Sponsored feature As enterprises continue to migrate applications to the cloud, security concerns about the data that workloads store and process are inevitable. But how can IT departments ensure that sensitive information hosted in public, private and hybrid cloud environments spread across multiple servers and locations, protected by strict data protection laws, is adequately protected from both internal and external threats?
One possible answer is confidential computing, which isolates data in an encrypted portion of the server’s memory so that it cannot be accessed or tampered with. Demand for privacy computing solutions is expected to grow at a compound annual growth rate (CAGR) of 90-95 percent over the next five years to reach US$54bn by 2026, according to an Everest Group forecast published last year.
This momentum is due in part to the Confidential Computing Consortium, a community of suppliers within the Linux Foundation focused on projects to support the security of data in use and the adoption of confidential computing through open collaboration.
Intel is a key memory of the consortium, and offers its own approach to confidential computing through the Intel® Software Guard Extension embedded in its latest generation Intel® Xeon® server chips. These establish an isolated enclave or Trusted Executive Environment (TEE) in memory. Inside the enclave, dedicated application code and sensitive data are protected and protected from both internal and external threats. This includes preventing access to other applications running on systems that may be contaminated by malware – especially useful for maintaining data integrity and security in multi-tenant cloud environments that may be susceptible to internal threats as well as external cyber attacks.
“By isolating the data in the CPU during processing, those CPU resources are accessible only to authorized programming code – they are isolated from everything and everyone else”, explains Paul O’Neill, Intel Director of Strategic Business Development and Confidential Computing.
“As a result the data is unreadable by human administrators as well as cloud providers’ hypervisors, other tenants or operating systems. So you don’t have to trust the cloud provider’s security, even if it is corrupted and intentionally malicious.”
Sensitive code and data outside the enclave is encrypted and decrypted only once inside the enclave. Results or data generated by an application running in the TEE is re-encrypted when it leaves the enclave to ensure that it always remains confidential.
Intel SGX offers additional layers beyond data and application isolation in TEE. The remote attestation function verifies that a cloud user’s SGX-enabled application can be trusted. Attestation provides cryptographic assurance that the Enclave is running on a genuine Intel SGX-enabled platform, the processor’s microcode security patches are up to date, and the application software is authorized by the user. With this assurance, confidential data can be left in the enclave. Pre-verifying the security status of a remote server is an essential precaution that every device and application and process must take when attempting to connect, and the Intel SGX Remote Attestation feature provides a hardware protected method for this critical step.
On the financial services front
Any guarantee of trust and data integrity is an attractive option for public and private sector organizations that regularly share and process sensitive, personally identifiable information (PII), strictly regulated by national and regional data protection regulations – financial services, healthcare and retail with sales.
“Confidential computing, and early adopters of Intel SGX, financial services and healthcare organizations are ready for complex computing. The reason for this is twofold,” says O’Neill.
“One is that they are dealing with the most sensitive datasets and the other is that they need to leverage the economics of the cloud”.
Confidential computing has begun to allow banks, insurance companies and other financial institutions to take sensitive datasets into the cloud, once the possibility of such sensitive data was unimaginable. Once there, they can securely leverage the massive computing resources of the cloud and apply artificial intelligence and machine learning (AI/ML) analytics to workloads such as anti-money laundering (AML), credit qualification, market rate calculations, credit scores, loan fulfillment. and Know Your Customer (KYC) – all workloads that they previously struggled to migrate due to privacy regulation and security concerns.
The global reinsurance provider uses data analytics to derive more meaningful insights from the vast amounts of data it collects to create more accurate risk profiles for its global customer base. A trusted execution environment based on Intel SGX is built to protect the data being processed by the machine learning algorithms that form the basis of its calculation models.
Collecting constantly updated information from other companies in the supply chain – in this case shipping companies, logistics providers and port authorities – makes it difficult for firms to securely share and access data. But hardware-based encryption in memory provided the assurance needed to process new, more sensitive data sets.
A UK bank also used Intel SGX to improve their KYC processes. KYC is used to verify the identity of banking customers, typically by credit agencies that broker PII to limit the risk of fraud and comply with AML and counter-terrorism financing rules and regulations. But this can be an expensive, time-consuming and inefficient approach that relies heavily on manual processes.
