기밀 컴퓨팅 (Confidential Computing)
처리 중인 데이터 보호.
Beyond storage (at rest) and networking (in transit), Confidential Computing encrypts memory while code is running. Using secure enclaves (Intel SGX, AMD SEV), it isolates sensitive data even from the cloud provider. Remote attestation allows users to verify hardware integrity before processing. In 2026, it is the standard for Confidential AI on H100 GPUs.
graph LR
Center["기밀 컴퓨팅 (Confidential Computing)"]:::main
Pre_computer_architecture["computer-architecture"]:::pre --> Center
click Pre_computer_architecture "/terms/computer-architecture"
Pre_cryptography["cryptography"]:::pre --> Center
click Pre_cryptography "/terms/cryptography"
Rel_homomorphic_encryption["homomorphic-encryption"]:::related -.-> Center
click Rel_homomorphic_encryption "/terms/homomorphic-encryption"
Rel_secure_multi_party_computation_smpc["secure-multi-party-computation-smpc"]:::related -.-> Center
click Rel_secure_multi_party_computation_smpc "/terms/secure-multi-party-computation-smpc"
Rel_cybersecurity["cybersecurity"]:::related -.-> Center
click Rel_cybersecurity "/terms/cybersecurity"
classDef main fill:#7c3aed,stroke:#8b5cf6,stroke-width:2px,color:white,font-weight:bold,rx:5,ry:5;
classDef pre fill:#0f172a,stroke:#3b82f6,color:#94a3b8,rx:5,ry:5;
classDef child fill:#0f172a,stroke:#10b981,color:#94a3b8,rx:5,ry:5;
classDef related fill:#0f172a,stroke:#8b5cf6,stroke-dasharray: 5 5,color:#94a3b8,rx:5,ry:5;
linkStyle default stroke:#4b5563,stroke-width:2px;
🧒 5살도 이해할 수 있게 설명
컴퓨터가 작업을 하는 동안에도 아무도 데이터를 훔쳐볼 수 없도록, 하드웨어 안에 아주 튼튼한 금고를 만들어서 처리하는 것입니다.
🤓 Expert Deep Dive
Three pillars: Isolation, Encryption, and Attestation. CPU-based MEE (Memory Encryption Engines) protect against physical RAM probing. Attestation quotes verified against manufacturer roots of trust ensure logic hasn't been tampered with. The focus has moved from application enclaves (SGX) to full VM isolation (TDX/SEV-SNP).