As workloads and data migrate to the cloud, ensuring their authenticity and integrity becomes critically important. Confidential Computing is key to this migration as it increases trust in the cloud infrastructure. Despite developments in Confidential Computing, from new technologies provided by silicon vendors to new services provided by cloud providers, a trusted, seamless, efficient end-to-end safe migration from on-premises to the cloud continues to be a challenge and is key for the adoption of Confidential Computing.
Intel and Thales have stepped up by collaborating to take on this challenge by introducing trust enhancements in Confidential Computing with Intel Software Guard Extensions or Intel Trust Domain Extensions and Intel Trust Authority attestation service integrated with Thales’ CipherTrust Data Security Platform to provide End-to-End Data Protection (E2EDP).
Intel Trust Authority: Ensuring Integrity and Authenticity
Intel Trust Authority leads the way in the Confidential Computing sector by verifying the integrity of Trusted Execution Environments, which together, leverages Intel’s hardware root of trust so that workloads operate in a more secure environment, designed to be protected from unauthorized access or breaches.
Intel Trust Authority provides substantial security assurances, such as detecting tampering or corruption in the computing environment and ensuring that workloads operate in the required conditions. With this first layer of defense, businesses can have peace of mind and focus on their core operations.
Thales’ CipherTrust Data Security Platform: Strengthening Confidentiality
Thales’ CipherTrust Data Security Platform provides enterprises with a comprehensive solution to discover, protect, and control their sensitive workloads. Thales’ services extend beyond the cloud, enabling seamless operations on-premises. With this level of flexibility, companies can choose the deployment method that best aligns with their business needs, whether on-premises or across public clouds.
A Harmonized Ecosystem of Trusted Confidential Computing
Together Intel and Thales create a trusted harmonized ecosystem that offers comprehensive End-to-End Data Protection solutions for both cloud and on-premises environments, where Intel Trust Authority attests to the Confidential Computing environment’s authenticity before decrypting the customer-sensitive workloads.
Thales’ CipherTrust Manager delivers data-at-rest encryption with efficient customer data protection, privileged user access control and detailed data access audit logging protecting data wherever it resides, on-premises or across multiple clouds.
The deployment is simple, scalable, cloud agnostic and fast with agents installed at the operating file system or device layer, with encryption and decryption transparent to all applications that run above it. Thales’ CipherTrust Data Security Platform is designed to meet data security compliance and best practice requirements with minimal disruption, effort, and cost. The implementation is seamless, keeping business and operational processes working without changes, even during deployment and rollout. Thales’ CipherTrust Data Security Platform is FIPS 140-2 Level 3 compliant.
Intel Trust Authority integration into the policy engine of CipherTrust Data Security Platform will enhance customer data control and protection, preventing the decryption of any data or workload when attestation fails.
In doing so, Thales ensures that only enhanced trust Confidential Computing environments can access the critical cryptographic elements, reinforcing the protective layer offered by Intel Trust Authority. This unique combination allows companies the flexibility to choose between on-premise and SaaS models, thereby tailoring their security strategies to their specific needs.
The Future of Confidential Computing
Combining Intel Trust Authority and Thales’ CipherTrust Data Security Platform marks a significant advancement in creating trusted End-to-End Data Protection with Confidential Computing solving the lack of required separation of duties issue inherent with most current Cloud Service Provider offerings.
The combined solution provides the ability to perform secure End-to-End Data Protection where workloads are encrypted within the customers’ infrastructure and only decrypted within the Trusted Execution Environment (TEE) protected memory once a TEE is confirmed as trusted. By seamlessly merging the value of the powerful attestation service provided by Intel Trust Authority with the robust Thales’ CipherTrust Data Security Platform, businesses can operate in a secure, trusted environment, no matter their workload location.
As the world becomes more digital and interconnected, maintaining the integrity and authenticity of computing environments is critical. The emergence of solutions like Intel Trust Authority and Thales’ CipherTrust Data Protection Platform provides a robust, versatile security model shaping the future of enhancing trust in Confidential Computing.