On June 6, the 2026 Confidential Computing Technology and Ecosystem Development Forum – Symposium on Confidential Computing Technology Ecosystems for Large Models was successfully held, hosted by Nanhu Laboratory, a member unit of the Global Computing Consortium (GCC), and co-organized by the GCC Confidential Computing Professional Committee and the Huawei Trusted Domain Scientists Committee. The symposium focused on technical challenges of confidential computing for large models, innovative solutions across multiple scenarios, and industry trends, sharing cutting-edge research and practical case studies. It aimed to build industry consensus and empower industrial development for compliant AI security deployment and the construction of trusted computing power ecosystems.

At present, large models are reshaping industries at an unprecedented pace, and the deep integration of computing power and data elements is unleashing unprecedented productivity. However, as enterprise-level AI applications move into deeper waters, data privacy compliance, protection of core trade secrets, and model asset rights confirmation have become core barriers constraining the large‑scale deployment of large models. How can we fully unlock the value of data while upholding stringent security boundaries? As a critical pathway to addressing this challenge, confidential computing is rising to the forefront, helping to build the technological cornerstone for high‑standard, trustworthy AI business closed-loop.. To consolidate industry consensus, drive innovation in trusted computing power, and promote the implementation and evolution of trustworthy AI, the 2026 Confidential Computing Technology and Ecosystem Development Forum – Symposium on Confidential Computing Technology Ecosystems for Large Models was successfully held on June 6 at the Nanhu Laboratory in Jiaxing.

The symposium was hosted by Nanhu Laboratory and co-organized by the GCC Confidential Computing Professional Committee and the Huawei Trusted Domain Scientists Committee. The event brought together leading national experts and prominent players in the fields of confidential computing and trustworthy AI to share explorations and practical applications of confidential computing technologies in the large‑model domain, discuss future models and trends for confidential computing development oriented toward large models, and offer valuable recommendations for building more secure trustworthy AI applications.

The symposium brought together representatives from industry, academia, research, and application sectors. Through in-depth technical interpretations, industry development trends, and solution implementation, combined with case studies in healthcare, finance, government affairs, and other fields, the event further showcased the achievements and future trends of confidential computing in the era of large models.

Mr. Zhang Lei, a member of the Management Committee of the GCC Confidential Computing Professional Committee, Chief Senior Expert at Nanhu Laboratory, and Head of Trusted Intelligent Computing, delivered an opening address. He reviewed the development history of confidential computing, analyzed its important role in building trustworthy AI, warmly welcomed the attending industry experts and partners, and elaborated on the original intent and industry value of this forum.

Dr. Jin Yier, Vice Chairman of the Expert Committee of the GCC Confidential Computing Professional Committee and Chief Scientist of Trusted Computing at Huawei, first delivered a keynote speech titled "Token Economics and the Security Premium of Tokens," systematically proposing for the first time the concept and technical requirements of confidential tokens, analyzing their value and pricing logic, and making detailed judgments on the premium range of confidential tokens.

Ying Zhiwei, Vice President of Hygon Information, spoke on "Built‑in Security – Winning the AI Era,"analyzing the security challenges faced in the AI large‑model era and elaborating on hardware‑based security solutions built on Hygon's self‑developed CPU‑DCU dual‑chip architecture.

Long Qin, Senior Expert at Alibaba Cloud, presented "VCC – A Paradigm Shift from Contractual Security to Verifiable Security," discussing how to replace contractual security with verifiable hardware technologies to ensure cloud computing security, centered on the VCC (Verifiable Confidential Computing) concept, and proposing the core idea of "Don't trust, verify."

Yan Shoumeng, CTO of Ant Secret Computing, delivered a talk titled "Some Thoughts on What Confidential Computing Really Trusts In," exploring the trust base of confidential computing and its limitations, and sharing practices for enhancing the trustworthiness of confidential computing through software‑hardware synergy.

Li Zhiqiang, Director of Security Products at Intel, shared "Intel TDX Practices and Outlook in Confidential Computing," presenting the evolution, practices, and AI‑era outlook of Intel TDX confidential computing technology, and arguing that in the Agentic AI era, TDX will play a key role in protecting AI agents and models.

