World Tech

Intel Launches 4th Gen Xeon Scalable CPU With On-Chip Confidential Computing Feature

Editorial Desk
Editorial Desk

After a delay of more than a year Intel launched its latest Intel 4th Gen Xeon scalable processor (CPU) chips code-named Sapphire Rapids, with on-chip confidential computing feature to prevent attackers from stealing high-value data from computer systems, ensure regulatory compliance, and maintain data sovereignty.

In a statement Intel said the new Intel Xeon 4th Gen scalable processors will increase the baseline enclave, and Intel SGX will be able to accurately and securely verify application software loaded in that enclave.

What Is Intel® SGX?

Intel® Software Guard Extensions (Intel® SGX) provides hardware-based memory encryption that isolates specific application code and data in memory allowing user-level code to allocate private regions of memory, called enclaves, which are designed to be protected from processes running at higher privilege levels.

Keeping data safe while it is being sent between computing systems is what confidential computing is all about.

This is achieved by adding an encrypted barrier to the data when it is being transferred. Intel Xeon chips are equipped with technology to make sure the code is genuine.

During the Xeon launch event last tuesday Mark Russinovich, chief technology officer at Microsofts Azure said, “We look forward to being one of the first cloud providers to offer confidential services based on Intel 4th Gen Xeon scalable processors with Intel TDX later this year,”

“This will enable organisations to achieve confidentiality by seamlessly lifting and shifting their workloads without requiring any code changes.” Russinovich said

Companies who prioritise protecting their valuable information, operations and require robust protection could be highly attracted to this new on-chip confidential computing solution.

During a press briefing on the new chips Lisa Spelman, corporate vice president and general manager for Xeon products at Intel said, “Confidential computing strengthens compliance with data privacy and governance regulations and helps create a more private controlled infrastructure, even when using the public cloud,”

The 4th Gen Xeon chips from Intel will be connected with a cloud service named Project Amber that will provide assistance to validate the reliability of data from the cloud to the edge starting as a separate authentication service for Intel’s confidential computing technologies.

The new Xeon processors will also appear in virtual machine instances in cloud services from Google, IBM, and Alibaba. However, Intel didn’t comment on whether the cloud providers would specifically offer TDX instructions.

Intel® Trust Domain Extensions (Intel® TDX)

Intel® Trust Domain Extensions (Intel® TDX) is introducing new, architectural elements to help deploy hardware-isolated, virtual machines (VMs) called trust domains (TDs).

Intel TDX is designed to isolate VMs from the virtual-machine manager (VMM)/hypervisor and any other non-TD software on the platform to protect TDs from a broad range of software.

These hardware-isolated TDs include:

  • Secure-Arbitration Mode (SEAM) – a new mode of the CPU designed to host an Intel-provided, digitally-signed, security-services module called the Intel TDX module.
  • Shared bit in GPA to help allow TD to access shared memory.
  • Secure EPT to help translate private GPA to provide address-translation integrity and to prevent TD-code fetches from shared memory. Encryption and integrity protection of private-memory access using a TD-private key is the goal.
  • Physical-address-metadata table (PAMT) to help track page allocation, page initialization, and TLB consistency.
  • Multi-key, total-memory-encryption (MKTME) engine designed to provide memory encryption using AES-128- XTS and integrity using 28-bit MAC and a TD-ownership bit.
  • Remote attestation designed to provide evidence of TD executing on a genuine, Intel TDX system and its TCB version.

According to Anil Rao, vice president and general manager for systems architecture & engineering at Intel’s office of the CTO, the TDX instructions add a boundary around the virtual machine and everything in it, including the guest OS and apps in it, and removes the cloud service provider or other cloud tenants from a trust boundary.

TDX leverages a security feature on Xeon chips called Software Guard Extensions (SGX), which is widely used today as a secure enclave to protect data in execution environments. However, TDX is much larger in scope and covers a wider range of applications, such as AI in virtualized environments.

According to Mercury Research, Intel is a powerful player in the server hardware market, with an x86 server market share of 82.5% during the third quarter of last year; its closest rival, AMD, sported a 17.5% market share.

There are now over 100 Million Intel Xeon Processors that have powered server platforms and enterprise desktop computer hardware globally as of 2023.

By Editorial Desk
The TBN team is a well establish group of technology industry professionals with backgrounds in IT Systems, Business Communications and Journalism.
Previous Article Bitcoin hits cracks over 21K since november 2022 Bitcoin Price Hits Over $21k For The First Time Since November 2022
Next Article tech value report 2022 Top Tech Value Depreciation Report Reveals Least-Devalued Devices And Gadgets 2022
Leave a comment

Leave a Reply

Intel 4th Gen Xeon Confidential Computing

Tech Articles

IT managed services Australia

The Rise Of Managed IT Services In Australia

As we stand at the crossroads of technological advancement and…

Influence Of Artificial Intelligence (AI) On Humanity

The Rising Influence Of Artificial Intelligence (AI) On Humanity And Identity

Humanity in Transition: The Rising Influence of Artificial Intelligence on…

Remote Work Trust & Rapport Team Members

How To Build Trust & Rapport With Remote Team Members

Building trust with a remote team members can feel like…