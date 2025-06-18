18 June 2025
The announcement of Hyper Protect Container Runtime (HPCR) for Red Hat Virtualization Solutions (RHVS) and Hyper Protect Confidential Containers (HPCC) for Red Hat OpenShift Container Platform (OCP) is a major step forward in advancing confidential computing technology.
This milestone reflects more than just a product launch; it represents a broader shift in how enterprises—especially service providers—are able to secure workloads at scale and in hybrid environments.
Confidential computing is a technology designed to protect data even while it's being processed. This is achieved by isolating workloads within Trusted Execution Environments (TEEs), built to help prevent unauthorized access from even the most privileged users, including cloud providers, system administrators and third-party operators or components in general.
In the era of AI and Hybrid Cloud, confidential computing enables secure data processing and analysis, protecting sensitive information from unauthorized access. This is crucial for AI applications that rely on large datasets, including personal and proprietary data.
According to 360iResearch, the global confidential computing market is projected to grow from USD 7.06 billion in 2025 to USD 14.94 billion by 2030, reflecting a compound annual growth rate (CAGR) of 16.07%. They observed that “enabling data to remain encrypted even during processing, confidential computing fosters digital trust, reduces compliance costs, and supports emerging use cases in AI and analytics that rely on privacy preserving data collaboration.” This will, in their opinion, “unlock Confidential Computing’s economic impact and growth catalysts.”.
Beyond the data being processed by a given AI model, IBM has found that there could be hidden costs to building these models. In many enterprise use cases, these models—especially when augmented and fine-tuned with proprietary data—can represent significant business value and unique market advantage. Confidential computing is designed to protect these models, their underlying intellectual property, and the AI stack.
In addition to these trends influencing the confidential computing space, another factor is emerging: by 2028, it's estimated that 77% of compute infrastructure will be consumed by service providers. This transformation brings new opportunities but also significant security challenges. Service providers often manage workloads across shared environments, facing regulatory demands and increasing scrutiny around data privacy.
For industries where data sensitivity is paramount, such as healthcare, finance and government, confidential computing supports organizations with their compliance posture while maintaining operational agility. And for service providers, it’s a competitive differentiator, often resulting in enhanced trust, security and privacy in a zero-trust world, while enabling differentiation through an efficient multi-tenant platform orchestration.
Solution stack development increasingly relies on containers due to their lightweight nature, ease of maintenance and streamlined application delivery. From a security standpoint, containerized applications are built to offer enhanced isolation, simplified vulnerability management, and help reduce codebase. A well-established method for isolating and virtualizing workloads in IT environments is the use of virtual machines (VMs), also known as virtual service instances.
As applications evolve to become containerized or “cloud-native,” the ideal deployment environment depends on the specific use case. Some applications are better suited for virtualized environments, where instances are closely monitored and managed by administrators. Others are a better fit for cloud-native platforms, where infrastructure and services are designed to be resilient—using disposable and easily replaceable components and microservices..
In the Red Hat ecosystem, this distinction is reflected in:
To support these two deployment models, IBM offers corresponding Hyper Protect products that bring confidential computing capabilities to the Red Hat ecosystem:
Both HPCR and HPCC share key principles and benefits:
HPCR is ideal for dedicated and central services that require high levels of protection, such as:
These services handle high-value assets like signing keys, access tokens, and identity seeds. When combined with IBM Z or LinuxONE systems equipped with Crypto Express hardware security modules, HPCR is designed to be the recommended solution.
Use cases include:
This level of isolation and control is essential for protecting sensitive secrets and intellectual property, supporting compliance obligations.
HPCC is designed to help enable secured processing of sensitive workloads in untrusted environments, such as public clouds or shared data centers. It is designed to help ensure that even platform administrators or service providers cannot access or tamper with sensitive data.
Use cases include:
By integrating HPCC with Red Hat OpenShift, IBM and Red Hat provide a secured, scalable platform that supports hybrid cloud deployments without sacrificing agility or requiring separate infrastructure.
With the expansion of Hyper Protect Services into the Red Hat ecosystem, IBM is aligning powerful confidential computing technologies with enterprise-ready platforms. The integration of HPCR and HPCC is built to help organizations:
In a future dominated by service providers, Hybrid Cloud and AI, these capabilities are no longer optional—they’re essential. As organizations face mounting pressure to safeguard data while remaining agile and compliant, confidential computing with Hyper Protect delivers a powerful solution. Now fully available through Red Hat, SUSE and Ubuntu, IBM's portfolio empowers enterprises to take control of their data security.