What is Confidential Computing, and what is a Trusted Execution Environment (TEE)?
Confidential Computing protects data in use by processing it inside a hardware-isolated "secure vault" in the CPU — a Trusted Execution Environment (TEE) — that even the operating system, hypervisor, or cloud provider cannot read into.
* A TEE enclave isolates data inside the CPU; the host can't read in, and attestation gates the client. *
A TEE (e.g. Intel SGX, AMD SEV, ARM TrustZone, AWS Nitro Enclaves) carves out an enclave: a region of memory and execution that is encrypted and isolated by the silicon itself.
The isolation guarantee:
- Code and data inside the enclave are protected from everything outside it — including privileged software like the OS kernel and the cloud host.
- Data is decrypted only inside the enclave, used, and the results re-protected.
Why "total isolation" matters: it lets you run sensitive workloads on infrastructure you don't fully trust (a public cloud) while keeping the host operator out of your data.
Go deeper:
Trusted execution environment (Wikipedia) — enclave internals plus SGX/SEV/TrustZone specifics.
Confidential computing (Wikipedia) — threat model and how it compares to MPC/HE.