edit pass: confidential-computing-solutions

Author: ShawnJackson

articles/confidential-computing/confidential-clean-rooms.md

@@ -23,7 +23,7 @@ The following diagram shows how organizations collaborate by using Azure Confide
 
 Azure Confidential Clean Room could be a great choice for you if you have these scenarios:
 
-- **Data analytics and inferencing**: Organizations that want to build insights on second-party data while ensuring data privacy can use Azure Confidential Clean Room. Azure Confidential Clean Room is useful when data providers are concerned about data exfiltration. It helps ensure that data is used only for agreed purposes, and it safeguards against unauthorized access or egress (because it's a sandboxed environment).
+- **Data analytics and inferencing**: Organizations that want to build insights on second-party data while ensuring data privacy can use Azure Confidential Clean Room. The service is useful when data providers are concerned about data exfiltration. It helps ensure that data is used only for agreed purposes, and it safeguards against unauthorized access or egress (because it's a sandboxed environment).
 
 - **Independent software vendor (ISV) data privacy**: ISVs that provide secure multiparty data collaboration services can use Azure Confidential Clean Room as an extensible platform. The service enables ISVs to add enforceable tamperproof contracts with governance and audit capabilities. It uses [confidential containers in Azure Container Instances](../confidential-computing/confidential-containers.md) underneath to ensure that data is encrypted during processing, which helps keep customer data secure.
 
@@ -37,7 +37,7 @@ Azure Confidential Clean Room could be a great choice for you if you have these
 
   Healthcare providers can also use Azure Confidential Clean Room for ML inferencing. Partner hospitals can use the power of these models for early detection.
 
-- **Advertising**: In the advertising industry, Azure Confidential Clean Room facilitates secure data sharing between advertisers and publishers. Azure Confidential Clean Room enables targeted advertising and measurement of campaign effectiveness without exposing sensitive user data.
+- **Advertising**: In the advertising industry, Azure Confidential Clean Room facilitates secure data sharing between advertisers and publishers. It enables targeted advertising and measurement of campaign effectiveness without exposing sensitive user data.
 
 - **Banking, financial services, and insurance (BFSI)**: The BFSI sector can use Azure Confidential Clean Room to collaborate on financial data while ensuring compliance with regulatory requirements. Financial institutions can perform joint data analysis and develop risk models, fraud detection models, and lending scenarios without exposing sensitive customer information.
 
@@ -49,21 +49,21 @@ Azure Confidential Clean Room could be a great choice for you if you have these
 
 Azure Confidential Clean Room helps ensure that sensitive data remains protected throughout the collaboration process. Here are some key benefits of using the service:
 
-- **Secure collaboration and governance**: Azure Confidential Clean Room enables collaborators to create tamperproof contracts. Azure Confidential Clean Room also enforces all the constraints that are part of a contract. Governance ensures validity of constraints before allowing data to be released into clean rooms, and it drives transparency among collaborators by generating tamperproof audit trails. Azure Confidential Clean Room uses the open-source [Confidential Consortium Framework](https://microsoft.github.io/CCF/main/overview/what_is_ccf.html) to enable these capabilities.
+- **Secure collaboration and governance**: Azure Confidential Clean Room enables collaborators to create tamperproof contracts. Azure Confidential Clean Room also enforces all the constraints that are part of a contract. Governance ensures the validity of constraints before allowing data to be released into clean rooms, and it drives transparency among collaborators by generating tamperproof audit trails. Azure Confidential Clean Room uses the open-source [Confidential Consortium Framework](https://microsoft.github.io/CCF/main/overview/what_is_ccf.html) to enable these capabilities.
 
 - **Compliance**: Confidential computing can address some of the regulatory and privacy concerns by providing a secure environment for data collaboration. This capability is beneficial for industries such as financial services, healthcare, and telecom, which deal with highly sensitive data and personal data.
 
 - **Enhanced data security**: Azure Confidential Clean Room uses confidential computing to provide a hardware-based TEE. This environment is sandboxed and allows only authorized workloads to run. It prevents unauthorized access to data or code during processing, to help ensure that sensitive information remains secure.
 
 - **Zero Trust**: Verifiable trust at each step, with the help of cryptographic remote attestation, forms the cornerstone of Azure Confidential Clean Room.
 
-- **Cost-effectiveness**: By providing a secure and compliant environment for data collaboration, Azure Confidential Clean Room reduces the need for costly and complex data protection measures. It's a cost-effective solution for organizations that want to use sensitive data for analysis and insights.
+- **Cost-effectiveness**: By providing a secure and compliant environment for data collaboration, Azure Confidential Clean Room reduces the need for costly and complex data-protection measures. It's a cost-effective solution for organizations that want to use sensitive data for analysis and insights.
 
 ## Joining the preview
 
 Azure Confidential Clean Room is currently in preview. If you're interested in joining the preview, fill in and submit [this form](https://aka.ms/ACCR-Preview-Onboarding). After we review your form, we'll contact you with detailed steps for joining.
 
