Capgemini SE

04/08/2025 | News release | Archived content

Confidential AI: How Capgemini and Edgeless Systems allow regulated industries to adopt AI at scale

Confidential AI: How Capgemini and Edgeless Systems allow regulated industries to adopt AI at scale

Stefan Zosel, Ernesto Marin Grez and Thomas Strottner

Apr 8, 2025

By combining confidential computing with Nvidia H100 GPUs, "Privatemode AI" provides cloud-hosted LLMs with end-to-end encryption of user data.

The AI revolution is transforming our world at unprecedented speed. Just a few years ago, the idea of conversing naturally with a computer seemed more at home in Hollywood or in science fiction than in the workplace. Yet with the rise of generative AI tools like ChatGPT, these technologies have become an everyday reality, embraced by employees, customers and IT users alike.

However, this rapid adoption brings new challenges, particularly for organizations in regulated industries that must maintain high levels of data protection and privacy. How can those organizations harness the power of GenAI models at scale while also safeguarding sensitive information?

Confidential AI solves the "cloud versus on-premises dilemma"

The advent of AI has amplified the importance of choosing between cloud and on-premises infrastructure. Traditionally, organizations preferred to process sensitive data on-premises, within their own data center, as it offered maximum control. But given the significant costs of GPU infrastructure and the energy consumption that AI workloads require, on-premises is usually not economical. What's more, limited expertise and technical resources for managing AI architectures locally make the cloud - especially "AI-as-a-service" offerings - a more viable option for most organizations.

Yet, when deploying AI solutions such as large language models (LLMs) via a cloud-based service, many parties - cloud, model and service providers - potentially have access to the data. Which creates problems for regulated industries.

Figure 1: With standard GenAI services, model, infrastructure and service providers can all potentially access the data.

This is where confidential computing comes into play. While it's long been standard to encrypt data at rest and in motion, data in use has typically not been protected.

Confidential computing solves this problem with two main features: runtime memory encryption and remote attestation. With confidential computing-enabled CPUs, data stays encrypted in the main memory, strictly isolated from other infrastructure components. Remote attestation also makes it possible to verify the confidentiality, integrity and authenticity of the so-called Trusted Execution Environment (TEE) and its respective workloads.

Figure 2: Confidential computing provides runtime encryption and remote attestation for verifiable security.

Confidential computing has been a standard feature of the last few generations of Intel and AMD server CPUs, where the feature is called TDX (Intel) and SEV (AMD) respectively. With Nvidia's H100, there's now a GPU that provides confidential computing - allowing organizations to run AI applications that are fully confidential.

Figure 3: Confidential AI allows organizations in regulated industries to use cloud-based AI systems while protecting the data end to end.

How Capgemini and Edgeless Systems deliver confidential AI together

Capgemini is a leader in GenAI, managing large-scale projects to drive automation and foster efficiency gains for clients worldwide. The firm has long-standing expertise in delivering AI systems across clouds and on-premises, including critical aspects like user experience, Retrieval Augmented Generation (RAG) and fast inference. (More on these later.)

Data security and privacy are critical aspects of many Capgemini projects, particularly those in regulated industries. This means clients are often confronted with the aforementioned "cloud versus on-premises dilemma".

The good news: deploying GenAI tools through ough the cloud, with verifiable end-to-end confidentiality and privacy, isn't a distant future. It's a reality. And Capgemini is already bringing it to clients in regulated industries like healthcare, defense, the public sector and the financial sector.

In 2024, Capgemini partnered with Edgeless Systems, a German company that develops leading infrastructure software for confidential computing. (See the blog post, Staying secure and sovereign in the cloud with confidential computing.) Edgeless Systems now provides Privatemode AI, a GenAI service that uses confidential virtual machines and Nvidia's H100 GPUs to keep data verifiably encrypted end to end. This allows users to deploy LLMs and coding assistants that are hosted in the cloud while making sure no third party can access the prompts.

  • Powerful LLMs, e.g., Llama 3.3 70B and Mistral 7B
  • Coding assistants, e.g., Code Llama and Codestral
  • End-to-end prompt encryption
  • Verifiable security through remote attestation
  • Standard, OpenAI-compatible API

Together, Capgemini and Edgeless Systems are already bringing exciting confidential AI use cases to life.

Case 1: Confidential AI for public administration

In the German public sector, the demographic change will soon lead to many unfilled positions and capability gaps. GenAI applications can support the work of civil servants, automate administrative tasks and help to reduce labor shortages. For example, the IT provider of the largest German state (IT.NRW - Landesbetrieb Information und Technik NRW) has contracted Capgemini to develop an "Administrative AI Assistant" to improve productivity for thousands of administrative employees.

The GenAI application helps in several ways, including by summarizing text or supporting research assistants with RAG (Retrieval Augmented Generation). However, there aren't enough GPUs available on-premises to support inference (the process whereby an LLM receives and responds to a request) and the public cloud isn't an option for sensitive data. Here, the client uses Privatemode AI for confidential inference in the cloud, serving a Meta Llama 3.3 70B model via a standard OpenAI-compatible API. So while all the heavy processing is done in the cloud, all the user data is encrypted end to end.

