Intel launches secret computing solution for virtual machines

Today, clever announced the launch of 4th Gen Intel Xeon Scalable Processors as well as Intel Mac Series CPUs and GPUs, along with the launch of virtual machine (VM) isolation and reliability verification services. Independent trust to help build “the industry’s most inclusive” secret calculator investment portfolio.”

Intel’s virtual machine isolation solution, Intel Trusted Domain Extensions (TDX), is designed to protect data stored in virtual machines inside a Trusted Execution Environment (TEE) separate from the hardware. hard below. This means that cloud service providers cannot access the data processed in the TEE.

This organization also confirms that amber projectIts multi-cloud trust verification and software validation service will launch in mid-2023, to help enterprises verify the reliability of TEEs, devices, and the source of trust.

Through the expansion of its confidential computing ecosystem, Intel aims to provide organizations with a suite of solutions to protect data in transit, storage, and storage, so they can generate information insights into on-premises, cloud, and edge environments, and verify the integrity of the components and software that power those datasets.

Confidential computing and software supply chains

The announcement comes as many organizations are struggling to balance data access and security, with research found that businesses only use an average of 58% of their data, in part due to challenges in implementing data access controls.

By combining Intel’s TDX virtual machine-level protection with solutions like Intel’s Software Guard Extensions (SGX), which uses application isolation technology to protect the code and data that are in progress. modified, organizations can have more confidence in the integrity of their software and insights into the cloud and at the edge of the network.

It’s an approach that Intel claims goes beyond the capabilities of traditional authentication services.

“Attestation provides cryptographic assurance that the TEE is genuine, that its microcode patches are fully compliant,” said Amy Santoni, Intel colleague and principal security architect at Xeon. update book and the TEE is correctly launched using the authenticated firmware”.

“SGX can go a step further and verify that the application software loaded in that container matches the manifest provided by the developer. So the developer can be someone separate from the cloud infrastructure and there is a way to ensure that the app is exactly the one that is relevant to the SGX developer,” said Santoni. .

The Amber Project and the Unreliable Journey

At the same time, the upcoming release of Project Amber has the potential to simplify the journey of distrust.

“If you really think about it, distrust principles and practices suggest that there should be separation,” said Anil Rao, vice president, systems architecture and engineering, CTO’s office. division of responsibilities between the infrastructure provider and the attestation provider.

“For example, if you’re buying a used car, you shouldn’t believe a mechanic who says everything in the car is fine. You usually go and have an independent mechanic check it out and then make sure the car is in good condition,” says Rao.

As a result, Project Amber acts as an independent entity that organizations can use to verify software components used throughout their environment without having to rely on application vendors. or a cloud service provider to certify the security of their own products.

In practice, this means that organizations can deploy artificial intelligence/machine learning models at the edge of the network to generate insights from trusted sources while ensuring that sensitive data and personally identifiable information (PII) not stolen or tampered with.

A Look at the Secret Computer Market

Intel’s Latest Solutions for Confidential Computing marketwhich researchers estimate will reach $54 billion by 2026 as cloud and enterprise security initiatives strive to comply with ever-expanding data privacy regulations.

While other providers like Google cloud and Fortanix also offer their own confidential computing solutions with data encryption in use, with the former offering its own confidential virtual machines, Intel is trying to differentiate itself from vendors another through the use of software authentication.

Intel’s combination of secure computing solutions that provide virtual machines and application isolation, alongside vendor-compatible reliability verification services including Microsoft Azure, Google Cloud, Alibaba Cloud and IBM Cloud, giving Intel the potential to be the ultimate vendor in the market.