Glossary term
Confidential Computing
Also: Trusted Execution Environment, TEE
Hardware-based isolation that keeps data encrypted during processing (data-in-use). Complements encryption at rest and in transit. Technologies: Intel SGX, Intel TDX, AMD SEV-SNP, ARM CCA, Nvidia H100 Confidential Computing.
Use cases: multi-party computation (joint analysis without disclosure), protection from privileged cloud operators, regulated ML training workflows, key management.
Cloud offerings 2025-2026: Azure Confidential Computing (DCsv3, ECsv5), AWS Nitro Enclaves + Confidential AMD-SEV, Google Confidential GKE Nodes, OCI Confidential VMs. Full Confidential VM capability, not just enclave.
Relevant for DORA/NIS2 use cases where US CLOUD Act exposure should be reduced. Confidential Computing is a technical safeguard in the TIA sense; it does not replace contractual and legal review.
Related terms
Sovereign cloud
A cloud deployment model that guarantees operational, legal and technical control of data and worklo…
Schrems II
CJEU ruling of 16 July 2020 that invalidated the EU-US Privacy Shield and only allowed Standard Cont…
BYOK / HYOK (Bring/Hold Your Own Key)
Schlüssel-Management-Modelle in Cloud-Umgebungen: BYOK bedeutet, der Kunde bringt seinen eigenen Sch…
CASB
Security layer between users and SaaS providing visibility (shadow IT discovery), data protection (D…
CNAPP
Gartner platform category that combines CSPM, CWPP, CIEM, KSPM, DSPM and IaC scanning into one tool.…
Compliance mapping
The explicit link between a decision (vendor, architecture, control) and the specific regulatory art…
Critical ICT Third-Party Provider (CTPP)
ICT third-party provider designated critical by the European Commission under DORA Art. 31, falling …
CSPM
Software category for continuous review of cloud configurations against security benchmarks (CIS, NI…