Intel’s Project Amber provides security for confidential computing

Intel unveiled Project Amber as a security foundation for confidential computing, secure and responsible AI, and quantum-resistant cryptography.

The service is ripe for the era of quantum computing, and it will provide organizations with remote verification of trustworthiness in cloud, edge and on-premises environments. The company made the announcement at its Intel Vision event in Dallas, Texas.

The need for security at quantum speeds

Quantum computing represents a challenge because it uses principles of quantum mechanics to create extremely fast computers. These could be used to crack cryptographic problems instantly, which is a problem for security because cryptography encodes data in large batches of numbers in puzzles that once took too much computing power to unravel.

To prepare for this day, Intel introduced an independent trust authority in the form of a service-based security implementation they code-named Project Amber. The company also demonstrated its focus on enabling secure and responsible AI, and outlined its strategy to further build quantum-resistant cryptography for the coming quantum computing era.

“As organizations continue to capitalize on the value of the cloud, security has never been more top of mind. Trust goes hand in hand with security, and it is what our customers expect and require when delivering on Intel technology,” said Greg Lavender, chief technology officer of the software and advanced technology group at Intel, in a statement.

“With the introduction of Project Amber, Intel is taking confidential computing to the next level in our commitment to a zero-trust approach to attestation and the verification of compute assets at the network, edge and in the cloud.”

Trust assurance for the hybrid workforce

Businesses operate in and depend on the cloud to support remote workforces that require multiple devices, uninterrupted access and collaboration tools. Technology solutions need to secure data — not only in memory and in transit, but also in use – protecting valuable assets and minimizing attack surfaces. Project Amber provides organizations with remote verification of the trustworthiness of a compute asset in cloud, edge and on-premises environments.

This service operates independent of the infrastructure provider hosting the confidential compute workloads. Confidential computing, the protection of data in use by performing computation in a hardware-based trusted execution environment (TEE), is a growing market.

Intel Software Guard Extensions on the Intel Xeon Scalable platform help power confidential computing today, enabling cloud use cases that are beneficial for organizations that handle sensitive data on a regular basis. The foundational basis of trust in a confidential computing environment is established via a process called attestation.

Project Amber for confidential computing & third-party attestation

The verification of this trustworthiness is a critical requirement for customers to protect their data and intellectual property as they move sensitive workloads to the cloud. To raise trust assurance and drive forward the promise of confidential computing for the broader industry, Intel announced Project Amber as the first step in creating a new multicloud, multi-TEE service for third-party attestation.

Designed to be cloud-agnostic, this service will support confidential computing workloads in the public cloud, within private/hybrid cloud and at the edge. Interposing a third party to provide attestation helps provide objectivity and independence to enhance confidential computing assurance to users.

In its first version, Project Amber aims to support confidential compute workloads deployed as bare metal containers, virtual machines (VMs) and containers running in virtual machines using Intel TEEs. The initial release will support Intel TEEs, with plans to extend coverage to platforms, devices and other TEEs in the future.

Intel is also working with independent software vendors (ISVs) to enable trust services that include Project Amber. New software tools, such as published APIs that enable ISVs to incorporate Project Amber to augment software and services, will complement Intel’s platforms and technologies, and bring more value to customers and partners.

Intel plans to launch a customer pilot of Project Amber in the second half of 2022, followed by general availability in the first half of 2023.