Hi, this is Richard Kern, security officer with Intel Corporation, and welcome back to part two of our podcast series on confidential computing. In this part, we're going to discuss some of the best known methods and usages where we can deploy confidential computing and Intel's SGX in particular use cases where customers can really benefit from the technology and our partners' platforms. I suppose for the listener listening in, it's probably got a good grasp of other types of challenges that are out there. I suppose it would be great to try to give some examples.
I mean, Raphael, you mentioned that Kotlin uses cases in the field of cyber security. Can you tell us more about those? In terms of cyber security data, we have three or major types of use cases, and each of these use cases, it's the customer software and powers that the cyber security teams with what we could say augmented cyber intelligence, so the ability to have more knowledge of cyber data than the currently have. And this augmented cyber Intel comes through here, the essential sharing, pulling and computing of confidential cyber security data between different entities within the company or different companies with many partner companies.
And this cyber data can be in security data, it can be indicators of compromise, for example, confidential markers, cyber attack data, and all this data that is worthwhile to the company or security operations centers or to the company's computer emergency response teams. And so the three main cases we see, and we work on with our customers in the industry and in the bank finance sector, first is the confidential sharing of cyber Intel data at Vincent. You have, let's say, you've been attacked by a hacker, you know this hacker signature, you know, you've built an indicator of compromise, meaning all the IP addresses and the URLs that have been used by this hacker. And you're interested for your partners to be able to be resistant to this hacker, but you cannot share this IOC because maybe you get it through a certain way, you don't want to share it in clear first because it's confidential for your company.
And second, if you provide it in clear, it may end up in the hands of the hacker itself. So here we built the ability for this confidential IOC, this confidential markers to be shared between the cyber security agency and companies or between the company and suppliers, for example, and being able then to do detection mechanisms in the recipients, in the data consumer side, where you're able to run your detection mechanisms on the confidential IOC and confidential matters. So that's the first use case. The second use case is how we can actually collectively build augmented intelligence out of cyber security data.
So for example, we have two banks which are interested to share cyber Intel data, to be able to derive intersection data, correlation data between the attacks. And so that they can be more reactive to hacking in their systems. And here we provide the ability for this confidential data of the two banks to be shared, so that computing can happen over this virtual pool of cyber security data. And the security data is not seen by each of the bank, but the result comes out in clear to each bank.
And the third use case, and a big quick on this one, which is how you can actually create a virtual sandbox of cyber security data, logs, system logs, network logs, and data being confidential. And now companies and artificial intelligence companies focus on cyber security, machine learning teams, to be able to build models based on confidential cyber security data. And that's the reason for the freedom usage that we have. That's very interesting.
Because I think we have as well, I think we're looking at some of the size in the US on anti-malid laundering or fraud analytics where the banks can actually share, because I'm sure these guys who create fraud don't actually engage in one particular type of bank, they work across the various different financial institutions. And I think as long as the banks can work together without actually compromising any of their own particular data and look for markers, they can do that through analytics. They can actually protect it using SGX and allow that to happen. But pass.
I mean, you're getting a global reach now. I'm sure you've got lots of customers that you can talk about potentially mention here that you've worked with and solved some business problems, similar to what Rafael or myself was actually talking about. Yeah, yeah. That's true.
And I think if we sort of separate into these areas that we were discussing, the regained control of your security environment, the extension cloud, and the confidential computing piece, we've got customers in all of these areas. I think the fact that we were early in runtime encryption, and obviously that being the foundational piece for confidential computing has meant that we've been able to work with customers to solve these leading edge problems. So for example, we've got a number of very large banks and financial services companies with global deployments, in some cases of our self-defending KMS, some cases of our runtime encryption, some cases of the hybrid environments of both. And maybe I could just mention a couple of examples.