The bank digitized its KYC with Intel SGX, helping detect and mitigate AML fraud by applying ML to sensitive data protected in confidential computing enclaves. The project allowed him to create more accurate customer profiles that would help him pursue new revenue streams through targeted advertising.
Perhaps more importantly, the pilot showed that Intel SGX has the potential to fundamentally change the way financial services firms access shared information without negatively impacting the customer experience and at the same time meeting compliance obligations.
Economics of Cloud ML
Many financial services organizations are moving large amounts of data, applications and services to the cloud as they seek to streamline their open banking operations and compete with more nimble Fintech start-ups. Gaining access to the massive amount of powerful computing resources available off-prem can help significantly boost their data analysis activities.
A case in point is homomorphic encryption, long used to enable complex financial transactions using encrypted data, meaning operations can be moved from on-prem to the cloud. The problem, O’Neill explains, is that it struggles to scale on existing architectures, which creates an expensive IT overhead that could help bring down confidential computing and Intel SGX.
“At the end of the day it comes down to economics, because scalability is so important, confidential computing and Intel SGX provides scalable data protection across a wide range of uses,” he notes.
Without scalability, banks struggle to quickly process enough secure data to deliver the insights that underpin the use cases they need. This was initially a problem for the UK bank. The small enclave size in previous generations of Intel Xeon E3 CPUs limited the amount of encrypted data that could be stored and processed in protected memory. But the latest 3rd generation Intel Xeon Scalable components offer greater scalability, which has the potential to open up some exciting new financial services use cases.
Another benefit of securing ML operations in the cloud comes from a shift in opex rather than capex investment. It brings secure, cloud-based data analytics and processing within reach of smaller organizations that would otherwise struggle to find the budget to build their own computing infrastructure.
Cloud computing is already a mainstay in the enterprise, with adoption of public and hybrid clouds continuing to grow. Private computing today leans towards the public cloud, but the volume and variety of cloud platforms and services available – for example public, hybrid and private – means that solutions like Intel SGX must be adaptable to different architectures and processes to meet customer preferences. A wide range of industries and use cases.
Support for data sovereignty
Other interesting AI/ML workloads that can take advantage of discrete computing include training sensitive video footage collected from cars to enable autonomous driving algorithms.
“Think of a camera rolling around in a car, and it’s capturing people’s faces, registration plates, door addresses, etc. Because autonomous driving is critical to safety, obfuscating the data isn’t the best idea,” O’Neill says.
“So encrypting that data and taking it into the cloud and training AI on the encrypted data is a big step, and that’s where SGX can play an important role.”
In that instance the organization does not need the individual’s permission to use their private data, but must protect it while simultaneously being liable to regulatory fines in the event of a data leak or breach.
Another deployment comes from the German government that recently moved to create a privacy computing-enabled service for centralized healthcare, a project that also affects data sovereignty and shows how Intel SGX can protect citizens’ private data when stored in the cloud.
“Confidential computing enables three things. The first is obviously data privacy. Because data is encrypted, it’s secure by design and meets the principles of GDPR,” says O’Neill, who gives enterprises using Intel SGX a significant advantage as they look for it. To demonstrate compliance.
“It also provides privacy because it creates a confidential environment, even in a multi-tenant cloud environment. And the third important part is integrity – the concept of knowing that the computing environment is protected by the latest Intel approved security updates and patches, and specific algorithms only Certain things are allowed to be done.”
Hiring more software developers
Intel partners have a large ecosystem of what O’Neill calls privacy-enhancing applications on SGX, each of which uses either the Intel SGX Software Development Kit (SDK) or the Library OS. Intel is a major contributor to the rural, open source project that enables developers to run unmodified Linux applications in the SGX enclave that Intel CTO Greg Lavender said in May this year. Grameen is important because it provides a ‘push button’ method for developers to protect applications and data using SGX without having to modify their code.
Intel hopes this will help increase the number of developers building applications for SGX, especially when it comes to embedding encryption/decryption and other security functions.
“With so many ready-made privacy computing solutions in the ecosystem and the availability of Grameen and other library OSes, organizations don’t need to develop new applications using the Intel SGX SDK,” O’Neill concluded. “With the software solutions available today, confidential computing is not only for security architects, but also for data scientists and other service and solution developers who want to add privacy, confidentiality and compliance to their favorite AI/ML frameworks and leverage AI/ML. Confidential Computing Protection more easily.”
Sponsored by Intel.