Intel has announced a new xeon chip that is design to push confidential computing cloud applications to the next level. The chip is design to improve performance by up to 66%. In addition, the chip also includes an innovative solution for scalable data protection for citizens’ private information. This technology called Intel Secure Guard Extension (SGX).
Microsoft Azure customers use confidential computing with Intel processors to achieve higher levels of data privacy
Azure confidential computing has helped customers in health care, finance, telecom, and government to protect and secure their sensitive data. With a secure and isolated data environment, these customers can run their algorithms and machine learning without fear of unauthorized access. These customers also use innovative solutions to mitigate risks associated with their sensitive data.
Confidential computing is a new approach to securing data in the cloud. It isolates computations to a hardware-based trusted execution environment, also known as a secure enclave. Unlike traditional computing approaches, Confidential Computing able to isolate data while it processed. In addition to isolation, the technology provides enhanced memory protections.
The healthcare industry has gotten a lot of attention recently due to government regulations limiting sharing of patient data outside of the organization. As a result, many organizations have turned to cloud computing services for cost savings and speed. But, with confidential computing, health care organizations can collaborate on medical research across multiple data sets while protecting the privacy of their patients’ private data.
Confidential VMs take advantage of confidential computing cloud services to encrypt sensitive data while it processed. These virtual machines take advantage of modern CPU security. They are a new type of virtual machine available in the East US region.
To protect the integrity of data while processing, Microsoft uses Intel(r) SGX technology, a set of extensions to the Intel CPU architecture. Using the SGX processors, customers can create a virtual machine that acts like a special memory container. This container protected by a Hyper-V-based Virtualization-Based Security (VBS) solution.
Azure also provides a variety of encryption options for its Confidential VMs. Customers can use TLS encryption, which ensures that data securely protected. Another key component is Microsoft Azure Key Vault Managed-HSM, a cloud service that safeguards cryptographic keys for cloud applications.
Intel SGX offers scalable data protection for citizens’ private data
The Intel SGX is a set of x86 instruction extensions that allow applications to run securely. It provides data and memory sealing, execution isolation, and confidentiality protection. These features have the potential to help financial services organizations meet compliance obligations. And they can also significantly scale the data analytics activity of companies.
Intel SGX can protect enclaves from both physical and covert channel attacks. However, it’s important to understand that it cannot offer protection against denial-of-service (DoS) or side-channel attacks. That’s because it relies on a combination of hardware and software.
The Intel SGX also has a remote attestation function that allows users to release confidential data into the enclave. This allows third parties to verify the enclave’s integrity.
To build an enclave, the developer must use the Intel SDK. He will first have to split the application into trusted and untrusted components. Once that done, the developer will be able to program the binary into the memory allocated to the enclave.
After the enclave programmed, it can test for security by running it against the Intel Attestation Service. When the enclave verified, a verification report generated. Using this report, developers can share sensitive data with other developers via sealed data blobs.
For further information, read the documentation for the Intel SGX. Read about the enclave programming model. Also, learn about the policies that affect the derivation of the encryption key.
The enclave programming model requires three distinct entities: a developer, an Enclave Developer, and an enclave. Each enclave contains a set of enclave functions. They can communicate with other enclaves and with the system. A weakly developed enclave may not provide confidential data processing.
Intel 4th Gen Xeon Scalable processors deliver improvements of up to 66%
Intel’s 4th Gen Xeon Scalable processors are design to tackle the world’s most complex problems. With new power management improvements, platform economy and improved performance, these processors built for AI, analytics, security, and datacenter efficiency. They enable the software-defined future for industries. These solutions provide greater flexibility and lower total costs of ownership.
With the help of these new processors, organizations can migrate workloads with sensitive data to the cloud. With the Intel TDX, they can optimize their costs, port existing applications and benefit from secure, end-to-end virtualized 5G networks. The Intel TDX also meets the Confidential Computing Consortium (CCC) standard.