So one would be standard charter bank, one of the largest banks in the world. And what we've done with them is what we would call enterprise encryption as a service using our self-defending KMS as an umbrella for all of the other encryption and other things that they have underneath all the HSMs and data lakes and all the other pieces. We can provide an umbrella encryption service for all that stuff and a single pane of glass to manage it all, everything from HSMs to all the other pieces. And we provide, because we use the enclave as our repository in our self-defending KMS, we have full HSM capability.
So we can be a KMS and an HSM as well as secrets and tokens. So that's what we do for them. And we're deployed in multiple data centers and dozens of our appliances which run SGX and run our software. The second one might be another large financial services company that a lot of people might know would be Vanguard.
And what we do with Vanguard is help them manage more than 2,000 databases. And we do this with a transparent data encryption capability of encrypting those databases and all their capabilities on a global basis with millions of keys flying around and changing hands. And then maybe a third one that would be interesting for everybody is something that's been publicized before our partnership with PayPal. So PayPal had a desire to extend into the cloud.
They wanted to move workloads into a public cloud. They chose Google as their infrastructure as a service partner and they wanted to use the encryption native to Google Cloud. However, they needed for governance and for compliance reasons to always maintain control of their keys. So what we did was we built them an off cloud service with our self-defending KMS that acts as a master key manager and HSM and plugs directly into the cloud KMS that the Google has provided.
We just basically connect to their APIs and create something called EKM or enterprise key management that then gives PayPal the ability to move hundreds of millions of keys around essentially simultaneously taking care of all of their transactions and allowing them to have the best of both worlds, this extension into cloud and use of the infrastructure as a service, all the burst ability and everything else while always maintaining control of their keys. Even though it's our product and the service we develop, we have no access to it at all. So they're completely running and managing all their own stuff. It just seems that this is not how it is actually happening today.
We didn't actually mention blockchain. But usually blockchain comes up with these types of things as well. Christian, you did something around confidential computing with blockchain and what are you guys doing? Sure.
So as you may know, many of our team members, including me, are involved in the emerging blockchain industry for many years since 2013. And when we talk about blockchain, the role of incentivization and data monetization comes up. And I just like this because blockchain technology allows immutable and transparent transfer of value. And that's a very important topic, especially when it comes to open platform product, Madana platform.
So Madana actually stands for markets for data analysis. And when we started in 2017 after the pivot, we had the vision to build a decentralized pool of information. So at Madana, everything is about analyzed data. And this is what we call in data analysis result or kind of insights.
The special thing is with blockchain, you're scalable, you're immutable and transparent. And all of these things led us to large one of the view crypto currencies that have ever been issued under German law that was very speckled thing in 2018. And however, in the blockchain space, there is a high demand for confidential computing solutions. Many companies trying to combine off-chain and on-chain computations, but blockchain protocols are more seen as we're registering different transaction data and so on.
And we are right now also in the conversations where we have two of the leading public blockchain protocols to implement some of our solutions and to build a kind of decentralized use cases. We call this DEDEX, like decentralized data analysis exchanges. This is more about decentralized ways to monetize data. But with our Madana core module kind of off-chain in the middle to have some GDPR-complined way to do so.
Yeah. Right. Right. Interesting.
And I suppose really when you think about it, no technology can stay still. You know, we're only one step ahead sometimes of some of these hackers or people involved in malware, different types of actors in the market today. And I suppose that was borne out by, I think, the listener would like to know that last August, we formulated in the industry based on the demand and based on moving from hype to reality company compute consortium, which is made up of some of the well-known household names such as, you know, Microsoft, Google, and IBM, and also we had Swisscom in Europe. We had in China, we had Alibaba, and Baidu all looking because I think they saw that the need to not only understand the premise of hardware-based security, but to build out new usage models associated with that.
And then we could solve for TANX actually joining the consortium and being an active member in that as well. So it doesn't stand still. I think we're going to see further developments by a collaboration in the industry to ensure that we help improve upon what we have as an industry to try to meet some of the demands that the customer is moving forward. So and then, of course, as we say, as Raphael, you're saying that everything is funded on trust, but you're working on some of the things as well around cryptography.
