Intel releases Project Amber for Confidential Computing

on 05/16/2022, by Shweta Sharma, CSO (adaptation Jean Elyan, Security, 1126 words

At last week’s Vision event in Texas, Intel launched a security initiative as a service called Project Amber for Confidential Computing in the Cloud. The company is also committed to supporting secure and responsible AI and cryptography resistant quantum machines.

Project Amber, the security-as-a-service initiative for confidential computing, is one of many security advances announced by Intel at the Intel Vision event May 10-11, Fort Worth, Texas. . The company also wants to strengthen its partnership to make advances in the field of AI secure and responsible and adopt a progressive approach to quantum secure cryptography. The goal of Project Amber is to provide businesses with remote security verification in cloud, edge, and on-premises environments. As businesses continue to use the value of the cloud, security has never been more on the mind, says Greg Lavender, CTO and General Manager of Intel’s Software and Advanced Technology Group. Project Amber demonstrated our strong commitment to confidential computing and a zero-trust approach to validating and validating computing resources at the network, edge, and cloud levels, he said. addition.

Feder Confidential Computing Suppliers

Intel defines Confidential Computing as the process of separating sensitive payload data using hardware-based memory shields. Trusted Execution Environments (TEEs) are secure areas that are isolated from other hardware-based execution environments, intended to secure the data used. Intel uses its SGX (Software Guard Extensions) available on the Xeon Scalable platform to deploy confidential computing technology. Confidential Computing is an emerging industry initiative that should help companies better secure their applications and sensitive data while being used and processed, said Gary McAlum, principal analyst at Tag Cyber. To secure corporate data, Confidential Computing operates it in secure enclaves that separate data and code and thus prevent unauthorized access, even if the infrastructure is compromised, he added. It’s important to note that while confidential computing is a strong security concept, it’s not a silver bullet, McAlum said. With the growing data security challenges and proliferation of privacy regulations, it is imperative that businesses adopt a holistic cybersecurity approach. Regular patching, implementation of robust authentication controls, ongoing monitoring, employee education and training, and data backup and recovery procedures are some of the best practices that Mr. McAlum.

Project Amber and cloud security

Project Amber and its validation process are the essential foundation of trust in the confidential computing environment. As Intel explained, the authentication process verifies that a cloud service provider provides the security necessary to protect customers ’data and intellectual property when moving sensitive workloads to the cloud. Project Amber is offered as a multi-cloud, multi-TEE service for third-party authentication. Also labeled as agnostic, Amber is able to support confidential computing workloads in the public cloud, private/hybrid cloud, and on the side. In its first release, Project Amber will support confidential computing workloads deployed as bare metal containers, virtual machines (VMs), and containers running inside virtual machines using Intel’s TEEs, explained in its part by Nikhil Deshpande, director of product development at Intel. Although this initial release only supports Intel TEEs, we plan to extend the coverage to platforms, TEE to devices and other TEEs later, he added. The founder also works with independent software vendors (ISVs) to link the Amber project to trust services. Intel’s Project Amber can contribute to the deep implementation of zero trust in the cloud environment, and address the concerns of many cloud customers about moving highly sensitive IP and data to the cloud by securing data to everyone of time. the stages of their life cycle: at rest, in transit and during their use, Gary McAlum also declared. Intel is expected to launch Project Amber’s pilot client in the second half of 2022, with general availability expected in the first half of 2023.

Preparing the AI ​​of the future

At the Vision event, Intel also stressed its commitment to support safe and responsible artificial intelligence. To this end, the chipmaker featured its partnership with BeeKeeperAI, a zero-trust platform that uses Intel SGX hardware security capabilities and Microsoft Azure confidential computing infrastructure to run AI algorithms in the security industry. healthcare using real clinical datasets, without compromising confidentiality and integrity. The second partnership, with the University of Pennsylvania’s Perelman School of Medicine, sees Intel help train AI models to find brain tumors. While the potential of artificial intelligence and machine learning (AI/ML) to address the significant cybersecurity challenges of a digital world is exciting, data privacy concerns are entirely justified, the analyst added. principal of Tag Cyber, Gary McAlum. Intel clearly recognizes the concerns associated with the use of AI/ML capabilities, hence its public commitment to working with partners such as BeeKeeperAI and the Perelman School of Medicine at the University of Pennsylvania.

Quantum cryptography efforts

Intel is also looking for solutions to respond to threats that quantum computers may represent in terms of symmetric and public key cryptography. Over the next 10 to 15 years, quantum computing could surpass current security technologies. Intel warns about an episode that equates to the passing of the millennium, or Y2Q, and is building a rich pipeline of cryptographic technologies to come up with cryptographic techniques that can withstand quantum machines when the time is right.

Intel’s strategy is presented in several steps:

– Prevent data collection by increasing the size of keys and digest for symmetric cryptoalgorithms.

– Increase the durability of code signing applications, such as firmware and software validation, using algorithms that are resistant to quantum machines.

-Securing the internet using post-quantum cryptoalgorithms standardized by the National Institution of Science and Technology (NIST).

Leave a Comment