Skip to content
InTechnology Podcast

What That Means with Camille: Intel® Trust Authority (172)

In this episode of What That Means, Camille gets into Intel® Trust Authority with Nikhil Deshpande, its General Manager, and Raghu Yeluri, its Chief Architect. The conversation covers how Intel® Trust Authority plays a major role in confidential computing and attestation, its current implementations, and where it’s going next.

To find the transcription of this podcast, scroll to the bottom of the page.

To find more episodes of InTechnology, visit our homepage. To read more about cybersecurity, sustainability, and technology topics, visit our blog.

The views and opinions expressed are those of the guests and author and do not necessarily reflect the official policy or position of Intel Corporation.

Follow our hosts Tom Garrison @tommgarrison and Camille @morhardt.

Learn more about Intel Cybersecurity and the Intel Compute Life Cycle (CLA).

Defining Intel® Trust Authority and How It Works with Nikhil

Camille talks with Nikhil about defining what exactly is Intel® Trust Authority, how it can be used, and what’s next for it after this initial launch. He shares how the purpose of it is to provide independent security assurance in a scalable manner across many infrastructures and industries. It adds an important layer to confidential computing through attestation that the environment where sensitive data is stored is secure. Nikhil highlights the many industries that can benefit from Intel® Trust Authority, including financial, healthcare, security solutions, and even government spaces. As for the future, he compares implementing it to putting the “S” in “HTTPS” —in this case, like putting the “C” in computing. He foresees that all computing will eventually be confidential computing, especially as AI becomes more hybrid between the cloud and the edge.

Implementing Intel® Trust Authority for Attestation and Confidential Computing with Raghu

Raghu and Camille discuss the reasons why Intel® Trust Authority was created, what the options were for attestation prior to its creation, and what its implementation looks like. When organizations deal with sensitive data or code, often highly trained AI models, they need to ensure there are no data breaches, IP loss, or regulation violations. They also need to prove their computing environments are truly confidential for auditors and secure monitoring environments. That’s where Intel® Trust Authority comes in as a solution.

Prior to its inception, the options were to either get attestation services from the cloud provider or build the service yourself on the cloud provider’s infrastructure. Now, Intel® Trust Authority provides a secure third-party and independent solution to ensure stronger security without having to create your own attestation service. Raghu also explains the process of implementation, requiring access to confidential computing infrastructure, integrating attestation into a workload or application, and having a virtual machine ready to run in a confidential computing environment. Like Nikhil, Raghu expects integration with Intel® Trust Authority or similar services in the future to be a requirement for confidential computing.

Nikhil Deshpande — Intel Senior Director of Security, Chief Business Strategist for Project Amber in the Office of the CTO, and General Manager of Intel® Trust Authority

Nikhil Deshpande Intel Trust Authority confidential computing attestation

Nikhil Deshpande is currently the Senior Director of Security and Chief Business Strategist for Project Amber in the Office of the CTO at Intel, as well as the General Manager of Intel® Trust Authority. In prior roles, he led silicon security strategic planning in the Data Center Group and has managed research in security technologies, like privacy-preserving multi-party analytics, in Intel Labs. Nikhil holds more than 20 patents and is a frequent speaker at industry conferences. He has an M.S. and a Ph.D. in Electrical & Computer Engineering from Portland State University, as well as an M.S. in Technology Management from Oregon Health & Science University.

Raghu Yeluri — Intel Chief Architect of Project Amber, Senior Principal Engineer in the Data Center Group, and Chief Architect of Intel® Trust Authority

Raghu Yeluri Intel Trust Authority confidential computing attestation

Raghu Yeluri is a Senior Principal Engineer and lead Security Architect in the Office of the CTO/Security Architecture and Technology group at Intel Corporation with a focus on confidential computing, hardware roots of trust, container, cloud security architectures, and technology initiatives. He is the chief architect for Intel security libraries—a unified attestation platform for Trusted execution environments (TEE), trusted compute with hardware roots of trust for cloud, edge, and devices. Raghu is also the Chief Architect of Intel® Trust Authority. He holds multiple patents in security, attestation, confidentiality/integrity protection for containers and VMs, is a frequent speaker at industry conferences, and has been a co-author for two books on cloud computing and cloud security. Raghu has a M.S. in Computer Science from the University of Louisiana at Lafayette and a B.S. in Electrical Engineering from Jawaharlal Nehru Technological University.

