In a presentation titled “Protecting Cryptographic Applications with Intel® Software Guard Extensions,” Simon Johnson, SGX program architect at Intel, presented the reasons why an effective security strategy is built on a foundation of trust rooted in hardware, and why it requires technologies that protect the data through all of its phases: at-rest, in-flight and in-use.
Press Kit: Intel at 2017 RSA
In the presentation, Intel announced its industry-leading cryptographic isolation technology is now available for data center usages. Deploying Intel® Software Guard Extensions (Intel® SGX) to the data center allows application developers to protect select code and data from disclosure or modification. A blog, “Intel® Software Guard Extensions Now Available for the Data Center,” highlights Intel’s hardware-based security technologies.
Intel® SGX in the data center provides the foundation for initial usages, such as protected TLS keystore management. Intel® SGX is available today on the Intel® Xeon® E3 v5 platform, targeting entry-level servers and security appliances. Intel will work with ecosystem partners for continued proof-of-concept and development work for future data center platforms and solutions like encrypted database operations, trusted big data computing, NFV and secure monitoring, Blockchain and other important data center security usages that provide hardware-enhanced protection on data while it is in use.
Intel® SGX consists of a set of CPU instructions and platform enhancements that enable applications to create private areas within which code and associated data can be protected from compromise during execution. More information about Intel® SGX is available at the Intel® SGX page.