Support for trusted execution through Intel SGX provides stronger assurance that container and VM processes are protected from outside attacks. In multitenant cloud environments such as Microsoft Azure, customers worry that containers and VMs might be open to attack. Confidential computing with Intel SGX is ideal for federated learning solutions because the enclaves are remotely attestable, meaning that one party can cryptographically verify that an enclave on another party’s computer is running trusted, unmodified code. Federated learning is a distributed approach to machine learning (ML) that enables multiple organizations to collaborate on ML projects. This helps improve security to support use cases such as the following: Gomez Peer Virtual Machine Games Microsoft Azure confidential computing uses Intel SGX to protect data during that critical moment of processing when the data is not encrypted. –Corey Sanders, Corporate VP, Azure Compute at Microsoft This is why it’s so important to make sure that the data is protected not just at rest and in flight but even when it’s running inside the processor.”
Any point where the data is not protected is an opportunity for those attacks to occur. “Customers are concerned about security protections whether they be from malicious users on the inside or hackers on the outside. The new Microsoft Azure DCsv2-series virtual machine (VM) runs on Intel® Xeon® E processors and helps protect the confidentiality and integrity of customer data while it is in use. Working closely with Intel, Microsoft launched confidential computing in August 2017, and Azure became the first major cloud provider to announce general availability of confidential computing based on Intel SGX, in April 2020.
Intel Software Guard Extensions (Intel SGX) is a hardware-based TEE that allows developers to create security-enabled enclaves-small, trusted environments within a CPU that can execute code in a way that is not accessible by an operating system. Intel and Microsoft are both premier members of the Confidential Computing Consortium, which aims to accelerate the adoption of Trusted Execution Environment (TEE) technologies and standards. Protecting data and code that’s in use inside a processor’s memory is the new frontier for comprehensive data security in the cloud.
0 kommentar(er)
