What That Means: Intel Trust Authority | Intel Technology
(gentle music) - [Narrator] Welcome to "What That Means" with Camille. In this series, Camille asks top technical experts to explain in plain English, commonly used terms in their field. Here is Camille Morhardt. - In today's episode, "What That Means", Intel Trust Authority. We're going to cover the new suite of security software and services that Intel introduced at its innovation conference. I have with me to discuss the attestation service, first offering out of Intel Trust Authority, Raghu Yeluri, its Chief Architect, and Nikhil Deshpande, the General Manager.
We're gonna begin the conversation with Nikhil and talk about why now, why it matters, what kinds of customers are going to be interested in Intel Trust Authority attestation service. And then I'm gonna talk with Raghu Yeluri about how developers can begin to implement the service and what it takes to get started. Welcome to the podcast, Nikhil. - Hey, thanks Camille.
- So tell me first, why does Intel Trust Authority exist? - That's a fundamental question about what it does. So what is the Intel Trust Authority? It's a suite of security services, either security or trust services, that provide assurance to our customers that their workloads and the data that are running on their platform of choice is secured correctly, is protected correctly. So you could be running your workloads on the public cloud, private cloud, edge cloud, or somewhere in between with the hybrid cloud. The purpose of Intel Trust Authority SaaS that we just launched is to provide that assurance in a very independent manner, in a scalable manner across all these infrastructures. - I know that there is this notion of confidential computing that helps protect workloads while they're actually being processed within let's say a cloud service provider. How does Intel Trust Authority sort of layer onto that? - You're right.
Confidential computing allows our customers to protect their code and data that is running on a shared infrastructure in a confidential and protected manner, right? Confidential computing depends on a technology called trusted execution environment. Environment that is a combination of software and hardware. And this environment basically provides an assurance to those workloads that are running inside that the code and data remains encrypted outside of that environment in the memory, but when it moves inside the environment, that's where the processing happens in a secure fashion. So it's almost like a secure vault.
When you think about this, you are basically going to trust that environment and how do you know that that environment actually trustworthy? And this is where a capability that is built into confidential computing plays significant role, which is called attestation. Fundamentally, what attestation is about is proving or verifying certain things. So in the context of Intel Trust Authority what we are doing is we are providing an independent verification of trustworthiness of that trusted exhibition environment that the confidential computing provided. Why it's important? Because as a customer you are going to depend on that environment and you are going to count on that environment to protect your workloads and data and code and so on. We provide an independent assurance of verification that that environment is actually trustworthy, and various aspects of things that we check to give you that assurance that this is trustworthy.
- So what uses are you seeing so far for this? - We have a set of customers that come from various different segments. Talos will be integrating this Trust Authority service into their key management so that they can provide a seamless experience to developers who want to develop various applications. And those applications could be in any segment. We see financial segment, we see healthcare applications, we see even security solutions companies, security services companies using it. And of course there's also government angle. So what we have announced so far is basically Talos, and then you must have noticed Zscaler.
Zscaler was on stage with Greg Lavender, our CTO, talking about how this enables zero trust. So Zscaler basically is going to use Intel Trust Authority service to harden their own zero trust solutions so that they can provide that independent assurance to their customers. And the segments that I see basically coming onto this service are coming from sensitive workloads, coming from financial, imagine doing analytic, database analytics for money laundering detection. That is the one use case. There are many other use cases in the financial segment. Then in the healthcare segment there is a federated learning opportunity that customers are looking at where multiple data sets can be combined really to learn more from the combined information and improve your models.
You saw Zscaler basically announcing how they are hardening their security solution. And you will also see some blogs coming from us about other customers in federal space, in the government space that are using this technology. So the application for Intel Trust Authority is basically across all these segments that we have seen. We also see application into manufacturing. We actually see applications in AdTech.
Some of the concerns that AdTech has is around regulations that how do they meet regulations like GDPR and then still be able to actually provide targeted ads and so on. Confidential computing with this independent attestation coming from Trust Authority, Intel Trust Authority is going to enable those type of use cases. I don't know if you were on the show floor we had a lot of customers that were showing demos. One of the demos was around data clean room. So we see also that being a use case that is future that is a part of the use case, what AdTech is looking at, but there are other segments as well. So the use cases are out there and customers are already using it.
