Speaking at this year’s RSA Conference, Intel revealed information on its data centre security strategy and additional components.
In a presentation, Simon Johnson, Intel’s SGX program architect discussed the reasons why an effective security strategy is built on a foundation of trust rooted in hardware and also why it requires technologies that protect the data through all phases, at-rest, in-flight and in-use.
Intel also confirmed the availability of its newest cryptographic isolation technology for data centre usages.
The company mentioned that its Intel Software Guard Extensions (Intel SGX) being deployed to data centres will allow application developers to protect select code and data from disclosure or modification.
Intel SGX is also distinguished from other cryptographic isolation technologies as it addresses all cryptographic isolation at the most granular application level to enable fine-grained data protection within the tightest trust boundary.
The technology offers the most granular level of encrypted protection so far in the industry and assures data privacy even if the case of breaches into the OS, BIOS, VMM and other applications.
In a blog post, Intel identified that for a long period of time developers have been overwhelmed by the level of security capabilities major platform providers have exposed for application development.
Only until now has there been a change to the usual force directed to developers to rely on the provider’s security architecture and no way to apply a security model designed to fit their own requirements.
This is what led to the design of Intel SGX, a new model that protects selected code and data from disclosure or modification and also described as “a hardware-assisted trusted execution environment with the smallest possible attack surface.”
By using Intel’s trusted execution environment, developers are able to identify and record privacy, secure browsing, DRM, harden end point protection or any high assurance security use case that needs to safely store secrets or protect data.
Intel SGX is now available for use on Intel’s Xeon E3 v5 platform, consisting of a set of CPU instructions and platform enhancements to deliver secure locations for application code and associated data.