Data-in-use encryption has been a long standing open problem for decades. In contrast to data-in-rest encryption, data-in-use encryption guarantees that data remains fully encrypted throughout the runtime, that is while querying, reading or writing into the database. In this talk, we show how data-in-use encryption can be easily realized leveraging confidential compute. The nice thing is, no changes to the code base and devops process are required.
Speakers: Moritz Eckert