Intel unveils Project Amber for confidential computing

on 16/05/2022 by Shweta Sharma, CSO (Adaptation Jean Elyan, Security, 1126 words

At last week’s Vision event in Texas, Intel launched a security-as-a-service initiative called Project Amber for Confidential Computing in the Cloud. The company is also committed to supporting secure and responsible artificial intelligence and cryptography that is resistant to quantum machines.

Project Amber, the security-as-a-service initiative for confidential data processing, is one of many security advances that Intel announced at the Intel Vision event on November 10-11. May, Fort Worth, Texas. . The company also wants to strengthen its collaboration to make the development secure and responsible in the field of artificial intelligence and take a progressive approach to quantum-safe cryptography. Project Amber’s goal is to provide companies with remote security verification in cloud, edge and on-premises environments. While companies continue to leverage the value of the cloud, security has never been at its peak, said Greg Lavender, CTO and General Manager of Intel’s Software and Advanced Technology Group. Project Amber demonstrates our strong commitment to confidential computing and a zero-confidence approach to certifying and validating computer resources at the network, edge and cloud level, he said.

Confidential Computing Feather Suppliers

Intel defines Confidential Computing as the process of isolating sensitive data payloads using hardware-based memory shields. Trusted Execution Environments (TEEs) are secure areas isolated from other hardware-based execution environments designed to secure data in use. Intel uses its SGX (Software Guard Extensions), available on the Xeon Scalable platform, to implement confidential computing technology. Confidential Computing is a budding industry initiative to help companies better secure their applications and sensitive data during use and processing, says Gary McAlum, chief analyst at Tag Cyber. To secure enterprise data, Confidential IT runs it in secure enclaves that isolate data and code and thus prevent unauthorized access, even when the infrastructure is compromised, he added. It is important to note that although confidential data processing is a strong security concept, it is not a silver ball, McAlum said. With growing data security challenges and the proliferation of privacy rules, it is imperative that companies take a holistic approach to cyber security. Regular patching, implementation of strong authentication checks, continuous monitoring, employee education and training, and data backup and recovery procedures are some of the best practices recommended by Mr. McAlum.

Project Amber and cloud security

Project Amber and its certification process are the essential foundation for trusting the confidential computer environment. As Intel explains, the certification process confirms that a cloud service provider provides the necessary security to protect customers’ data and intellectual property rights when moving sensitive workloads to the cloud. Project Amber is offered as a multi-cloud, multi-TEE service for third party certification. Also labeled as agnostic, Amber is able to support confidential computer workloads in public cloud, private / hybrid clouds and the edge. In its first release, Project Amber will support confidential computer workloads rolled out as just metal containers, virtual machines (VMs) and containers running inside virtual machines using Intel TEEs, explained Nikhil Deshpande, Director of Product Development at Intel . Although this first release only supports Intel TEEs, we plan to expand the coverage to platforms, TEEs in devices and other TEEs later, he added. The founder also works with independent software vendors (ISVs) to connect the Amber project with trust services. Intel’s Project Amber can contribute to the deep implementation of zero trust in cloud environments and address the concerns of many cloud customers about moving highly sensitive IP and data to the cloud by securing data at all times. phases of their life cycle: at rest, during transit and during their use, Gary McAlum also stated. Intel is expected to launch a pilot client of Project Amber in the second half of 2022, with general availability expected in the first half of 2023.

Preparing for the AI ​​of the future

At the Vision event, Intel also emphasized its commitment to supporting secure and responsible artificial intelligence. To this end, the chip maker highlighted its collaboration with BeeKeeperAI, a zero-confidence platform that uses Intel SGX hardware security capabilities and Microsoft Azure’s confidential computer infrastructure to run an AI algorithm in the security industry. healthcare using real clinical datasets without compromising confidentiality integrity. Another partnership, with the University of Pennsylvania’s Perelman School of Medicine, sees Intel help train AI models to locate brain tumors. While the potential of Artificial Intelligence and Machine Learning (AI / ML) to address the significant cybersecurity challenges in a digital world is exciting, concerns about data protection are fully justified, added Tag Cyber ​​analyst Gary McAlum. Intel clearly recognizes the concerns associated with the use of AI / ML capabilities, and therefore its public commitment to work with partners such as BeeKeeperAI and the Perelman School of Medicine at the University of Pennsylvania.

Efforts in quantum cryptography

Intel is also looking for solutions to respond to the threats that quantum computers can represent in the form of symmetric and public key cryptography. Within the next 10 to 15 years, quantum computers can surpass current security technologies. Intel warns of a turn-of-the-century episode, or Y2Q, and is developing a rich pipeline of cryptographic technologies to have cryptographic techniques that can withstand quantum machines when the time comes.

Intel’s approach is staged in several stages:

Avoid data collection by increasing the size of keys and summaries for symmetric crypto-algorithms.

– Increase the robustness of code signing applications, such as firmware and software authentication, using algorithms that are resistant to quantum machines.

– Securing the Internet using post-quantum crypto-algorithms standardized by the National Institution of Science and Technology (NIST).

Leave a Comment