Share on social:

Facebook
Twitter
LinkedIn
Reddit
Email

Camille Morhardt :12
I’m Camille Morhardt, host of InTechnology podcast. In today’s episode, What That Means: Intel Trust Authority, we’re going to cover the new suite of security software and services introduced by Intel at Innovation. To discuss the product I have with me its Chief Architect Raghu Yeluri, as well as its General Manager, Nikhil Deshpande. We’re going to kick off the conversation with Nikhil and talk about use cases and why it matters and why now, and then we’re going to finish off the conversation with Raghu, where he’s going to talk architectural implementation, and how to get started with the product. Welcome to the podcast, Nikhil.

Nikhil Deshpande :52
Hey, thanks Camille.

Camille Morhardt :53
So tell me first, why does Intel Trust Authority exist?

Nikhil Deshpande :59
So that’s a fundamental question about what it does, right? So what is the Intel Trust Authority? It’s a suite of security services that are either security or trust services that provide  assurance to our customers that their workloads and the data that are running on their platform of choice is secured correctly, is protected correctly. So you could be running your workloads on the public cloud, private cloud, edge cloud, or somewhere in between with the hybrid cloud. The purpose of Intel Trust Authority SaaS that we just launched is to provide that assurance in a very independent manner, in a scalable manner across all these infrastructures.

Camille Morhardt 1:36
So I know that there is this notion of confidential computing that helps protect workloads while they’re actually being processed, um, within, let’s say, a cloud service provider. How does  Intel Trust Authority sort of layer onto that?

Nikhil Deshpande 1:53
You’re right, confidential computing allows our customers to protect their code and data that is running on a shared infrastructure in a confidential and protected

manner, right?
Confidential computing depends on a technology called trusted execution environment. It’s an environment that is a combination of software and hardware. And this environment basically provides an assurance to those workloads that are running inside that the code and data remains encrypted outside of that environment, in the memory.

But when it moves inside the environment, that’s where the processing happens in a secure fashion. So it’s almost like a secure vault. And when you think about this, you are basically going to trust that environment. And how do you know that that environment is actually trustworthy?

And this is where, uh, a capability that is built into Confidential computing plays significant role, which is called attestation. Fundamentally what attestation is about is proving or verifying certain things. In the context of Intel Trust Authority, what we are doing is we are providing an independent verification of trustworthiness of the trusted execution environment that the confidential computing provided.

Why it’s important? Because as a customer, you are going to depend on that environment and you are going to count on that environment to protect your workloads and data and code and so on. We provide an independent assurance of verification. That that environment is actually trustworthy and there are various aspects of things that we check to give you that assurance that this is trustworthy.

Camille Morhardt 3:30
So what uses are you seeing so far for this?

Nikhil Deshpande 3:33
Yeah. So, we have a set of customers that come from various different segments. Thales will be integrating this Trust Authority service into their key management, so that they can provide a seamless experience to developers who want to develop various applications.

And those applications could be in any segment. We see financial segment. We see healthcare applications. We see even security solutions companies, security services companies using it. And of course, there’s also government angle. What we have announced so far is basically Thales and then you must have noticed Zscaler. Zscaler was on stage with Greg Lavender, our CTO. Talking about how this enables Zero Trust, Zscaler basically is going to use, uh, Intel Trust Authority service to harden their own Zero Trust solutions so that they can provide an
independent assurance to their customers.

