INTEL INNOVATION 2022 – San Jose, Calif. – Intel announced new hardware and software features for Project Amber, a confidential computing service that interweaves hardware and software to attest and certify data reliability, at its Innovation Developer Summit this week.
Enhancements include features to protect data from the time it leaves the system and is in transit, in use, or at rest in storage.
“This is a foundational technology that Intel has been developing for years. Where it’s going to be most important is in the AI-ML models…to make sure that when you’re running a model at the edge , it’s not stolen, it’s not stolen, it’s not manipulated,” Intel CTO Greg Lavender said during his Wednesday keynote.
Data travels further when it is outside the data center, with multiple stops, until it reaches cloud services or makes a round trip to enterprise infrastructure. Information from sources such as sensors is added as the data moves through a telecommunications network, with layovers and artificial intelligence chips ensuring that only relevant data moves forward.
Project Amber uses hardware and software techniques to verify that data packets and their originating device are trustworthy. This layer of trust between devices and waypoints when data is in transit is a form of assurance that a company’s infrastructure and runtime environment are secure, said Anil Rao, vice president of Microsoft for systems architecture and engineering in the CTO office.
“The days when central hubs were just data movers are over. They’re not just data movers. They’re smart data movers,” Rao says.
The confidential computing offering is important for a company that mixes its own datasets with information from third parties to bolster AI learning models. Project Amber provides a way to ensure data comes from trusted sources, Rao says.
Secure Enclaves
Project Amber adds a strong locking mechanism to protect data while it’s being processed. Trust Domain Execution (TDX) instructions, found on the company’s upcoming 4th Gen Xeon Scalable processor, can secure an entire virtual machine as a trusted enclave.
The data is locked down, so even the hypervisors, which manage and monitor the virtual machines, cannot access the confidential computing environment.
“Your application will still make a virtual machine in and out call, but during those calls the data is still encrypted,” Rao explains.
Today’s cloud computing environment is built around virtual machines and applications don’t run directly from processors, says Steve Leibson, principal analyst at Tirias Research.
“When we were using processors, we didn’t need attestation, because nobody was going to modify a Xeon. But a virtual machine – it’s just software, you can modify it. Attestation tries to provide the same kind of rigidity to software machines as silicon does to hardware processors,” says Leibson.
TDX has a broader scope than Secure Guard Extensions (SGX), which is a secure area of memory in which to push, execute, and exploit code. SGX, a common feature of Intel chips, is also part of Project Amber.
Intel’s Rao compares the reach of TDX and SGX to hotel rooms. If TDX was a trust boundary in the form of a secure hotel room, SGX was a secure locker inside the hotel room.
Project Amber allows data to enter secure enclaves after matching digital codes emitted by Amber Engines. If the codes match, the data can enter the secure enclave, but if not, entry is denied because the data may have been tampered with, modified, or hacked in transit.
“It’s almost like giving someone your VIN number and saying, ‘Is this the genuine VIN number for my car or has someone done something complicated with this thing? ‘” Rao said.
Intel will also provide customers with the ability to set their own policies to create a trusted runtime environment.
“You might want to process everything in an east coast data center rather than a west coast data center,” Rao says. “What Amber is saying is this is exactly what this is about – your code didn’t pass the policy.”
Protection in the clouds
Amber will support multiple cloud service providers, but Intel did not provide specific details.
“We want to make it multicloud so that you don’t need to have a different attestation mechanism as a business when accessing different clouds,” Rao says.
There are hundreds of millions of Intel processors in data centers around the world, and bad actors have a proven ability to break into servers and steal secrets, Leibson de Tirias says.
“It’s a cat-and-mouse game, and Intel is constantly trying to develop new ways to keep bad guys from breaking into servers and stealing secrets. And that ranges from script kiddies to teenagers who just hack, to state-sponsored sites,” says Leibson.
At some point, you have to think about protecting data in use, in motion, and in storage. So Project Amber was inevitable, especially with computing moving away from on-premises infrastructure to the cloud, Leibson says.
Project Amber is still in the pilot phase as Intel adapts the technology for computer models adopted by verticals. The chipmaker is working with research firm Leidos to use Project Amber in the healthcare industry, which has many types of devices and sensors spread across large geographies and requires attestation to ensure systems don’t receive only reliable data.
#Intel #Strengthens #Confidential #Computing #Project #Amber #Updates