Confidential Computing with Intel SGX

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi i'm gary bender i lead security initiatives for uh cloud and enterprise uh government segments um and today we're going to be talking about confidential computing we're really fortunate to have um both scott raynor who's a senior application engineer working on these technologies uh hands-on everyday and laura martinez and we're going to provide some really good information for you today about confidential computing and so let's get started and let me just add thank you so much for the delegates and i would strongly strongly encourage you um to break in at any time and ask questions and we'll do our best to try to try to give answers if we um i think it'll make it a lot more relevant for all of us if we're if we can get some of that feedback and interaction um here's what we're going to talk about so we'll talk about confidential computing and kind of how it came to be and and why it's exciting why it's necessary we'll talk about intel sgx and some of uh the details on on what sgx is providing and how it's evolved and it's gonna be a really exciting year for uh for sgx uh this year we're going to talk about some of the market view and this is really cool because there's a lot of implementations out there we're going to try to hit some of those and explain how folks are using it and getting real value out of it and we'll talk about next steps just a little bit all right so we're going to talk a little bit just uh just first off um here about the the security landscape and of course um security has been uh top of mind for uh cios and and you know some of the biggest spend expectations ever uh this coming year um why is security so interesting it's it's because um there's it's in the news every day um breaches attacks um and and uh we you know it it it's it's good and it's bad we wish it didn't happen but at the same time it kind of keeps us uh on our toes and um this is an opportunity really for the you know what i like to say is the good guys getting together and and kind of working to um to solve some of the biggest problems that we can um out in the industry and so that's that's what we'll be talking about here so you know obviously we're in a connected world and this has been going on for 20 plus years where we get more and more connected all the time more and more devices connected all the time and um so that leads very very quickly on to exponential data growth and this is you know it's we we double the amount of data that we retain every couple of years and this is um a fantastic um opportunity for insights but at the same time also presents a lot of challenges for those of us who are who are working in security to try to keep that data confidential when necessary maintain the privacy of people maintain the the confidentiality of of uh ip and there's the regulatory aspects of it which which always comes up so we talk about we talk about the cloud economics and obviously we have to do all of what we do as cyber security professionals on a budget and so we're always having to make choices about what do we do how do we spend our limited resources how do we apply our limited technical resources and um and get the most bang for our buck out of it as we as we go um we it we'll we'll talk about this a little bit more during the presentation but this whole building a chain of trust establishing root of trust what we're going to try to do is make that as as easy to understand as we can um and again you know any questions that you have um awesome help us kind of guide guide our path through through the presentation all right so um here's um here's how we look at uh look at the um threat landscape and one of the things that that we've learned again and again over the last couple of decades is that attackers are always going to be poking looking for the softest area within our enterprise so they'll look over the entire attack service that we have available and they'll look for an opportunity to squeeze in wherever they can and they're going to do it you know the easiest place what that has meant over the past you know and this is probably over the last decade is as they've been moving down the stack it's not the only place they've been going but down the stack is one of the more interesting ones because it also gives us an opportunity to build a strategy around protecting that stack as well so we've seen um and and there are some really really some big advantages to attackers as they move down the stack if i can compromise the hypervisor the vmm on the platform i can go deep i can get into any of the guests that are running on it perhaps i can get into the operating systems that are running um so you know we we've hardened the vm the vmm firing the vms you know and then there's been some attacks at the at the firmware level um and it continues and so forth and so on and of course you know we've also heard um and and it's not just one story there's lots of stories around attacks on hardware and how can we get into the supply chain and and the list goes on and on and so um you know the the answer to those things and this is a you know trend in industry the answer really is how do we get a secured platform started maintain that chain of trust measuring each layer before we execute it building out extending up through bios firmware extending up through the hypervisor and extending into the vms that are running and the operating systems that are running there all the way through the apps up through the data and what's critical about this is and and you've all heard maybe you haven't heard the expression but the expression about if i attest a computer in the forest and there's nobody there to