And the segments that I see basically, uh, coming on to this service are coming from, um, sensitive workloads coming from financial. Imagine,doing database analytics for money laundering detection. That is the one use case, but there are many other use cases in the financial segment. Then in the healthcare segment, there is a federated learning opportunity that customers are looking at where multiple data sets can be combined really, uh, to, to learn more from the combined, uh, information and improve your models.

Um, you saw Zscaler basically announcing how they are hardening their security solution. And you will also see, um, some blogs coming from us about other customers in federal space in the government space that are using this technology. So the application for Intel Trust Authority is basically across all these segments that we have seen.

But we also see application into manufacturing. We see applications in ad tech. Some of the concerns that ad tech has is around regulations, that how do they meet regulations like GDPR, and then still be able to actually provide targeted ads and so on.

Confidential computing with this independent attestation coming from trust authority, is going to enable those type of use cases. And other things that, uh, I don’t know if you were on the show floor, we had a lot of, uh, customers that were showing demos. Um, one of the demos was around data clean room. So we see also that being, uh, a use case that is future.

That is a part of the use case for ad tech is looking at, but there are other segments as well. So the use cases are out there and customers are already using it. Because we are able to provide now enhanced. Trust in confidential computing. I think we are going to see more and more customers adopting confidential computing, and that’s great for the industry.

Camille Morhardt 6:15
Yeah. And so where do you see it headed? I mean, one of the things I’m thinking of is right now, confidential computing environments are limited to server environments. And I know that we’re seeing more and more AI. Kind of migrate its way toward the edge. So are you, are we going to be seeing this kind of independent attestation and confidential computing environments closer to the edge over time? Where do you see this evolve?

Nikhil Deshpande 6:39
Yeah, I think that’s a great point. So, you know, when we started with confidential computing, it actually started with, with the client and then it expanded into the servers, right. In the data center. Um, In my view, confidential computing is going

to be everywhere. How it gets basically deployed is a different story. There might be some limitations on edge that will, uh, that will make a specific choice of technologies. But confidential computing, which is protecting your data when it is being processed, is a foundational capability that you will see across from cloud to edge. Okay, and you need to. Now, one way I describe it to my team about confidential computing is, if you remember the time when we had HTTP, the plain HTTP, not the SSL, how, what happened when we added S to HTTP, when we added secure as a socket layer, suddenly internet basically became an e commerce engine.

A lot of use cases happened there, right? So, the way I think about confidential computing is adding C to the computing. In future, all of the computing will be confidential computing. It will be given this AI that you mentioned there are lots of, uh, um, opportunities for confidential computing to make Gen AI more trustworthy.

More privacy sensitive, more confidential sensitive and protecting PII as well as the proprietary data. So for enabling that, and given that AI is becoming more hybrid, we expect that confidential computing will be across from your client to data center to edge to your even actuator and sensors in your IoT space. And Intel Trust Authority, the first release that we announced is only doing attestation for confidential computing technologies like Intel SGX and TDX. But Our vision is to basically cover the whole gamut. We want to provide that
assurance, the independent assurance for our customers, for everything and anything that they care about.

If they are running workloads on the edge and they want to get assurance that that edge is secure, that’s what we want Intel Trust Authority to be. And that’s part of our roadmap is how to basically grow the span of attestation across everything. Horizontally and vertically so that customers basically feel very comfortable deploying their workloads wherever they want to deploy, whatever their platform of choice is.

Camille Morhardt 9:00
And I expect one of the benefits of having this be a software as a service, especially when you’re doing this multi party compute, um, and confidential data sharing. It sounds like an  oxymoron, but, but it isn’t because it’s, it’s actually, um, providing the ability to Verify that workloads and data haven’t been compromised or tampered with. And then it’s, it can send out that verification to every participant. Is that right?

Nikhil Deshpande 9:25
That is correct. So you, you’re right. When you say confidential data sharing, it kind of feels awkward because when you decided to do data sharing, you assumed certain things, there was some trust that was built into this, right? So, this is a prototypical example of, uh, multi party computation or multi party data sharing. Okay. parties have decided that we need to share data with each other. Why? Because the power of combined data is much greater and we will all benefit from that combination if we agree to collaborate.

