Intel SGX and Fortanix Confidential Computing Enclave Manager were leveraged by NEC to create a confidential computing system to more securely share, analyze and manage customer data, while also facilitating better collaboration with partners. (Credit: NEC)

What’s New: NEC, a multinational information technology and electronics company, is using Intel® Software Guard Extensions (Intel® SGX) and Fortanix® Confidential Computing Enclave Manager to build a confidential computing system that will more securely share, analyze and manage partner and customer data. This new system will facilitate better collaboration with partners on new technology initiatives, including privacy-preserving analytics in the retail, hospitality and government industries.

“Using Fortanix Confidential Computing Enclave Manager, NEC is able to create new business opportunities by combining sensitive data and performing analytics, all while preserving the privacy of both the underlying data and the intellectual property contained in the analytics algorithm. Fortanix, an early pioneer in using Intel SGX, allows customers to quickly create new confidential computing applications and secure data in use, helping NEC to create valuable business insights that weren’t possible without Fortanix and Intel. The Fortanix technology works without requiring any modification to existing applications and provides enterprise-grade management of the Intel SGX enclaves.” –Ambuj Kumar, CEO and co-founder, Fortanix

Why It Matters: Intel SGX delivers hardware-based memory encryption that is designed to isolate specific application code and data in memory. NEC can use these private regions of memory, called enclaves (or Trusted Execution Environments or TEEs) to increase the security of application code and data on each server, including when running in public cloud. These enclaves are designed to be isolated from the rest of the environment allowing data to be better protected at the processor microarchitectural level. When information is transmitted between server nodes (from contributing partners), it is encrypted and can only be decoded once inside the enclave, in a central hub. Finally, all applications running in an enclave are verified and signed by all data suppliers, which helps protect against malicious functions hidden in application code.

NEC is specifically creating a trusted computing environment to combine customer data from multiple vendors, perform analysis and generate business insights, all while helping protect the privacy and confidentiality of the customer data from all parties. In all of these cases, the ability to establish a trusted computing environment is critical to giving both customers and businesses the confidence to perform privacy-preserving analytics.

“NEC is developing an innovative confidential computing system that will enable multiple companies to share and analyze customer data more securely across the industrial boundaries, creating value for both companies and their customers,” said Shinji Abe, executive director for Technology, NEC. “We chose Fortanix Enclave Manager using Intel Ice Lake servers to run our applications because the solution enables us to encrypt data while in use, provide precise access controls for the analytics data, and help protect the privacy of companies’ and customers’ information.”