This innovative CPU comes with a variety of features that ensure a seamless experience for customers. These include On Demand capability, the ability to easily add features and a software agent for license provisioning. It also features the industry’s most comprehensive confidential computing portfolio.
Intel Xeon Scalable processors optimized for low latency network applications and provide leading performance in a wide range of workloads. With built-in accelerators, they reduce latency and save power. For example, these processors achieve a 10x higher PyTorch real-time inference performance when compared to the prior generation. A high bandwidth memory improves data speed for HPC and AI applications.
Intel’s 4th Gen Xeon processors optimized for security and privacy, allowing companies to protect their valuable customer data. The processor uses a virtual machine isolation technology called Trust Domain Extensions. Since these processors meet the CCC’s security requirements, organizations can move sensitive data to the cloud with confidence.
The processor offers up to 70 watts of power savings. Customers can expect this to occur in an Optimized Power Mode that can have less than 5 percent impact on performance.
Project Amber secures the trustworthiness of data as it moves between devices
Intel has announced Project Amber, a new service that aims to secure the trustworthiness of data as it moves between devices. The service will offer independent third-party attestation as a service, ensuring that customers’ workloads vetted and verified.
As businesses transition to cloud and hybrid work environments, validation of reliability is important. By involving a third party in the proof process, Intel able to offer unbiased verification, which is essential to gaining trust in the technology.
Project Amber aims to secure the trustworthiness of compute assets and data while moving between clouds, edge, and on-premises. This service will support containers running in virtual machines, bare metal containers, and other trusted execution environments (TEEs).
Among the many use cases for Project Amber are healthcare, machine learning, and AI. The service will be cloud-agnostic, so it will run on any platform, including public, private, and hybrid cloud providers.
One of the major challenges for enterprises leveraging the cloud is data security. While the cloud provides a reliable foundation for collaboration, securing data in transit and in memory is also crucial. To address these issues, Intel has collaborated with several software vendors to enable trust services.
One example is Accenture, which selected Intel’s Software Guard Extensions (SGX) to create a secure execution layer in memory. This technology used to train AI models.
Leidos, a company with a market cap of $13.7 billion, has been testing Project Amber in its health group. They are using the attestation service to protect their connected clinical workloads.
According to an Everest Group report, the confidential computing market will grow at 90 to 95 percent compound annual growth rate (CAGR) through 2026. It will reach $54 billion.
Optane memory solution is a cloud computing solution
Optane memory is a new type of non-volatile storage that delivers low latency and higher data density. It also adapts to user habits, recognizing frequently used applications and re-directing power to them when the system is not in use.
Intel Optane technology offers a low-cost, fast way to increase productivity in a work environment. The technology is use in several Intel products, including Xeon processors and memory modules.
This new type of memory technology allows businesses to improve application performance and accelerate analytical pipelines. By providing faster access to memory, VMs can increase the size of their workloads on a single server. A high-performance, low-latency memory solution can also help companies to improve their security.
Compared to traditional NAND flash memory, Optane memory is much more durable. It can handle large workloads with ease. It also has a faster boot time and a greater capacity.
Optane memory is also a non-volatile storage solution that can use to cache frequent accessed files. It is ideal for the enterprise server market, where data must efficiently analyzed and stored. In addition, it can use in a VMware vSAN as a storage solution.
As the volume of global data continues to grow, cloud infrastructures required to adapt. These infrastructures must be able to provide the fastest access to data. To address this need, Intel has developed a range of tiered memory solutions that are design to offer optimized performance.
A wide range of companies are already using Intel Optane. A recent study conducted by Oracle found that more than half of Fortune 500 companies are running proof-of-concept trials. Nearly 85 percent of these tests have converted to production environments.
Recommended readings:
- Cloudflare Announces Email Security Data Protection Tools
- Capital One Breach Conviction Exposes Scale of Cloud Entitlement Risk
