Google are happy to announce that Confidential Space is Generally Available. Confidential Space builds on our Confidential Computing portfolio. It provides a secure enclave, also known as a Trusted Execution Environment (TEE), that our Google Cloud customers can leverage for privacy-focused use cases such as joint data analysis and machine learning (ML) model training. Importantly, Confidential Space is designed to protect data from all parties involved — including hardened protection against cloud service provider access. 

Back in October 2022, Google previewed secure multi-party collaboration with Confidential Space. Google have since worked diligently to enhance functionality working with multiple customers across a variety of industry verticals. During the preview cycle, our collaborators worked hard ironing out their applications for Google Cloud’s TEE. We also made sure to pass rigorous external security reviews. 

Privacy preserving collaboration

TEEs such as Confidential Space are already in use across industries such as digital advertising. Today online advertisers rely heavily on third party cookies to accomplish essential tasks such as targeting ads based on a user’s interests and measure the effectiveness of their campaigns. As third-party cookies are being deprecated, Google remain focussed on developing privacy-preserving alternatives to third-party cookies and other forms of cross-site tracking. Google’s Privacy Sandbox is a set of initiatives that aim to replace third-party cookies with more privacy-friendly alternatives. Among the initiatives, Protected Audience is one of the key proposals to use Confidential Space as a supported TEE. 

Google see extensive interest in Confidential Space from our customer base, including for digital asset custody leveraging multi-party computation (MPC). MPC has proven valuable to help secure digital asset transactions because it can simplify the user experience, and create operational efficiencies, while maintaining high levels of security.

Wide adoption in multiple verticals

Companies like MonetaGo are leveraging Confidential Space to enable financial fraud detection. Google also continue our collaboration with industry partners like AMD to further our security cooperation.

“Securing customer data is key to enabling the continued expansion of cloud computing,” said Ram Peddibhotla, corporate vice president, Cloud Business, AMD. “Advanced, hardware-level security features – such as AMD Infinity Guard built into AMD EPYCTM processors – are a crucial part of a secure cloud offering. Our continued collaboration with Google helps bring to market new confidential computing options, such as Confidential Space, that provide our joint customers the advanced security technologies they need while still meeting their performance goals for mission-critical and business-critical, cloud computing workloads.”

A growing portfolio of confidential products

With Confidential Space, Google are continuing to grow our Confidential Computing portfolio which also covers Confidential Virtual Machines (CVMs), Confidential GKE, Confidential Dataproc and now Confidential Space. Our Confidential Computing services support a broad range of guest OS distros and are widely available across 80% of Google Cloud regions. Recently we added support for Compute-Optimized C2D VMs for Confidential GKE as well.

Google believe that Confidential Space can unlock numerous previously inaccessible use cases and free currently captive business data. Whether you are a clinical researcher sharing results, a bank looking at risk management in different parts of the world, or an Adtech looking to measure the effectiveness of your marketing campaigns with privacy-preserving analytics, Confidential Space can help you collaborate using sensitive or regulated data securely across teams, organizations, and borders.