Okay. That’s the fundamental premise. Now, the issue is, but data is my IP literally data means dollars. Data means monetization. So I’m not going to share this data willy nilly. I want to have some control on it. It should be with me. So, how do you now enable this data sharing while maintaining data control? And that’s what confidential computing enables you to do, where you’re not actually directly sharing clear data with everybody. You are actually putting it in this vault, right? Confidential computing TEE that ensures that data will co mingle, but data will not be shared across the parties.

And if you take this example, then when I use the word secure vault or some, some TEE, somebody is going to double click on it and say, but how do I know that vault is secure? No one has tampered with it. That’s attestation. That’s what Intel Trust Authority provides you, that that provides independent verification of that vault.

Let’s say to use that term to say that no one has tampered with it. It is a genuine Intel TEE. It is correctly patched. No one has taken advantage of, uh, you know, not patching it correctly. It has been launched correctly on the authenticated firmware and everything that is happening inside is actually matching what we were supposed to have.

All that assurance, that four things that we just did, those four assurances go to all the parties. In an independent manner. So they are not, they’re mutually trusting, but I call them mutually distrusting also, because if they are full trust, they don’t need all this, but there was a mutual distrust. And our service basically brings that trust.

They’re saying we are providing you independent verification of this. And that’s what will enable this, uh, data sharing.

Camille Morhardt 11:41
Are you only then verifying Intel trusted execution environments, or is this service going to go broader than Intel?

Nikhil Deshpande 11:49
So what we announced at our GA is our first release will support Intel SGX and Intel TDX technologies; but our intent is to expand beyond not just Intel, but third party CPUs, GPUs, you just name it.

And, I don’t know if you saw this, but, NVIDIA basically mentioned in confidential Computing Summit that they are working with us on Intel Trust Authority as well. So we plan to expand the scope to other devices, other technologies, even if they don’t belong to Intel, also other parts of the platform that customers care about, because they might not just care about confidential computing environment, they might want to care about other things of the platform.

Camille Morhardt 12:33
Can you share any other roadmap tidbits with us?

Nikhil Deshpande 12:37
(laughs) Uh, let me share this way. I get super excited when someone asks me, “where this is going?” I can give you, one idea about, you know, what the roadmap looks like. let’s say you’re running something of very important value to you on someone else’s infrastructure.

What questions do you have about whether this is secure, whether this is trustworthy, all those questions that you have, you can list those and I will have those on our roadmap.

Camille Morhardt 13:07
(Laughs) Thank you, Nikhil Deshpande, GM of Intel Trust Authority, newly released in its general availability format Intel Innovation in late September of this year. Thanks for joining us.

Nikhil Despande 13:21
Thank you, Camille.

Camille Morhardt 13:28
And now, we’re going to chat with Raghu Yeluri, who’s Chief Architect of Intel Trust Authority’s remote attestation service; we are going to chat about how developers can implement the service and what it takes to get started. Welcome, Raghu.

Raghu Yeluri 13:45
Hey, thanks. Thanks for having me.

Camille Morhardt 13:48
Or most people using this from the perspective of like, I’m an enterprise or company and I’m running certain workloads, maybe with sensitive information or I want to adhere to compliance requirements or recommendations around the world. And so I want to run these workloads within a confidential computing environment. And I want to make sure that these environments have not been compromised and the workloads have not been tampered with. Is that the sort of primary reason for using this?

Raghu Yeluri 14:18
Yeah, so Camille, before Intel Trust Authority got announced, we did quite a lot of pilots with customers. And most of these pilot customers were either in healthcare, industry, financial services, or other highly regulated industries, and the primary requirement for them is “ok we are dealing with sensitive data. We are dealing with sensitive code—which are typically highly trained AI models—we need to run them in a third-party cloud, whether it’s public cloud or a hybrid cloud environment. And we want to ensure that there are no data breaches, no IP loss,
and no regulation violations.” Most of the confidential computing customers are coming from these kinds of requirements. And for them, it’s very important that when they move their data, when they move their IP into these confidential computing environments, they need proof that they are truly confidential environments, they are bond controlled says they are, and they can provide that proof to their auditors, to their security monitoring environments. So that’s where most of the interest for confidential computing and for Intel Trust Authority is
coming in. Whether it’s AI training, whether it’s AI inferencing, they want to protect either the models or the data, or both.

