Jim Greene returns to Chip Chat to discuss two security technologies: AES-NI (new instructions to encrypt data) and Intel Trusted Execution Technology (protect against software attacks).
Intel® Trusted Execution Technology (Intel TXT) is a new security technology that started appearing on Intel server platforms in 2010. This book explains Intel Trusted Execution Technology for Servers, its purpose, application, advantages, and limitations. This book guides the server administrator / datacenter manager in enabling the technology as well as establishing a launch control policy that he can use to customize the server’s boot process to fit the datacenter’s requirements. This book explains how the OS (typically a Virtual Machine Monitor or Hypervisor) and supporting software can build on the secure facilities afforded by Intel TXT to provide additional security features and functions. It provides examples how the datacenter can create and use trusted pools.
When it comes to data on-premise or in the cloud...security is the number one concern for IT. Who better to address the benefits of hardware root of trust than Intel's own Senior Security Engineer. James Greene discusses why hardware integrity checking is an important component of security in the cloud and how Intel TXT is a form of "whitelisting" as opposed to the traditional "blacklisting" approach to security.
Watch this video, What is Intel Trusted Execution Technology?, a video for a deep dive into Intel TXT and how it works to protect your data in the cloud.
"Intel® Trusted Execution Technology for safer computing, formerly code named LaGrande Technology, is a versatile set of hardware extensions to Intel® processors and chipsets that enhance the digital office platform with security capabilities such as measured launch and protected execution. Intel Trusted Execution Technology provides hardware-based mechanisms that help protect against software-based attacks and protects the confidentiality and integrity of data stored or created on the client PC. It does this by enabling an environment where applications can run within their own space, protected from all other software on the system. These capabilities provide the protection mechanisms, rooted in hardware, that are necessary to provide trust in the application's execution environment. In turn, this can help to protect vital data and processes from being compromised by malicious software running on the platform"