Are you with Cosmin? Yes, just to mention, a question is also a member of the Continental Co-winning consortium. Fantastic. The consortium has a role in one of the challenges that is facing our ecosystem, which is making it aware that these technologies and these capabilities exist because actually when you approach IT departments, the level of awareness that their technologies, their techniques, cryptographic techniques, their conventional co-cleaning, exist to tackle the data security and privacy.
The level of awareness is still low, unfortunately, so I think what we do collectively and the consortium is really good in trying to push awareness and making it known that this exists. And so, yes, to your question, for Cosmin, we already combine different techniques. And as well as we have in-house in the company, like the cryptographers who are working on the different advanced cryptographic techniques and also collaborate with their cryptography research largely in Europe and to develop our products based on the state of the old cryptography. And so, in addition to the cross-existing environment, to the six-hand-clade, but in case GX, the customer and social products also leverage pre-cryptographic techniques, homomorphic encryption, functional encryption, and security parts computation and just to be a quick word on each of them.
So homomorphic encryption allows to encrypt the data, to send the data encrypted, to get the computation over the encrypted data without seeing the data and then return an encrypted result. Functional encryption is different than it's a different data topology that it applies to, which is you can send encrypted data to a party and instead of giving a way to compute and on it, you give a compute key, basically, that will allow this party to get the result of the computation directly. So, the final result of the completion is in KX, but the underlying data really isn't encrypted. And the security much participation is the technique, these four situations where even encrypted, the data should not come out of where it is, and so let's say we have three banks who want to work together on a scenario of a risk analysis or three healthcare companies which want to do a correlation analysis on a health treatment, the data doesn't need to relieve where it is and you just put a computation nodes between them that will not get the data out, that will just exchange encrypted intermediate results between the companies and reveal just the final results, whether it's a model, whether it's a scoring risk or that.
So we combine, basically, the confidential computing in KX techniques together with these three encryption techniques, because what we see is that there is no one-size-fits-all approach which can cover all the use cases with different data approaches, with different workload approaches, and so we combine those techniques to be able to address the different use cases of our customers. Right. I'm happy you're working on some new things as well that we're trying to turn to. Actually, I wanted to follow up on something that Rafael was talking about a second ago, because I think this whole concept of multi-party computation, multi-party analytics, federated machine learning, these are all facets of the same problem, which is different parties needing to get data into some type of a place where analytics can be done on it, whether they're complex analytics, things like TensorFlow or some other types of tools like that, or whether they're even more rudimentary data combinations, sort of SIF or whatever.
There are some very important problems being solved out or that need to be solved for customers today. And Rafael mentioned some of them, but things like Genomics, we're working with a number of pharmaceutical and biomedical research companies that need to take data that is encrypted, bring it into an enclave, and then run it using a lot of this kind of analytics. So what we're doing is with those kinds of things and financial services, fraud detection, and anti-money laundering, where banks and other financial services companies can provide this data fully secured into an enclave where the analytics are done by some type of a central entity. You know, we're actually using both parts of our product line for this.
For example, we're putting enclaves out of the edge so that local analytics can be done, and then the resulting data sent in, we're encrypting the data at rest, we're encrypting the data in motion through those tunnels, we're managing the keys for all that with our self-defending KMS. Those tunnels are then terminating inside the enclave where the analytics application is running. And so we're able to help these kinds of companies, these kinds of organizations and whatnot with their challenges, and the challenges are getting that data in there without compromising the data or the owners of the data, and then making sure that the analytics can be done on it and that no bad guys can steal the data anywhere along the path, nor can they see what's going on inside the enclave where the analytics are being run. And we think this is a very, very important use case out in the marketplace today for health care, financial services, security, and some of these other areas.
