Intel recently hosted the Innovation conference in San Jose. Innovation is focused on the developer community and provides an opportunity for attendees to learn about the latest technologies and innovative computing solutions. The event also showcased the value Intel places on security and empowering developers and customers with cutting-edge hardware and software solutions that raise the bar for security.
The Day 2 keynote by Greg Lavender provided an update on Intel’s Project Amber initiative. Intel has blazed trails for Confidential Computing and engineered Software Guard Extensions (SGX) to facilitate secure computing. Organizations need to be able to establish a Trusted Execution Environment (TEE) across cloud platforms, SaaS applications, and other external environments, though, so Project Amber was developed to provide an independent, third-party trust authority.
Intel Security Chalk Talk
In conjunction with Intel Innovation, Intel also conducted a Chalk Talk session with media. Anil Rao, Vice President & GM of Systems Architecture & Engineering for Intel, and Amy Santoni, Intel Fellow outlined security projects and priorities at Intel and answered questions from the audience.
Anil started the Chalk Talk session by laying out the four fundamental areas Intel focuses on when it comes to security. First, he stressed that security is a mindset and that it is important for every engineer in the company and every engineer in partner organizations to understand that they need to think of security from a mindset perspective. The other three pillars of security are technology—and engineering secure technologies, assurance and transparency—addressing how the company reacts to security incidents and resolves open issues, and finally protecting Intel itself. Anil noted that Intel is a large company and a high-profile target, and that it’s essential for Intel to embrace security best practices and continue to raise the bar for security.
He provided an overview of Confidential Compute. Organizations have protected data at rest and data in transit for some time now, but Anil pointed out that threat landscape has shifted and that is no longer good enough. Things like insider attacks, in-memory attacks, and privilege escalation attacks mean that we must also protect data while it is in use. “Confidential computing as a technology is invented to address this last mile problem with data encryption and data protection,” explained Anil.
Amy discussed the trust boundary and described how a Trusted Execution Environment (TEE) is different from a standard virtualized environment from a cloud service provider. She also explained Control-Flow Enforcement Technology (CET)—which is supported in the fourth-gen Xeon Scalable processors. “There are certain attacks where when you do a call, or jump, or return, as you’re jumping around within your code, it will protect against this class of attacks.”
Focus on Security
Lots of companies are focused on security, but very few are capable of influencing the security equation as strongly as Intel. As I wrote in 2020 when I first covered the concept of CET, “Malware will continue to exist. Developers will continue to create applications that contain weaknesses and vulnerabilities for attackers to exploit. Cybercriminals will continue to develop innovative workarounds and new exploits to continue the game of cybersecurity cat and mouse. Those applications run on hardware, though, which puts Intel in a very strong position to help address the problem.”
CET, SGX, Confidential Compute with TEEs, and now the addition of “Project Amber” as an independent, third-party trust authority, are all evidence of Intel’s continued commitment to security. Through both hardware and software initiatives, Intel remains focused on innovating solutions that improve trust and confidence in computing, while raising the cost of entry for threat actors and making it more difficult to execute successful attacks.