Confidential Computing

Confidential Computing


News & features


Security and privacy are arguably the most significant concerns for enterprises and consumers using public cloud platforms. The Confidential Computing theme at Microsoft Research Cambridge has been conducting pioneering research in the design of systems that guarantee strong security and privacy properties to cloud users. We are also interested in new technologies and applications that security and privacy can uncover (e.g., blockchains and multi-party machine learning). Some of the areas we work on include:

  • Blockchain technology
  • Confidential AI
  • Confidential data analytics
  • Secure hardware design
  • Side-channel resilience
  • Software security and memory safety
  • Verified security and cryptography


Confidential AI graphic

Confidential AI

Our goal is to make Azure the most trustworthy cloud platform for AI. The platform we envisage offers confidentiality and integrity against privileged attackers including attacks on the code, data and hardware supply chains, performance close to that offered by GPUs, and programmability of state-of-the-art ML frameworks.

Confidential Consortium Framework graphic showing three offices sharing data securely

Confidential Consortium Framework (CCF)

The Confidential Consortium Framework (CCF), a joint project with Azure Engineering, is an open-source framework for building a new category of secure, highly available, and performant applications that focus on multi-party compute and data.

illustration showing containers in a cloud

Enabling Confidential Containers With SGX-LKL

By enabling confidential containers through the SGX-LKL project, we aim to provide a solution for deploying existing workloads with strong confidential computing guarantees in hardware-based trusted execution environments, thereby allowing customers to deploy these workloads onto public clouds without trusting their cloud provider.

Photo of Portmeirion, Wales


Project Portmeirion aims to explore hardware-software co-design for security in the Azure general-purpose compute stack. We are working with major CPU vendors and academic collaborators to design new security features at both the architectural and microarchitectural level.

hand holding credit card with laptop

Project Everest

Everest aims to build usable, high-performance, formally-verified software for core security components, such as libraries for standard cryptographic algorithms (AES-GCM, SHA2, ECDSA, P256, …) and secure communications protocols (TLS and QUIC). Using a novel mechanized verification toolchain based on F*, we prove their safety, correctness, security, and side-channel resilience. This project is in collaboration with INRIA Paris, Carnegie Mellon University, and the universities of Edinburgh and Aalto.

Photo of Verona in Italy

Project Verona

Project Verona is a research project being run by Microsoft Research with academic collaborators at Imperial College London. We are exploring research around language and runtime design for safe scalable memory management and compartmentalisation.


Our research in Confidential Computing involves collaborations with partners in- and outside Microsoft. As regards external collaboration, we have deep roots in the academic research ecosystem and engage in collaborations with top research groups around the world.

Microsoft Security Response Center

We collaborate closely with the Microsoft Security Response Center (MSRC) on multiple topics, including exploit mitigations, safe systems programming languages, CPU security, secure hardware design, and AI security.

PhD collaborations in EMEA

Aalto University

“SMVRF: Secure Messaging Verifiably Realized in F*”

Primary Supervisor: Chris Brzuska

MSR Supervisor: Antoine Delignat-Lavaud

Imperial College London

“Regions and Types for the Secure Foundations of Cloud-First, Confidential Computing”

Primary Supervisor: Sophia Drossopoulou

MSR Supervisor: Antoine Delignat-Lavaud

Technical University of Vienna (TU Wien)

“Bit-level Accurate Reasoning and Interpolation”

Primary Supervisor: Georg Weissenbacher

MSR Supervisor: Christoph Wintersteiger

University of Edinburgh

“Improving the usability of TLS APIs”

Primary Supervisor: Kami Vaniea

MSR Supervisor: Antoine Delignat-Lavaud

“Speicher: A Secure Storage System using Shielded Execution”

Primary Supervisor: Pramod Bhatotia

MSR Supervisor: Kapil Vaswani

University of York

“Lightweight Concurrency Modelling”

Primary Supervisor: Mike Dodds

MSR Supervisor: Matthew Parkinson

Uppsala University

“Quantifiably Secure Architectures “

Primary Supervisor: Stefanos Kaxiras

MSR Supervisor: Boris Köpf

Find out more about the PhD Scholarship Programme in EMEA.

Microsofr Research Inria Join Centre logo

Inria Joint Centre

The Inria Joint Centre was founded in 2004 by Inria (the French National Research Institute for Computer Science and Applied Mathematics), Microsoft Corporation, and Microsoft Research Cambridge. The Centre’s objective is to pursue fundamental, long-term research in Computer Science with a particular emphasis on formal methods and machine learning and some of their key applications.


Swiss Joint Research Centre

Established in 2008, the Swiss Joint Research Center (Swiss JRC) is a collaborative research engagement between Microsoft Research and the two universities that make up the Swiss Federal Institutes of Technology: ETH Zurich and EPFL. The Centre’s objective is to pursue fundamental, long-term research in Computer Science with a particular emphasis on systems, security, and AI.

Center for Digital Trust logo


Housed at EPFL in Lausanne (Switzerland), the Center for Digital Trust brings together founding partners including Microsoft Research, laboratories, civil society, and policy actors to collaborate, share insight, and to gain early access to trust-building technologies, building on state-of-the-art research at EPFL and beyond.