I think the the key is because we are able to provide now enhanced in confidential computing, I think we are gonna see more and more customers adopting confidential computing and that's great for the industry. - Right now, confidential computing environments are limited to server environments and I know that we're seeing more and more AI kind of migrate its way toward the edge. So are we gonna be seeing this kind of independent attestation and confidential computing environments closer to the edge over time? Where do you see this evolve? - You know, when we started with confidential computing it actually started with the client, and then it expanded into the servers in the data center.
In my view, confidential computing is going to be everywhere. How it gets basically deployed is a different story. There might be some limitations on edge that will make specific choice of technologies, but confidential computing which is protecting your data when it is being processed is a foundational capability that you will see across from cloud to edge. And you need to.
Now, one way I describe it to my team about confidential computing is if you remember the time when we had HTTP the plain HTTP, not the SSL, what happened when we added S to HTTP, when we added secure the socket layer suddenly internet basically became an e-commerce engine. Lot of use cases happened there. So the way I think about confidential computing is adding C to the computing. In future all of the computing will be confidential computing.
It will be given. There are lots of opportunities for confidential computing to make gen AI more trustworthy, more privacy sensitive, may come more confidential sensitive and protecting PII as well as the proprietary data. So for enabling that, and given that AI is becoming more hybrid, we expect that confidential computing will be across from your client to data center to edge, to your even actuator and sensors in your IOT space. And Intel Trust Authority, the first release that we announced is only doing attestation for confidential computing technologies like Intel SGX and TDX. But our vision is to basically cover the whole gamut. We want to provide that assurance, the independent assurance for our customers, for everything and anything that they care about.
If they're running workloads on the edge and they want to get assurance that that edge is secure that's what we want Intel Trust Authority to be. And that's part of our roadmap is how to basically grow the span of attestation across everything horizontally and vertically so that customers basically feel very comfortable deploying their workloads wherever they wanna deploy, whatever their platform of choice is. - I expect one of the benefits of having this be a software as a service, especially when you're doing this multi-party compute and confidential data sharing, it sounds like an oxymoron, but it isn't because it's actually providing the ability to verify that workloads and data haven't been compromised or tampered with. And then it can send out that verification to every participant.
Is that right? - When you say confidential data sharing it kind of feels awkward because when you decided to do data sharing you assume certain things. There was some trust that was built into this, right? This is a prototypical example of multi-party competition or multi-party data sharing. Parties have decided that we need to share data with each other. Why? Because the power of combined data is much greater, and we will all benefit from that combination if we agree to collaborate. Okay, that's the fundamental premise.
Now the issue is, but data is my IP. Literally data means dollars, data means monetization. So I'm not going to share this data willy-nilly I want to have some control on it, it should be with me.
So how do you now enable this data sharing while maintaining data control? And that's what confidential computing enables you to do, where you are not actually directly sharing clear data with everybody, you are actually putting it in this secure vault, right? confidential computing TEE, that ensures that data will coming in, but data will not be shared across the parties. And if you take this example then, I use the word secure vault or some TEE, somebody's going to double click on it and say but how do I know that vault is secure? No one has tampered with it? That's attestation, that's what Intel Trust Authority provides you. That provides independent verification of that vault, let's say use that term, to say that no one has tampered with it. It is a genuine Intel TEE, okay. It is correctly patched. No one has taken advantage of, you know, not patching it correctly.
It has been launched correctly on the authenticated firmware. And everything that is happening inside is actually matching what we were supposed to have. All that assurance that four things that we just did. Those four assurances go to all the parties in an independent manner. So they are not, they're mutually trusting but I call them mutually distrusting also, because if they're full trust, they don't need all this, right? But there was a mutual distrust and our service basically brings that trust there saying we are providing you indifferent verification of this, and that's what will enable this data sharing.
- Are you only then verifying Intel trusted execution environments or is this service going to go broader than Intel? - What we announced at our GA is we are. our first release will support Intel SGX and Intel TDX technologies. But our intent is to expand, beyond not just Intel but third party CPUs, GPUs, you just name it.
And I don't know if you saw this but NVIDIA basically mentioned in open confidential computing summit that they're working with us on Intel Trust Authority as well. So we plan to expand the scope to other devices, other technologies, even if they don't belong to Intel. Also other parts of the platform that customers care about because they may not just care about confidential computing environment, they might want to care about other things of the platform.
