to improve joint data analysis and ML model training

Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and gain efficiencies by improving and scaling citizen developers. look now.


Today at Google Cloud Next, Google Cloud unveiled Confidential Space, designed to foster collaboration using sensitive or regulated data securely across teams, organizations and borders.

Confidential Space is another offering in its confidential computing portfolio. The new functionality is designed to enable organizations to perform tasks such as conjoint data analysis and machine learning (ML) model training with confidence guarantees that the data they own can remain protected from their partners, including their cloud service provider.

The impetus was “business partnerships in many industries are subject to rules and requirements that prevent them from sharing sensitive data,” wrote Rene Kolga, product manager at Google Cloud, and Nelly Porter, product manager at Google Cloud. group at Google Cloud, in a press release shared with Venture Beat. “Organizations also recognize that collaboration can accelerate innovation, but meaningful collaboration can be limited or even prevented by the need to protect intellectual property or regulated data.”

[Follow VentureBeat’s ongoing Google Cloud Next 2022 coverage »]

At the same time, companies need to collaborate across internal business silos, with external organizations, and across geographies, while aggregating and enriching common data sets in a secure and reliable way, Kolga and Porter wrote. .

Confidential Space is designed to help ease tensions between data sharing and regulatory requirements by encouraging collaboration while maintaining data privacy, Google Cloud claims.

Data contributors retain control of their data

Built on a confidential computing foundation and leveraging remote attestation, Confidential Space runs workloads in a secure execution environment (TEE), according to Google Cloud. With the enhanced version of Container-Optimized OS (COS), data contributors can control how their data is used and what workloads are allowed to act on it.

The workload operator and cloud provider are in no way able to influence the workload using Confidential Space, according to the company.

How the Confidential Area can be used

With Confidential Space, organizations can aggregate and analyze sensitive data such as personally identifiable information (PII), protected health information (PHI), intellectual property and cryptographic secrets, while maintaining full control over them . The idea is that collaboration leads to innovation, better customer service and the development of transformational technologies, says Google Cloud.

For example, financial institutions, such as banks and insurance agencies, need to collaborate to identify fraud or detect money laundering activity in their common customer data sets. Confidential Space is designed to make this type of data sharing possible even though the data is very sensitive, regulatory requirements are strict, and these organizations often compete.

Confidential Space was designed to ensure data is only used for fraud detection while keeping business and confidential information private to the data owner, the company explained.

In industries like healthcare, the technology is designed to help companies accelerate pharmaceutical product development and improve diagnostics using machine learning (ML), without compromising patient data or risking failure. violate international data privacy laws.

Web3 businesses can use Confidential Space to conduct secure and instant transactions in digital assets, according to Google Cloud. Leveraging Multi-Party Computing (MPC), distributed workers can participate in an auditable sign-off process. Confidential Space’s verifiable attestation can help ensure that all collaborators approve securely without ever exposing their private signing keys to other parties, including the platform operator.

Confidential Space joins Google Cloud’s growing portfolio of products using confidential computing. Earlier this year, the company launched Confidential Google Kubernetes Engine (GKE) nodes into general availability and extended the flexibility of Confidential VMs to new instance types. Additionally, Google Cloud Security and Google Project Zero have partnered with AMD’s product and firmware security teams for an in-depth security audit of the AMD technology that powers confidential computing.

By default, Google Cloud keeps all data encrypted, both in transit between customers and its data centers and at rest, the company said. Confidential computing is designed to extend data privacy by protecting the privacy of a company’s data and keeping it encrypted even while it is in process.

VentureBeat’s mission is to be a digital public square for technical decision makers to learn about transformative enterprise technology and conduct transactions. Discover our Briefings.