Tan Lin, Product Manager at Phytium, presented "Exploring the 'Lobster' Solution for Secure Endpoints in Xinchuang," analyzing risks such as data theft, uncontrolled resource consumption, and malicious plugins caused by excessive agent permissions, and discussing security risks of AI agents and endpoint security solutions based on self‑developed chips.

Yan Zhichao, Senior Researcher at Nanhu Laboratory, gave a talk titled "Clustered Confidential Computing and Application Prospects," sharing his research and practice on fully protected confidential clusters, and envisioning future applications such as distributed confidential RAG databases and cloud‑based confidential agent swarms.

Wang Junchao, a member of the Management Committee of the GCC Confidential Computing Professional Committee and Director of Standards and Security at Arm China, presented "ARM RME/CCA Progress in Confidential Computing," introducing the latest advances in Arm architecture for confidential computing and revealing that server hardware based on Arm CCA is gradually becoming available.

Professor Xia Yubin from Shanghai Jiao Tong University, a member of the Expert Committee of the GCC Confidential Computing Professional Committee, spoke on "Protecting LLM with ARM TrustZone," presenting performance optimization and security protection for on‑device large models, AI‑generated operating systems and sandbox technologies, and localized computing solutions.

Qin Yu, Deputy Director of the Management Committee of the GCC Confidential Computing Professional Committee and Senior Engineer at the Institute of Software, Chinese Academy of Sciences, focused on "Confidential Computing Firmware Security Analysis Techniques," analyzing the security mechanisms of confidential computing firmware, pointing out that firmware is the key to ensuring underlying computing security, and citing examples of micro‑architecture attacks and hardware attacks.

Dr. Li Xiang, Director of the Confidential Computing Innovation Lab at Tianyi Cloud, shared "Practical Implementation of Confidential Computing in the National Cloud," presenting practices and thoughts on productizing confidential computing, building remote attestation services, and exploring application scenarios.

Lan Yanxiang, CEO of Shenzhen Confidential Computing Technology Co., Ltd., delivered a talk titled "From Cloud to Edge: Full‑Link Practice of End‑Cloud Collaborative Heterogeneous Confidential Computing – Technological Breakthroughs and Implementation of Rack‑level TEE and SpuClaw Confidential Lobster Box," analyzing security exposures in the agent era and sharing his company's full‑link confidential computing protection solutions on both edge and cloud sides.

Professor Wang Juan from Wuhan University presented "RISC‑V Based Confidential Computing Architecture and AI Model Protection," addressing the fragmentation between process‑level and VM‑level confidential computing architectures and proposing a unified architecture solution based on RISC‑V.

Associate Professor Li Zengpeng from Shandong University spoke on "Privacy‑Enhanced Remote Attestation Based on Data Signatures," targeting issues of heterogeneous compatibility, identity exposure, and delegated verification security in remote attestation, and proposing various targeted solutions including identity decoupling and lightweight attestation, delegated attestation, and cluster verification.

Associate Professor Liu Weijie from Nankai University delivered a keynote "Analysis of Trust Boundaries in Confidential Container Systems," systematically analyzing the attack surface of confidential containers and proposing a dual‑layer orchestration scheme for control‑plane security.

Dr. Wang Shuang from NovaTech presented "Secure Deployment of Large Models for High‑Value Healthcare Commercial Data: 'Runtime' Privacy Protection Needs from a Pharmaceutical Business Perspective," analyzing the challenges of securely deploying large models on healthcare commercial data and proposing confidential‑computing‑based protection solutions for healthcare commercial data tailored to hospitals, doctors, and pharmaceutical companies.

The symposium deeply explored existing technologies and development opportunities for confidential computing in the large‑model field, provided new solutions for enhancing data security of large models and agents, and contributed wisdom and strength to the high‑quality development of the digital economy in the era of large models.

About the GCC Confidential Computing Professional Committee:

As a subsidiary body of the Global Computing Consortium, the Committee is dedicated to defining the technology evolution path for confidential computing, promoting its practical application, and fostering the sustainable development of the confidential computing industry. The Committee remains open to global industry partners. For inquiries or participation, please contact Ms. Hui at: huijing@gccorg.com