So we're completely in line with that thinking. Yeah, I suppose I was really going to get to it now, I think, you know, Rafael said something very important there about awareness. You know, you're all part of the consortium and also the companies compute consortium, but also the Intel Builders program, but if our listeners out there listening to this podcast, I mean, how are they going to get more information on this, how can they reach out to you or what would be if they were saying, this is really interesting, I thought it was hype or I'm hearing about this buzzword, but I'm seeing now it's actually real, it's something that's happening in the industry today and I'm not part of it, how do I get engaged with you guys? So I started, so basically, the best way to contact us through our website or contact me on the other leading Rafael Ophun or Twitter, Rafael Ophun also.
So yes, you can reach us through our website as a contact form and we'll be able to engage on your specific use case, whether it's when we focus on the industry, energy, transport, industrial use cases, we are also in financial services and also healthcare, so if you are in those industries, we welcome the discussion. Okay, Christian. It's very interesting to see that all of us are in the healthcare and BFSI industry. It's the same for us who are also like platform models for insurance companies, as add-ons for digital health records or for banks, kind of platform models with modern accord and so it's very interesting that we use confidential computing in a similar way, also in actual computing systems.
Good. I would definitely join us, Rafael, to say, contact us via LinkedIn, Twitter or of course through the website. There's also an info email just like us and I'm happy to hear from many of you. Very good.
And for Phoenix? Yeah, people can reach us via our website, obviously, Fortanix.com, everybody who's listening to this, you're welcome to reach out to me directly, that would be patrick.comt, c-o-n-t-e, at Fortanix.com and I'll be happy to direct your inquiry wherever it goes. So I'm going to leave you now and I'll leave you with three experts to continue to talk about how to solve all the world's problems and privacy. But if you had just one line to say to the listener today, what would it be?
Just ask all three of you before I leave the room. Yeah, maybe I'll start. So this is Rafael from Questman, basically not only with these new techniques, confidential computing and cryptography techniques, you can actually add better security levels to what you already do. That's true, but you can also open to the new use cases, and that opens up many uses where you can leverage the power and the value of that data.
Got it, open new cases and new use cases and improve your security. Question? Yeah, question. So I would say educate yourself about privacy-preserving computation, confidential computing about new techniques.
Take also some risks, but educate yourself. What I felt in the last two years was that many decision-makers kind of feared about new technologies and about new upcoming laws, but don't fear and just educate yourself and be open for new technologies because the market has to emerge itself and go further. That's what we do. Thank you for that.
Educate. Take more risk. I would say, don't be afraid. Don't be afraid to invoke confidential computing on-collaves, technologies that are built on top of this.
It's been proven in the marketplace today. I think all three of us that are on this call have solutions that we can bring to bear. I know that we've got dozens of enterprise customers, some of the ones that I mentioned earlier, but also many others, Google, Nest, and, you know, different Adidas and other companies in different areas, and, you know, we've seen a lot of different scenarios, and so the solutions can be applied to your, you know, your confidential computing and your cybersecurity challenges. So, you know, don't be afraid.
Good. And if you want to hear more about Intel SGX, you can just get into Intel.com slash SGX for all of the information usage, and more about Madonna, Cosmian, and Fortanix. But also, if you want to get in touch with me, it's current underscore Richard, and it's my Twitter. So, but, you know, just reach out to us and Intel as well.
Listen guys, I've got to go. I'll leave you to it. You can continue to chat about whatever you were before I came into the room, but I really want to say goodbye, and thanks very much, and we should talk again soon maybe about some more new implementations and how the industry is probably maturing, as this has been embraced by really all of the leaders in the industry. Thanks, guys.
Thanks. Take care. Bye. Thanks.
Again. Bye. Bye. Bye.
I've got to please. Bye. Bye. Hey.
Bye. Bye. Bye. Bye.
Yeah. Bye. Bye. See you.
Bye. Bye. See you. Let's go.
Bye. Thanks. Bye. Bye.
Bye. Bye. Bye.