Figure 4: Hybrid architecture for LLM-based assistants with Confidential "AI-as-a-service" for inference (blue box).

Nvidia blog post on Privatemode AI (2024):https://developer.nvidia.com/blog/advancing-security-for-large-language-models-with-nvidia-gpus-and-edgeless-systems/

Edgeless Systems' Open Confidential Computing Conference OC3 with presentation by Capgemini and IT.NRW on Confidential AI: https://www.oc3.dev/

Thomas Strottner

Vice President, Business Development, Edgeless Systems

"With Privatemode AI, we empower organizations in regulated industries - such as healthcare, banking, and the public sector - to scale AI use cases effortlessly in the cloud while ensuring that their data remains verifiably protected against unauthorized access. We are proud to partner with Capgemini and NVIDIA to bring large-scale AI projects to life."

Thilo Ewald

CTO - Telecoms, Germany

close button

Get in touch

Select a value Alumni Business Career Customer Support Media Relations Others Partner Alliance Privacy Sell to Capgemini Purpose of contact (optional)
First name *
First name is not valid.
Last name *
Last name is not valid.
Email *
Email is not valid.
Job title *
Job title is not valid.
Phone (optional)
Company / Organization *
Company / Organization is not valid.
Select a value Aerospace & Defense Automotive Banking Chemicals Consumer Products Distribution & logistics Education & research Government General services Healthcare Insurance Industrial Manufacturing Life Sciences Media & Entertainment Natural resources Other Financial Services Public Security & Police Retail & Wholesale trade Tax & Welfare Travel & Transport Technology Telecoms Utilities Industry *
Industry is not valid.
Select a value Assistant/secretary CDO/CMO CEO CFO Chairman/Board of Directors CIO/CTO Consultant/Senior Consultant Director/Principle Consultant EVP Manager Operational Other CXO Purchaser Senior Manager/Managing Consultant SVP Vice President Position/Level *
Position/Level is not valid.
Country
Country Afghanistan Aland Islands Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua And Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bosnia And Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos (Keeling) Islands Colombia Comoros Congo Congo, Democratic Republic Cook Islands Costa Rica Cote D'Ivoire Croatia Cuba Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands (Malvinas) Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard Island & Mcdonald Islands Holy See (Vatican City State) Honduras Hong Kong Hungary Iceland India Indonesia Iran, Islamic Republic Of Iraq Ireland Isle Of Man Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati Korea Kuwait Kyrgyzstan Lao People's Democratic Republic Latvia Lebanon Lesotho Liberia Libyan Arab Jamahiriya Liechtenstein Lithuania Luxembourg Macao Macedonia Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia, Federated States Of Moldova Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands Netherlands Antilles New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Palestinian Territory, Occupied Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Reunion Romania Russian Federation Rwanda Saint Barthelemy Saint Helena Saint Kitts And Nevis Saint Lucia Saint Martin Saint Pierre And Miquelon Saint Vincent And Grenadines Samoa San Marino Sao Tome And Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia And Sandwich Isl. Spain Sri Lanka Sudan Suriname Svalbard And Jan Mayen Swaziland Sweden Switzerland Syrian Arab Republic Taiwan Tajikistan Tanzania Thailand Timor-Leste Togo Tokelau Tonga Trinidad And Tobago Tunisia Turkey Turkmenistan Turks And Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates United Kingdom United States United States Outlying Islands Uruguay Uzbekistan Vanuatu Venezuela Viet Nam Virgin Islands, British Virgin Islands, U.S. Wallis And Futuna Western Sahara Yemen Zambia Zimbabwe
Country is not valid.
Your message *
Your message is not valid.
Page title
Page URL
I agree to Capgemini collecting and processing my personal data to allow me to receive information on Capgemini services. For further information, please see our Privacy Notice. .
Slide to submit
Thank you for contacting us.

We are sorry, the form submission failed. Please try again.

Authors

Stefan Zosel

Capgemini Government Cloud Transformation Leader
"Sovereign cloud is a key driver for digitization in the public sector and unlocks new possibilities in data-driven government. It offers a way to combine European values and laws with cloud innovation, enabling governments to provide modern and digital services to citizens. As public agencies gather more and more data, the sovereign cloud is the place to build services on top of that data and integrate with Gaia-X services."

Ernesto Marin Grez

Vice President - Head of Strategic Initiatives Gen AI and Applied Innovation, Germany
"At Capgemini, we are focused on advancing artificial intelligence with a strong emphasis on confidential computing. This technology is crucial for industries such as finance, healthcare, and government, where data privacy and security are paramount. By ensuring that sensitive data remains encrypted even during processing, we enable our customers to harness the power of AI without compromising on security. This approach not only protects valuable information but also fosters innovation and trust in AI applications."

Related