Camille Morhardt 15:52
So I also want to ask because confidential computing already exists and Intel Trust Authority is just now released publicly. So what happened prior to Intel trust authority? There must have been some mechanism for attestation. And you know, how is that different? Or why is it important to have another attestation service out now?

Raghu Yeluri 16:16
When you think in terms of attestation, or trustworthiness verification, there are three models that you can use. One is the cloud provider who is giving you access to the Trusted Execution environments, they can provide the attestation verification as well; that’s a very acceptable model for many customers. Then the second model is, “I require a separation of duties for compliance requirements, I’m going to build that attestation service myself.” Okay. “Let the cloud provider give me the infrastructure, but I’m going to do that verification myself.” That’s a
very viable model, as well. But the challenge with that model is, many customers are not interested in investing into something that’s not their core line of business. And it needs to operate at scale, it needs to operate at low latency and high performance requirements. And that’s a huge expense for them as well. So there’s a third model, which is, “hey, I don’t depend on the infrastructure provider, I don’t want to do it myself. I want a third party and independent entity to provide that attestation at scale, that verification at scale, so that it meets my
separation of duties requirements, I don’t have to invest so much money, I have my talent into it, but at the same time, it gives me the scale tha is required.” And in Intel Trust Authority is that third aspect of this requirement?

Camille Morhardt 17:50
I have an interesting question, though, out of that. So for example, Microsoft Azure as part of their confidential computing environment, they also offer attestation. But Azure has also worked with Intel, specifically to make sure that Intel Trust Authority can be used as attestation. In their confidential computing environment. Is this competition? Like, why would they be interested in allowing or facilitating this service in their confidential computing environment, if they already offer it.

Raghu Yeluri 18:22
You know, when we first started building Intel Trust Authority, like you said, they already have their Microsoft Azure attestation. But when they started talking to their regulated customers, the feedback that got was, “separation of duties is important for us, as well. We don’t want you to provide the attestation as well, for all the confidential computing environments that are hosted inside the Microsoft Azure Cloud.” So Microsoft reached out to us saying, “hey, our customers are asking for Intel Trust Authority, as well.

So the way Intel and Microsoft work together on this one is “Hey, you are okay with Microsoft Azure attestation, just use it. But if you want the separation of duties, here is an independent third party at a station called Intel Trust Authority that you can use.” Now the question that comes is somebody are already integrated with Microsoft Azure at a station and they don’t want to make changes. So Intel, Microsoft work together so that they make only one change in the code, which is pointing from Microsoft Azure attestation website to Intel Trust Authority
URL. And all the API’s are fully interoperable between Microsoft and Intel. And when the Intel Trust Authority provides a token—what we call the attestation token—it is compatible with Microsoft Azure attestation token. So that downstream, all the other relying parties, which are depending on Microsoft’s, attestation token, they don’t even know that the token came from Microsoft versus Intel.

One of the things I maybe I should have mentioned is how we are integrating with Nvidia’s confidential GPUs as well. Nvidia has a confidential computing enabled GPUs, the H100s. So a trusted domain like Intel TDX can offload some of the AI processing or GPU processing into the Nvidia N1, but it needs to verify that it’s a genuine Nvidia H100 Trusted Execution Environment. So Intel and Nvidia work together so that you make one call into Intel Trust Authority, it will verify that TDX is a good one and if there is a GPU with H100, it will automatically verify the goodness of that as well and provide what we call a composite token. So please stay tuned for this unified approach. In the very near future, we will have that as part of Intel Trust Authority.

