At Intel’s Vision event held in a hybrid format last week, it turned its focus to how it will meet the growing security needs of organisations today. Focusing on one of the most critical security elements for any organisation – trust – Intel introduced an independent trust authority in the form of a service-based security implementation code-named Project Amber. It also demonstrated its focus on enabling secure and responsible AI, and outlined its strategy to further build quantum-resistant cryptography for the coming quantum computing era.
Greg Lavender, CEO, SVP, and GM of the software and advanced technology group at Intel, says: “As organisations continue to capitalise on the value of the cloud, security has never been more top of mind. Trust goes hand in hand with security, and it is what our customers expect and require when delivering on Intel technology. With the introduction of Project Amber, Intel is taking confidential computing to the next level in our commitment to a zero-trust approach to attestation and the verification of compute assets at the network, edge and in the cloud.”
Trust Assurance for the Hybrid Workforce
Businesses operate in and depend on the cloud to support remote workforces that require multiple devices, uninterrupted access, and collaboration tools. Technology solutions need to secure data not only in memory and in transit, but also in use – protecting valuable assets and minimising attack surfaces. Project Amber promises to provide organisations with remote verification of the trustworthiness of a compute asset in cloud, edge and on-premises environments. This service operates independent of the infrastructure provider hosting the confidential compute workloads.
Confidential computing, the protection of data in use by performing computation in a hardware-based trusted execution environment (TEE), is a growing market. Intel Software Guard Extensions (SGX) available on the Intel Xeon Scalable platform is one of the main technologies powering confidential computing today, enabling cloud-use cases that are beneficial for organisations that handle sensitive data on a regular basis.
The foundational basis of trust in a confidential computing environment is established via a process called attestation. The verification of this trustworthiness is a critical requirement for customers to protect their data and intellectual property as they move sensitive workloads to the cloud. To raise trust assurance and drive forward the promise of confidential computing for the broader industry, Intel announced Project Amber as the first step in creating a new multi-cloud, multi-TEE service for third-party attestation.
Intel provided the following information on benefits of Project Amber:
- Designed to be cloud-agnostic, this service will support confidential computing workloads in the public cloud, within private/hybrid cloud and at the edge. Interposing a third party to provide attestation helps provide objectivity and independence to enhance confidential computing assurance to users.
- In its first version, Project Amber intends to support confidential compute workloads deployed as bare metal containers, virtual machines (VMs) and containers running in virtual machines using Intel TEEs. The initial release will support Intel TEEs, with plans to extend coverage to platforms, devices and other TEEs in the future.
- Intel is also working with independent software vendors (ISVs) to enable trust services that include Project Amber. New software tools, such as published APIs that enable ISVs to incorporate Project Amber to augment software and services, will complement Intel’s platforms and technologies, and bring more value to customers and partners.
Intel plans to launch a customer pilot of Project Amber in the second half of 2022, followed by general availability in the first half of 2023.
Paving the Way for Secure and Responsible AI
Artificial intelligence (AI) propels technology even further, enabling insights and automation to handle greater scale. With this proliferation of sensitive information, the threat landscape grows, as do the surrounding security concerns. That’s why Intel is committed to developing artificial intelligence that is secure and responsible. Highlighting the criticality of AI outcomes being used as a force for good, Intel emphasised the key question technologists should ask before they decide to continue pursuing development: Does the technology contribute to improving our society?
Intel provided the following information on use cases of its AI deployments:
- BeeKeeper AI uses Intel SGX hardware-based security capabilities and Microsoft Azure’s confidential computing infrastructure to provide a zero-trust platform. It enables an AI algorithm to compute against multiple real-world clinical datasets without compromising the privacy of the data or the intellectual property of the algorithm model. This is accelerating healthcare AI development and deployment innovation by more than 30% to 40% when compared to the current method.
- Intel’s research partnership with the University of Pennsylvania, Perelman School of Medicine’s Federated Tumour Segmentation, or FeTS initiative, uses a set of Intel hardware and open-source software technologies to improve the training of AI models to locate brain tumours. Intel technology helps ensure each institution can participate in improving the fidelity and quality of the inferencing algorithms by using Open Federated Learning (OpenFL). OpenFL enabled 55 institutions across six continents to collaborate while preserving the security and privacy of their individual datasets. The result is an AI model that improves efforts to locate tumours by 33%.
The responsible use of AI also serves as an example of how the industry can come together and pave the path for deployment across verticals that include healthcare, financial services, manufacturing, retail and entertainment, among others.
Quantum-Resistant Cryptography for a Secure Quantum Computing Future
As quantum technology continues to develop, post-quantum experts anticipate a moment in the next 10 to 15 years when, as an industry, it will reach a similar situation as the “millennium bug.” Many call it “Y2Q.”
Quantum computing impacts both symmetric and public key cryptography, and will require the entire ecosystem to bring ingenuity and collaboration to find solutions. To be Y2Q-ready or quantum-resistant by 2030, the time to act is now. Intel is developing a rich cryptography technology pipeline to lead the industry with innovations that are quantum-resistant, including the built-in crypto acceleration in the 3rd Generation Intel Xeon Scalable platform that provides next-generation security without sacrificing performance.
Intel is working proactively to address threats posed by quantum computers. The company developed crypto guidelines for Intel products, actively contributed to post-quantum crypto standardisation efforts and is evaluating the new families of crypto algorithms being considered for standardisation by the National Institute of Standards and Technology (NIST).
Intel has adopted a phased approach to address threats posed by quantum computing:
- Address the problem of data harvesting by increasing key and digest sizes for symmetric crypto algorithms.
- Increase robustness of code signing applications such as authentication of firmware and software with quantum-resistant algorithms. This helps guard against attacks that break classical crypto to run malicious code.
- Secure the internet with post-quantum crypto algorithms standardised by NIST. This includes key encapsulation and digital signature algorithms fundamental to securing transactions over the web.
Security technologies must accommodate not just the needs of today, but those of tomorrow. Intel’s breadth and depth of hardware and software technologies enable customers to derive additional value from their existing platforms.