check it have i actually attested the platform right so this is something that it doesn't happen just one time at boot but it actually happens throughout um and on an as needed basis as the platform is running so um we protect the data we you know this is an area where let me just advance one here but we this is an area where we have um where we have uh worked for um many many years at protecting data at rest and so we use um encrypted file systems we use encrypted hard drives we use uh higher level protections um crypto algorithms and what have you all the way up through the data layer and then obviously we do the same you know in flight we use things like tls we use ipsec we use other technologies to try to protect that data from compromise during transmission and this is not only you know between the server and the consumer but it's also between the servers and the the storage back-end and one of the areas that the the industry is now working very hard and intel is working very hard to bring to um to uh to the equation is this protection and use and um so this is an area where um intel has been working for some time uh sgx uh is a is a solution that runs and protects data while in use um sgx is being brought now as part of our third generation scalable platform xeon servers now brought to the server platforms and we're going to bring it to data centers throughout throughout the world on that on that cpu and that family and and future families and so this is an area where starting to break ground with regard to um new technologies and specifically those that are that are enterprise class and data center class technologies and workloads that make use of of sgx so this is an exciting time for us and and having this additional security control is fantastic for us you know what we're looking to do here with this technology and this is really the basis of confidential computing that we'll talk about in just a moment but what we're really looking to do um with this technology is protect the data and this is this is instrumental in when when talking about a defense and depth strategy is trying to make sure that um that we're protecting at each layer that we possibly can so this is a a critical piece of that strategy what sgx does is is allows us to set that that boundary where we want to set that boundary it's very flexible it provides um a mechanism for me to make the smallest possible boundary that i want or a slightly larger boundary if i choose but the protections that we get include um you know protections from malicious insiders um which you know the is has come to light more and more as time goes on it used to be that we could trust um or at least we believed we could trust um all of the people that were in our very large companies um whether it's contractors or or folks who are visiting or what have you and of course now we know that's not the case obviously there's hackers um all the way from nation state down to down to the script kitties who are you know looking to utilize tools that maybe they don't understand what they do but they're going to try to use them regardless there's third parties there's unintentional disclosure and all of those things are are you know threats to um to our our confidential data and our assets that we maintain for others so gary yes i don't know if i'm going to jump ahead here if this is something that will be discussed during your race fine go ahead um one thing that i'm thinking about that i don't know if it's part of the intel security strategy if they're you're even able to address it is something that's been coming up lately which would be supply chain attacks right uh you know i guess it could fit into the physical hardware access portion of your side here but how do we prevent you know if if at all uh somebody from basically tampering with the hardware and gaining some kind of malicious access in that regard you know we've heard about this potentially making its way into certain cloud providers and are their customers vulnerable and how can we protect against that kind of thing right right yeah you make a really good point um and uh and hardware attacks are not only some of the more challenging to pull off but also some of them the more difficult to to detect as you can say you know as you mentioned they could be happening way upstream and and when you go even to extremes um perhaps the manufacturer of a particular component has hired a company to write some firmware for that you know and and it gets really complex there's a a tree effectively of of checks and balances that that need to be maintained and really um you know in addition and we'll get a chance to talk just a little bit about um platform manifestation and um so we'll bring scott um in a in a couple of slides and we'll talk a little bit about that but what we really do in those cases is aside from doing some very specific things around as an industry some very specific things around maintaining you know supply chain integrity is we maintain because people will say well i already bought a bunch of equipment and i don't remember i don't remember the the little card falling out of the box that says hey here's how you confirm that you're you know it hasn't been tampered with in the supply chain um so we employ things like zero trust we employ things like defense and depth and and then as you know as it evolves some some additional mechanisms in supply chain and so forth but you know from a defense and depth strategy is this you know we start at the outside you know as one way to look at it we start at the outside is what can we do on the network to try to protect our assets what can we do at the systems level what can we do at the operating system level and we kind of work