- Can you share any other roadmap tidbits with us? (chuckling) - Let me share this way. I get super excited when someone asks me, hey, what's where this is going? I'm super excited that we announced it, but I'm more excited at where it's going to go. I can give you one idea about, you know, what the roadmap looks like, think about everything that a customer cares about when let's say you are running something of very important value to you on someone else's infrastructure. What questions do you have about whether this is secure, whether this is trustworthy? All those questions that you have you can list those and I will have those on our road.
- Thank you Nikhil Deshpande, GM of Intel Trust Authority, newly released in its general availability format, Intel Innovation in September, late September of this year. Thanks for joining us. - Thank you Camille. (gentle music) - And now we're gonna switch over and have a conversation with Raghu Yeluri, who is chief architect of Intel Trust Authority's Attestation Service.
Raghu, we are gonna chat about how developers can implement the service and what it takes to get started. Welcome Raghu. - Thanks Camille, thanks for having me. - Are most people using this from the perspective of like I'm an enterprise or a company and I'm running certain workloads, maybe with sensitive information or I wanna adhere to compliance requirements or recommendations around the world.
And so I wanna run these workloads within a confidential computing environment and I just wanna make sure that these environments have not been compromised, and the workloads have not been tampered with? Is that the sort of primary reason for using this? - Before Intel Trust Authority got announced, we did quite a lot of pilots with customers. And most of these pilot customers were either in healthcare industry, financial services, or other highly regulated industries. And the primary requirement for them is, hey, we are dealing with sensitive data, we are dealing with sensitive code which are typically highly trained AI models. We need to run them in a third party cloud whether it's public cloud or hybrid cloud environment. And we want to ensure that there are no data breaches, no IP laws, and no regulation violations. Most of the confidential computing customers are coming from these kind of requirements.
And for them it's very important that there is proof that when they move their data, when they move their IP, into these confidential computing environments they need proof that they're truly confidential environments, they are what the cloud provider says they are, and they can provide that proof to their auditors, to their security monitoring environments. So that's where most of the interest for confidential computing and for Intel Trust Authority's coming. Whether it's AI training, whether it's AI inferencing, they want to protect either the models or the data or both.
- Because confidential computing already exists and Intel Trust Authority is just now released publicly. So what happened, you know, prior to Intel Trust Authority there must have been some mechanism for attestation and you know, how is that different or why is it important to have another attestation service out now? - When you think in terms of attestation or trustworthiness verification there are three models that you can use. One is the infrastructure provider. The cloud provider who's giving you access to the trusted execution environments. They can provide the attestation verification as well. That's a very acceptable model for many customers.
Then the second model is, hey, I don't trust the cloud provider to give me both. I require a separation of duties for compliance requirements. I'm gonna build that attestation service myself. Let the cloud provider give me the infrastructure. But I'm gonna do that verification myself.
That's a very viable model as well, but the challenge with that model is many customers are not interested in investing into something that's not their core line of business. And it needs to operate at scale, it needs to operate at low latency and high performance requirements and that's the huge CapEx expense for them as well, and OpEx as well. So there's a third model which is, hey, I don't depend on the infrastructure provider, I don't want to do it myself. I want a third party, an independent entity, to provide that attestation at scale, that verification at scale, so that it meets my separation of duties requirements, I don't have to invest so much money, my talent into it, but at the same time it gives me the scale that is required. And Intel Trust Authority is that third aspect of this requirement. - I have an interesting question outta that.
So for example, Microsoft Azure as part of their confidential computing environment they also offer attestation, but Azure has also worked with Intel specifically to make sure that Intel Trust Authority can be used as attestation in their confidential computing environment. Is this competition, like why would they be interested in allowing or you know, facilitating this service in their confidential computing environment? - Like you said they already have their Microsoft Azure attestation, but when they started talking to their regulated customers the feedback they got was, separation of duties is important for us as well. We don't want you to provide the attestation as well for all the confidential computing environments that are hosted inside the Microsoft Azure cloud. So Microsoft reached out to us saying, hey our customers are asking for Intel Trust Authority as well. The way Intel and Microsoft work together on this one is, hey you are okay with Microsoft Azure attestation, just use it.
But if you want the separation of duties here is an independent third party attestation called Intel Trust Authority that you can use. Now the question that comes is somebody has already integrated with Microsoft Azure attestation, and they don't wanna make changes to work with Intel Trust Authority. So Intel, Microsoft work together so that they make only one change in the code which is pointing from Microsoft Azure attestation website to Intel Trust Authority URL. One change, and all the APIs are fully interoperable between Microsoft and Intel. And when the Intel Trust Authority provides a token, what we call the attestation token, it is compatible with Microsoft attestation token.
