By Anil Rao, VP & GM, Systems Architecture & Engineering, Office of the CTO
Trust is something we often think of as earned between people. This concept is evolving in the digital world, where we must trust the infrastructure before we can trust the information it presents us. We send data across networks (encrypted), store it in public clouds on shared servers (encrypted), but until recently, process that same data “in the clear,” that is, unencrypted. The emergence of Confidential Computing has changed that paradigm.
Confidential Computing delivers a means to protect data while it is being processed by processing it within a secure enclave, or hardware-based trusted execution environment (TEE). Inside this environment, no other software on the device and the device owner has access to the data. New use cases are emerging rapidly, particularly in machine learning, to take advantage of this enhanced confidentiality. But how do we ensure the trustworthiness of the enclave? That is, how do we know that the enclave isn’t something else posing as a TEE, tricking the software into running its sensitive workload where someone can access that data?
Traditionally, cloud service providers have addressed this conundrum by providing an attestation service which uses cryptographic measurements to determine whether the enclave has been tampered with. While extremely effective, a few opens remain.
First, in this case, the infrastructure provider (CSP) is also providing the service attesting to the security of the infrastructure. Interposing a third party increases independence and objectivity, enhancing the trustworthiness of the attestation. Second, for enterprises using multi-cloud or hybrid cloud workloads, it may be difficult to achieve uniform and consistent attestation with a CSP-centric solution.
To address these concerns, Intel has introduced Project Amber, which will further enhance the security of confidential computing by de-linking attestation and infrastructure. Not only will this solve the self-attestation open, it will also enable attestation to be available consistently across multiple clouds, without requiring enterprises to invest in such attestation capabilities themselves. For more details on Project Amber, please read this blog.
Confidential computing will enable, in many cases for the first time, ecosystems in which preservation of privacy is critical, to share data and collaborate for the greater good. Intel’s Project Amber will enhance their ability to do this without worrying about compromising the confidentiality of their own IP or the privacy of their customers. This will change computing fundamentally, and we are likely to see exciting new use cases emerge.
Intel Product Assurance and Security (IPAS) is designed to serve as a security center of excellence – a sort of mission control – that looks across all of Intel. Beyond addressing the security issues of today, we are looking longer-term at the evolving threat landscape and continuously improving product security in the years ahead.