our way in what can we do at the app level and and this is where um you know today's confidential computing presentation kind of falls in is we're talking about what can we do at the app level or even you know part of the app or the data level um where we're protecting not only um you know the assets of our of our customers you know whether it's privacy but also our iep in in many cases and um so um absolutely this is an area and i have seen this where somebody um brought out a cable i kid you not that had been tampered with right and it's and you wouldn't you know we've all heard well somebody put something on a on a card or a board or a you know or what have you or um but actually a cable and it looked like a normal cable but it actually been tampered with and and so these things you know this is the new the new way that the world works um and um over the last few years we've been very you know clearly um and and a lot of reminders about this as time goes on so gary there's um this is laura so um that was a great question we do have a solution in market right now that's part of intel architecture it's the transparent supply chain solution and we partner with the oems the odms etc to ensure that um if you want to use utilize that technology it's available to you thanks lauren awesome so i've already talked a little bit about software card extensions and um so let's do this um let's jump in here why do we need confidential computing i think we've built the case already for this in many regards um so let's just dive in just a little bit more personal personally identifying information so this is anything that that applies to individuals and allows [Music] somebody to tie data to a particular user and it it can be everything from very specific information that's hey what's your email address and who are you to something that you narrow down through the course of of looking at a number of attributes of a person they live on this particular street or in this particular town and they have this particular characteristic and um and you can narrow down people that way um there's been studies done where where just by looking at um you know age and zip code you can almost uniquely or very frequently uniquely identified people and of course it depends on density and a variety of other things but you know privacy has gotten big gdpr came out a couple of years ago and on a big focus on privacy and everyone deals with it every day when you're browsing around and you're clicking on a website that says yeah i'll take your cookies or no i won't or i want to pick which ones i take or what have you um you know kind of a result of gdpr so and this one's kind of the bread and butter of of of a confidential computing um sort of construct is just maintaining that privacy what i'll tell you though is um there are a lot of i'll i'll kind of mix these last these the next two together to some degree is um assets are also extremely valuable to companies and can actually in many regards um outweigh the um and we'll just say fines if you will um that a compromise of of um privacy information uh will will create so let me give you an example um and i'm gonna i'm gonna make it up although you'll you'll recognize it's it's true in spirit is a company goes off and spends a billion dollars building a neural network a model that recognizes a particular aspect of video imagery right they've invested a tremendous amount of money in this and they want to protect that model and they don't want for for two reasons one is is they have to monetize it right they invested in it for a particular reason the second reason is is i want to monetize it i want to get my investment back out eventually um now somebody else is able to go in and grab that model and um use that model to um as their own perhaps or or or you know even combine it you know modify it a little bit or combine it with something that they're selling um then a lot of that value that they've introduced into that model is compromised so um so these you know this data value whether it's from a privacy perspective whether it's from an analytics perspective um it's hard to underestimate the value of some of these things that that that are being deployed not only in the you know in the in the cloud but also in the other part of the cloud you know the edge um and uh and and local data centers and those sorts of things so um this is really the genesis of of confidential computing you know the on the slide we mentioned insiders a little bit and and we talk about we talk about some of the just change in the way people not only deploy their systems but in the way that people look at at solutions and it and over the past few years you know there's been a lot of skepticism with some of the compromises that have been out there a lot of skepticism of our industry in general which is can you keep it safe can you keep it secure and so confidential computing is about not only reestablishing that trust but doing what we say we're doing this is like taking extraordinary steps to make sure that we're able to protect the the data and the assets we've got uh just a few of the of the folks here listed at the bottom of the slide that have some sgx based confidential computing offerings there are more but um these are the ones um as we get into some of the use cases further down the presentation um you'll see some of some of what's going on at uh with these companies all right um so um intel is a one of the founding members of the confidential computing consortium and so this is a standards-based um consortium that that is really working too and this is really you know and i mentioned this before this is really about the good guys getting together um to try to make a difference