Intel Leads the Way in Security and Software at Intel Vision
For most people, the name Intel conjures up hardware. Intel has played a pivotal role in the explosion and evolution of processor technology over the past 50 years and remains a dominant player in computing hardware. At Intel Vision in Dallas last week, however, the company shared an alternate version of “Intel Inside” – encompassing the software side of the equation as well.
In his keynote address on Day 2 of the event, Greg Lavender, Senior Vice President and Chief Technology Officer; The general manager of Intel Software and Advanced Technology Group, began by expressing his appreciation for Michael Faraday’s contributions and described himself as “software, captured in the electromagnetic field of hardware”.
He talked about digital transformation and the benefits of new technologies, but added a caveat. “Each innovation brings new challenges. It is true that the seamless integration of technology into our lives allows us to do more than ever. But at the same time, it creates an attack surface and attack vectors on a scale we’ve never seen before.
This set the stage for discussing the importance of confidential computing and the initiatives Intel is working on to build trust and improve cybersecurity for everyone.
Performance Analytics as a Service
I spoke with Lavender at the Intel Vision event about his keynote and about Intel offering a software-as-a-service (SaaS) solution to help developers optimize application performance. Or, provide an “easy button” as he explained.
Intel is in a unique position to understand how hardware works. They designed it. As such, Intel also knows intimately what the hardware is capable of and how to optimize performance.
By contrast, Lavender noted that there are about 25 million software developers, with about a million added last year. Many are not deep and experienced programmers. The advent of low-code and no-code development tools has lowered the entry bar. These developers want an app that works, is secure, and can scale, but they don’t necessarily have the knowledge or skills to know how to do it all.
Hence the “easy button”.
There can also be significant costs associated with poor performance. Cloud platforms and services are typically charged based on resource consumption. Apps that use these resources inefficiently can result in a shocking bill at the end of the month.
Intel Acquired aggregate—a company focused on optimizing cloud performance. Granulate automates the process of identifying issues and bottlenecks, and fixing inefficiencies to improve performance and reduce costs.
Intel provides an initial profile and recommendations free of charge. For most businesses, however, software changes often. DevOps practices and CI/CD (continuous integration/continuous deployment) tools have accelerated the development cycle. To ensure optimal performance on a consistent basis, Intel offers Performance Analytics as a service under a subscription license through Intel Developer Cloud.
Another software initiative shared by Intel at Intel Vision is “Project Amber”.
Trust makes the world go round, especially online. Our world is increasingly dependent on and revolves around technology. Connecting to platforms and services, interacting with applications, and communicating between devices or individuals all require trust – trust that the entity on the other end is legitimate and that all communications and data between point A and point B will be secure and protected against interception or unauthorized access.
The question is how to get that trust.
In a nutshell, three steps must be taken for confidential computing. First, you request an instance from the cloud. Second, the instance is generated in a secure execution environment (TEE). Third, based on this attestation and trust, you deploy sensitive workloads in the cloud.
It sounds relatively simple, but there are problems. I spoke to Nikhil Deshpande, Director of Product Development at Intel, about the challenges of trust in online interactions. He pointed out that in many cases today, the cloud platform you are requesting the instance from attests to the reliability of its own TEE. This self-attestation is a problem for some customers, especially in tightly regulated industries.
Another challenge organizations face is that many have hybrid environments that span multiple cloud platforms. They can get an attestation from a cloud platform, but it’s limited to that infrastructure. If you run workloads on three different cloud platforms, you end up with three different attestations and no uniform way to ensure trust across the entire environment.
Finally, Deshpande said a third challenge is that some organizations are trying to solve the first two challenges by building their own attestation framework, but it’s complex. It costs a lot to build and maintain a functioning system.
Intel hopes to address these challenges with “Project Amber.” “Project Amber” will be an independent third party trust authority. The easiest way to explain this initiative is to compare it to a certificate authority (CA). A certificate authority is an independent third party that provides certificate assurance. “Project Amber” will do the same for confidence.
Within a system, a TEE typically relies on a Trusted Platform Module (TPM), a physical or embedded technology that resides on the motherboard or in the processor. TPMs use cryptography to securely store essential and critical information and enable platform authentication. The main question I have regarding “Project Amber” is, “How do you get that level of trust in the cloud? How do you know you can trust the trusted authority?”
Deshpande explained that part of “Project Amber” is a feature called Verify Trust Authority Integrity. “We will have verification capability for end users to make sure they can actually see how ‘Project Amber’ has verified certain things. Our intention is to be very transparent, because security needs transparency, and we want to be transparent about all of them, so there are features built into the service to provide assurance to the “Project Amber” user that this is how this attestation has been protected.
The initiative is currently in its infancy. Deshpande explained that Intel plans to launch a pilot of “Project Amber” by the end of this year, with the goal of moving to GA (general availability) by early 2023.
This is just the tip of the Intel Vision iceberg. Intel executives shared tons more on the roadmap, and…well, a vision of what lies ahead. These two aspects stood out for me, however, as examples of a company that is synonymous with PC hardware pursuing new horizons and exploring how software can make hardware better and safer.