• 5 min read

­Protect data in use with the public preview of Azure confidential computing

It has been an incredible year for Azure confidential computing, working with partners and customers, that has culminated in our confidential computing offerings becoming publicly available.

It has been an incredible year for Azure confidential computing, working with partners and customers, that has culminated in our confidential computing offerings becoming publicly available. At Ignite, we announced our intent, and I am excited to say that just two weeks later we are delivering on our promise of releasing the DC-series of virtual machines and open sourcing the Open Enclave SDK.

As a quick recap, Azure confidential computing protects your data while it’s in use. It is the final piece to enable data protection through its lifecycle whether at rest, in transit, or in use. It is the cornerstone of our ‘Confidential Cloud’ vision, which aims to make data and code opaque to the cloud provider.

Today, we are excited to announce a public preview of the DC-series of virtual machines in US East and Europe West. Years of work with our silicon vendors have allowed us to bring application isolation technology to hardware in our datacenters to support this new VM family. While these virtual machines may ‘look and feel’ like standard VM sizes from the control plane, they are backed by hardware-based Trusted Execution Environments (TEEs), specifically the latest generation of Intel Xeon Processors with Intel SGX technology. You can now build, deploy, and run applications that protect data confidentiality and integrity in the cloud. To get started, deploy a DC-series VM through the custom deployment flow in Azure Marketplace.

Customers like Christopher Spanton, Senior Architect for Blockchain at T-Mobile, have already started making use of the infrastructural building blocks.

“Leveraging the latest generation of trusted execution environments through Azure confidential computing has been an exciting opportunity for us to increase both the security and efficiency of our solutions. Specifically, we are working to deliver the next-generation of our internal Role-Based Access Control platform (NEXT directory) in the cloud and the Azure confidential computing platform provides a uniquely powerful platform for running blockchain protocols, such as Hyperledger Sawtooth, on which our solution is based. Our three organizations, T-Mobile, Intel, and Microsoft together have the technology, expertise, and commitment to deliver this kind of complex hybrid-architecture blockchain solution.”

Infrastructure is an important building block, but as you may be aware, enclave-based application development is a new programming paradigm. We are therefore excited to announce that we have open sourced the Open Enclave SDK project that provides a consistent API surface and enclaving abstraction for your confidential computing application development.

At its core, we wanted to ensure the Open Enclave SDK was portable across enclave technologies, cross platform – cloud, hybrid, edge, or on-premises, and designed with architectural flexibility in mind. The current version of Open Enclave SDK (v0.4), supports Intel SGX technology for C/C++ enclave applications, using mBedTLS. Subsequent versions will bring support for Arm TrustZone, additional runtimes, and Windows support. To learn more about the SDK, visit the Open Enclave project webpage and the API documentation.

We are committed to creating a collaborative community to help standardize secure enclave-based application development. Customers and partners in preview have already tested the Open Enclave SDK out and provided initial feedback.

One of those customers was Matthew Gregory, CEO and Founder of Ockam. Matthew shares how the Azure confidential computing platform, combined with Open Enclaves SDK, were able to help improve his organization’s development experience.

“Azure confidential compute uniquely enables Ockam Blockchain Network, a public blockchain, to reside in a public cloud infrastructure and to reap the broad benefits of Azure. The Azure confidential compute platform creates a simple 'as-a-service' developer experience that abstracts away complexity, which accelerates go-to-market time, simplifies ongoing operations, and increases availability. By running Ockam Validator Nodes on the Azure confidential compute platform we can better manage validator keys and verify the chain of trust in a decentralized network.”

Whether you are interested in viewing the source code, contributing to the project, or providing feedback on new features and functionality, visit the project’s GitHub repository.

Infrastructure and development environments provide you the building blocks to build enclave-based applications that protect data and code confidentiality and integrity. Based on the feedback from our private preview customers, we have started to invest in higher level scenarios of confidential computing such as confidential querying in databases, creating confidential consortium networks that scale, and secure multiparty machine learning.

Eddy Ortiz, Vice President of Solution Acceleration and Innovation at Royal Bank of Canada is using confidential computing for a few of these scenarios.

“We are always looking to harness the potential of emerging technologies. When we were first introduced to the Azure confidential compute platform, we were intrigued by the possibility of adding a new layer of security and confidentiality to our solutions. We’re currently exploring ways to share and analyze data across different institutions, while maintaining security and confidentiality. We are currently piloting a confidential multiparty data analytics and machine learning pipeline on top of the Azure confidential compute platform, which ensures that participating institutions can be confident that their confidential customer and proprietary data is not visible to other participating institutions, including RBC. So far, the results have been promising.”

We will continue to work on these scenarios across our Azure service offerings and will provide you with more updates over the coming months.

We are excited to be providing you with the building blocks of the next wave of cloud computing. If you have any questions or comments, please reach out to us by posting on our Azure Virtual Machine MSDN forum for the DC-series and filing an issue on GitHub for the Open Enclave SDK.

Getting started

We recommend getting started by deploying through Azure Marketplace. The custom deployment flow deploys and configures the virtual machine and installs the Open Enclave SDK for Linux VMs if selected. Many of the basic VM deployment configurations are supported through the Confidential Computing VM Deployment workflow, including: (1) Windows/Linux VM; (2) New or existing resource group; (3) New or existing VNet; (4) Storage/disk type; (5) Enabled diagnostics, and other properties.

There are a few areas we will continue to improve during public preview, including regions, operating system images, and queryability.


Regions support has expanded from US East in private preview to also include Europe West in public preview. We are working on expanding our investments into other regions.

Operating system images

The DC-series of VMs are the first set of Generation 2 virtual machines. As such, we have specially configured operating images that are required with these virtual machines. We have worked with our operating system partner teams to enable Generation 2 support for Ubuntu Server 16.04 and Windows Server 2016 Datacenter. These images are automatically used when deploying through the portal. Custom images are not yet supported. DC-series VMs will not show up in the size selector for arbitrary marketplace images, as not all images have been updated yet.


It is also possible to programmatically deploy DC-series VMs. If going the programmatic route, it is important to note restrictions and not try to deploy these VMs with arbitrary or custom images. The Generation 2 enabled Ubuntu Server 16.04 and Windows Server 2016 images will not be listed through programmatic API calls as they are meant to be used only with DC-series VMs. If you want to reference the image outside of the template programmatically, the image identifiers are:

Publisher: Canonical; Offer: confidential-compute-preview; SKU: 16.04-LTS

Publisher: MicrosoftWindowsServer; Offer: confidential-compute-preview; SKU: acc-windows-server-2016-datacenter

If not using the marketplace offering, you will then need to follow the steps to install the Open Enclave SDK or Intel SGX SDK. For instructions on how to install on a machine with the latest generation of Intel Xeon processor with SGX technology whether in Azure or on-premise, follow the instructions on GitHub.