The paper introduces confidential computing approaches focused on protecting hierarchical data within edge-cloud network. Edge-cloud network suggests splitting and sharing data between the main cloud and the range of networks near the endpoint devices. The proposed solutions allow data in this two-level hierarchy to be protected via embedding traditional encryption at rest and in transit while leaving the remaining security issues, such as sensitive data and operations in use, in the scope of trusted execution environment. Hierarchical data for each network device are linked and identified through distinct paths between edge and main cloud using individual blockchain. Methods for data and cryptographic key splitting between the edge and the main cloud are based on strong authentication techniques ensuring the shared data confidentiality, integrity and availability.

翻译：本文重点介绍了面向边缘-云网络中层级数据保护的机密计算方法。边缘-云网络是指在主云与终端设备附近的网络范围之间分割并共享数据。所提出的解决方案通过嵌入传统的静态加密和传输加密来保护这两级层级中的数据，同时将剩余的安全问题（如使用中的敏感数据和操作）纳入可信执行环境的范畴。每个网络设备的层级数据通过边缘与主云之间的不同路径，利用独立区块链进行链接与标识。边缘与主云之间的数据与密钥分割方法基于强认证技术，确保共享数据的机密性、完整性和可用性。