So that downstream all the other reliant parties which are depending on Microsoft's attestation token, they don't even know that the token came from Microsoft versus Intel. One of the things I maybe I should have mentioned is how we are integrating with NVIDIA's confidential GPUs as well. NVIDIA has confidential computing enabled GPU's, the H100's, they have trusted execution environments on them. So a trusted domain like Intel TDX, based trusted domain, can offload some of the the AI processing or GPU processing into the NVIDIA environment. But it needs to verify that it's a genuine NVIDIA H100 trusted execution environment. So Intel and NVIDIA work together with Intel Trust Authority, so that you make one call into Trust Authority, it'll verify that TDX is a good one, and if there is a GPU with H100, it'll automatically verify the goodness of that as well, and provide what we call a composite token.
So please stay tuned for this unified approach in the very near future, we will have that as part of Intel Trust Authority. - I'd like to get into implementation. If I'm a developer and I have a workload that I want to make sure can partake of the attestation service, Intel Trust Authority, what do I need to do to set it up? And I could either be creator of a workload as a developer or I could be an enterprise, let's say, protecting a workload or an AI model that I have. - So Camille, there are really four things that a developer has to make sure, before they can use Intel Trust Authority seamlessly within their environment. Number one, they need to make sure that they have access to a confidential computing infrastructure. So what I mean by that is either they have to have Intel SGX or Intel TDX capable infrastructure that is provided by the infrastructure or the cloud provider.
Whether it's Microsoft Azure, whether it is Google, any of these core providers do have confidential computing environment that they have to have access to. Number two, they have to make a decision whether they want to use Intel, SGX or Intel TDX. Each has certain differences in security properties.
They can make a choice based on whether they have the ability to make some optimizations to their applications and workloads, or they want to purely do a lift and shift of their applications into this confidential computing environment. If it is pure lift and shift, go use Intel TDX. But if you have ability to optimize it a little bit, go use Intel SGX, because you get much tighter security properties there.
So that's number two. The third big piece is attestation. How do I integrate Intel Trust Authority into my workflow or into my application so that I can attest and provide that as proofs to somebody else? The Intel Trust Authority team has made it extremely straightforward for people to integrate this. So they download what we call a command line interface, which is an Intel Trust Authority client or we call it the trust connector. Download it from the Intel Trust Authority website. You get it for different operating systems, you know, open to Red Hat, or any other flavors of Linux.
You download it, you install it, and then from your application you make one call into the CLR. and the call would typically be something to say execute or run the script. Once you do those three things, your workload, your virtual machine, is ready to run in a confidential computing environment and also attest with Intel Trust Authority. And you will get back a trust token or what we call an attestation token which you can then give it to any customer or any relying party who wants to know that you are running in a good confidential computing environment before they interact with you. - Is there any reason for a developer to sort of proactively enable an application or a workload to use Intel Trust Authority service, sort of future proofing in a sense, if you will? - Yes, it's a definite yes because right now confidential computing is still early stage.
So a lot of application developers were not familiar with it. Now they are beginning to hear it, they see the value, and they want to move their workloads as quickly and with as little effort as possible into confidential computing. But if you fast forward a couple of years, confidential computing is gonna become a requirement for many industries, many workloads. So right from the beginning, just like how you do security development into your applications, you would enable it for confidential computing. So integrating and using Intel Trust Authority for attestation and based on that attestation, deliver secrets, deliver keys, provide access to encrypted data, it becomes a very natural requirement.
All developers, I would expect, would be integrating with something like Intel Trust Authority as a requirement to make their applications ready for confidential computing. So just like you are building secure code development for memory protection and trust encryption, or for in transit encryption with TLS, you're gonna do integration with Intel Trust Authority and use that as a way to deliver secrets to your workloads. - Great, thank you. Raghu Yaluri, Chief Architect of Intel Trust Authority, talking about what it is, why it matters, and most specifically, how you implement it. If you're a developer.
(upbeat music) - [Narrator] Never miss an episode of "What That Means" with Camille, by following us here on YouTube or search for InTechnology, Wherever you get your podcasts. - [Narrator 2] The views and opinions expressed are those of the guests and author, and do not necessarily reflect the official policy or position of Intel Corporation.
2023-09-26 21:40