Camille Morhardt 21:07
So I’d like to get into implementation. If I’m a developer, and I have a workload that I want to make sure can partake of the attestation service Intel Trust Authority, what do I need to do to set it up and I could either be creator of a workload as a developer or I could be an enterprise, let’s say, protecting a workload or an AI model that I have.

Raghu Yeluri 21:34
Okay, so Camille, there are really four things that a developer has to make sure, before they can use Intel Trust Authority seamlessly within their environment. Number one, they need to make sure that they have access to a confidential computing infrastructure. What I mean by that is, either they have to have Intel SGX or Intel TDX-capable infrastructure that is provided by the infrastructure or the cloud provider, whether it’s Microsoft Azure, whether it is Google; any of these cloud providers do have confidential computing environment that they have
to have access to.

Number two, they have to make a decision whether they want to use Intel SGX, or Intel TD X each has certain differences in security properties, they can make a choice based on whether they have the ability to make some optimizations to the applications and workloads. Or they want to purely do a lift and shift of their applications. If it is pure, lift and shift, go use Intel TDX. But if you have the ability to optimize it a little bit, go use Intel SGX because you get much tighter security properties there. So that’s number two.

The third big piece is attestation, how do I integrate Intel trust authority into my workload or into my application, so that I can attest and provide that as proof to somebody else. The Intel Trust Authority team has made it extremely straightforward for people to integrate this. So they download what we call a command line interface, which is an Inter Trust Authority client, or we call it the “trust connector,” downloaded from the Intel Trust Authority website. You get it for different operating systems—you know, Ubuntu, Red Hat, or any other flavors of
Linux, you download it, you install it and then from your application, you make one call into the CLI. And the call would typically be something to say, execute or run the script.

Once you do those three things, your workload, your virtual machine is ready to run in a confidential computing environment, and also attest with Inter Trust Authority. And you will get back a trust token or what we call an attestation token, which you can then give it give it to any customer or any relying party who wants to know that you are running in a good confidential computing environment before they interact with you.

Camille Morhardt 24:05
Is there any reason for a developer to sort of proactively enable an application or workload to use Intel trust authority service, sort of future proofing in a sense, if you will?

Raghu Yeluri 24:20
Good question.

Camille Morhardt 24:21
You’re nodding your head yes.

Raghu Yeluri 24:23
it’s a definite yes, because right now, confidential computing is still early stage. So a lot of application developers who are not familiar with it, now they are beginning to hear it, they see the value and they want to move their workloads as quickly and with as little effort as possible into confidential computing. But if you fast forward a couple of years, confidential computing is going to become a requirement for many industries, many workloads. So right from the beginning, just like how you do security development into your applications, you would enable it for confidential computing. So integrating and using Inter Trust Authority for attestation and based on that attestation, deliver secrets, deliver keys provide access to encrypted data, it becomes a very natural requirement.

So all developers, I would expect, would be integrating with something like Intel Trust Authority as a requirement to make their applications ready for confidential computing. Just like you are building secure code development for memory protection and at-rest encryption or for in transit encryption with TLS, you’re going to do integration with inter trust authority, and use that as a way to deliver secrets to your workplace.

Camille Morhardt 25:49
Great, thank you Raghu Yeluri, Chief Architect of Intel Trust Authority, talking about what it is, why it matters and most specifically how you implement it if you’re a developer. I appreciate your time.

Raghu Yeluri 26:02
Thank you.

More From
Intel Innovation 2023 Hiep Dang Ryan B Ken Urquhart Stefan Goebel Poupak Modirassari Enbom Cyrus Rafii Andy Gower Danilo Alves Araujo Michael Blum

Live from the Green Room: Intel Innovation 2023 (173)

Mark Russinovich Anil Rao confidential computing Intel Trust Authority confidential AI

Azure CTO Talks Confidential Computing and Confidential AI (171)

Rob Bruckner personal computing client computing AI sustainability

The Future of Personal Computing (170)