-For questions about joining, reach out to the [Azure Confidential Clean Room management team](mailto:[email protected]).
+For questions about joining, [email the Azure Confidential Clean Room management team](mailto:[email protected]).
 
 ## Important references
 
@@ -72,15 +72,15 @@ For questions about joining, reach out to the [Azure Confidential Clean Room man
 
 ## Frequently asked questions
 
-- Question: Where are the sidecar container images of Clean Room published?
+- Question: Where are the sidecar container images of Azure Confidential Clean Room published?
 
   Answer: The sidecar container images are published at `mcr.microsoft.com/cleanroom`.
 
 - Question: Can more than two organizations participate in a collaboration?
 
   Answer: Yes, more than two organizations can become part of a collaboration. Multiple data providers can share data in a clean room.
 
-If you have more questions about Azure Confidential Clean Room, reach out to the [support team](mailto:[email protected]).
+If you have more questions about Azure Confidential Clean Room, [email the support team](mailto:[email protected]).
 
 ## Related content
 

articles/confidential-computing/confidential-computing-deployment-models.md

@@ -17,16 +17,16 @@ Azure confidential computing supports multiple deployment models. These models s
 
 Under the infrastructure as a service (IaaS) deployment model in cloud computing, you can use:
 
-- *Confidential virtual machines (VMs)* based on [AMD SEV-SNP](confidential-vm-overview.md) or [Intel TDX](tdx-confidential-vm-overview.md) for VM isolation
-- *Application enclaves* with [Intel SGX](confidential-computing-enclaves.md) for app isolation
+- *Confidential virtual machines (VMs)* based on [AMD SEV-SNP](confidential-vm-overview.md) or [Intel TDX](tdx-confidential-vm-overview.md) for VM isolation.
+- *Application enclaves* with [Intel SGX](confidential-computing-enclaves.md) for app isolation.
 
 These options provide organizations with differing deployment models, depending on their trust boundary or desired ease of deployment.
 
 ![Diagram that shows the customer trust boundary of confidential computing technologies.](./media/confidential-computing-deployment-models/cloud-trust-boundary.png)
 
 The IaaS deployment model grants access to scalable computing resources (such as servers, storage, networking, and virtualization) on demand. By adopting an IaaS deployment model, organizations can forgo the process of procuring, configuring, and managing their own infrastructure. Instead, they pay for only the resources that they use. This ability makes IaaS a cost-effective solution.
 
-In the domain of cloud computing, the IaaS deployment model enables businesses to rent individual services from cloud service providers like Azure. Azure assumes responsibility for managing and maintaining the infrastructure so that organizations can concentrate on installing, configuring, and managing their software. Azure also offers supplementary services such as comprehensive billing management, logging, monitoring, storage resiliency, and security.
+In the domain of cloud computing, the IaaS deployment model enables businesses to rent individual services from cloud service providers (CSPs) like Azure. Azure assumes responsibility for managing and maintaining the infrastructure so that organizations can concentrate on installing, configuring, and managing their software. Azure also offers supplementary services such as comprehensive billing management, logging, monitoring, storage resiliency, and security.
 
 Scalability is another advantage of the IaaS deployment model in cloud computing. Enterprises can swiftly scale their resources up and down according to their requirements. This flexibility facilitates faster development life cycles, accelerating time to market for new products and ideas. The IaaS deployment model also helps ensure reliability by eliminating single points of failure. Even if a hardware component fails, the service remains available.
 
@@ -49,7 +49,7 @@ Containers also increase the portability of applications, and improve resource u
 
 Normally, you might deploy your solution on confidential VMs if:
 
-- You have legacy applications that can't be modified or containerized. However, you still need to introduce protection of data in memory, while the data is being processed.
+- You have legacy applications that can't be modified or containerized. However, you still need to introduce protection of data in memory while the data is being processed.
 - You're running multiple applications that require different operating systems (OSs) on a single piece of infrastructure.
 - You want to emulate an entire computing environment, including all OS resources.
 - You're migrating your existing VMs from on-premises to Azure.
@@ -68,9 +68,9 @@ There are some differences in the security postures of confidential VMs and conf
 
 ### Confidential VMs
 
-Confidential VMs offer hardware-encrypted protection of an entire VM from unauthorized access by the host administrator. This level typically includes the hypervisor, which the cloud service provider (CSP) manages. You can use this type of confidential VM to prevent the CSP from accessing data and code executed within the VM.
+Confidential VMs offer hardware-encrypted protection of an entire VM from unauthorized access by the host administrator. This level typically includes the hypervisor, which the CSP manages. You can use this type of confidential VM to prevent the CSP from accessing data and code executed within the VM.
 
-VM admins, or any other app or service running inside the VM, operate beyond the protected boundaries. These users and services can access data and code within the VM.
+VM admins, or any other apps or services running inside the VM, operate beyond the protected boundaries. These users and services can access data and code within the VM.
 
 ![Diagram that shows the customer trust boundary of confidential VM technologies.](./media/confidential-computing-deployment-models/cvm-architecture.png)