Linux Foundation group that could improve privacy of facial biometrics adds members

A new data-security group founded by the Linux Foundation — and a new school of thought on data protection — has won new adherents, including AMD, Nvidia and Accenture.

The expansion could provide facial recognition a new layer of security, potentially mollifying those who oppose the biometric technology.

Monday, the Confidential Computing Consortium said its newest members are Anjuna, Anqlave, Cosmian, iExec, IoTeX, R3 and the three information technology giants mentioned above.

The consortium is a Linux Foundation project pushing an equally recent proposal designed to protect data in use.

Called confidential computing, the idea starts with the fact that security efforts have always targeted data and code at rest (in storage, not being accessed or used) and data that is transiting networks.

Yet, as a Network Computing article points out, data is most vulnerable while in use because it is hardest to protect information and applications in system memory. Software alone has proven inadequate at walling off sensitive data in use, which has dissuaded cautious firms from moving valuable data off their networks.

With a confidential computing strategy, the consortium states, data in use is protected by having computations performed in hardware-based trusted execution environments, referred to as TEEs. Described as secure and isolated environments, TEEs rebuff unauthorized access and modification from external and internal threats while data is in use.

Organization leaders say their strategy maintains a protective stance while still allowing for workload portability — from data centers to the edge to the cloud and back.

Proponents particularly see a role for confidential computing in situations where multiple parties are working with, say personally identifiable information, “without exposing the data or machine learning algorithms to the other party.”

An article in Yahoo Finance describes how facial recognition processes can be executed within a TEE, “where the raw data (people’s faces) and a cross-referencing database of faces can be analyzed and subsequently forgotten after the desired results are obtained.”

Founding members include Alibaba, Baidu, Google Cloud, Huawei, Intel, Microsoft, Oracle, IBM’s Red Hat, Tencent and VMware. Second-tier players who have joined include ByteDance, decentriq, Fortanix, Kindite and Oasis Labs.

Article Topics

biometrics  |  confidential computing  |  data protection  |  facial recognition  |  Linux Foundation  |  trusted execution environment