and you know the bad guys will sometimes you know they'll get together they when it suits them uh they don't have any hesitation in doing that and so what we're trying to do here is bring the good guys together to to help make a difference as well and um so what you see here at the top is some of the premier members of the consortium and then we've got a lot more that join us as well on this journey um to to bring confidential computing to to the mainstream um focus you know we're looking to secure the data right i mean we we and and and one of the key aspects here is we're looking to do it as low in the stack as we possibly can so we talked about you know is what can we do in hardware or at least start in hardware to build and then up through the the application and you know operating system application and then through the data layers um and this is like we see this as a key growth driver and we're not the only ones obviously and look at the list of folks who are here but one of the key growth drivers for um you know for compute and uh you know for cloud and and uh and multi-party you know edge computing as well um where you don't have those physical protections that you might have um with a big data center so trust trusted execution environment this is a this is where um we kind of get into the details and and um i'm gonna ask scott to to add a little bit of color here on this slide as well but let me just introduce it um we've got um the um the picture here uh you can see at the at the bottom and i'm going to use my little laser pointer here but you've got this intel sgx this is an enclave technology that that allows a a a secure enclave to be created to be measured to be utilized for the protection of data and assets and and this is something that kind of works its way up through you know up through the application layer and we've got a couple of great models for implementing this technology and providing it for for the use um so it's scott can i ask you to uh to come online here and share a little bit of color on um on how this is used and some of the benefits here yeah so um as we already mentioned the whole the whole point of sgx really is shrinking the the tcb um so the smallest piece smallest available um area uh to protect your your your code your data um while it's running in an untrusted system um the the x86 architecture in general is wide open um how can we we get it such that we can trust it and you've already mentioned it we carve out a small you know a section of memory uh that an application needs to secure that data and as you mentioned we measure it um we'll talk about in a bit but utilizing sjx remote attestation we can go even farther and remotely attest that that entire platform and that enclave itself um share secrets um share code uh models etc securely from from a remote location or between enclaves even just again the whole point is to secure your data secure your code secure your models for sure yeah very good um you know that this is um this is an area where um you know there's been a large variety of different types of attacks they you know i'm going to get on the platform i'm going to try to move laterally into a you know from app to app i'm going to try to escalate i'm going to try to get you know root privileges on the platform you know we talk about the slide mentions cold boot attacks this is the this is the uh the business of an and i hope most people have have seen this where you know i'm gonna either you know either literally or or figuratively you know freeze a a dim um pop it out try to read data off of it sometimes that happens through you know an interposer or i'm going to monitor the memory bus sometimes it's literally i'm going to you know take a can of liquid nitrogen you know and freeze down you know all of these things are are known known attacks and so intel sgx is a is is another tool that can really help in a very big way help protect against this wide variety of attacks that we have and so our job as security professionals really is is how hard can we possibly make it for the attacker to get in right um and um the the harder we can work to you know and the better tools that we can employ uh that make it um as difficult as possible the better solution we're gonna have yeah and gary i think it's important to note here as well that this is a hardware base to ee and it's more robust than any other tes for the data center it's the only one that's available on bare metal right now so if you go to ibm's data guard solution their data guard cloud solution you can find out more about it there but it's it really is truly robust i mean you can protect the os directly on bare metal you could you can protect it and the secure application within the enclave within a container there's just so many different use cases for this technology that really has made it a lot more expansive than the previous versions i have a question regarding the the tcb the trusted compute base right that piece of uh would you call that firmware software right is is that an open source thing that people can contribute to and examine or is that closed source and proprietary to intel um so so let me tell you what um so we've we've got a number of components here that are open source so if you look at something called isecl isecl is a is an intel security library that's open source um frequently used as reference um and what that does is that actually shows um best practices on creating an enclave creating or adding data and code to that enclave measuring that enclave those sorts of things and so that's fully open source and there are a number of other solutions out there as well that are that are open and available for reference for folks to use to um to build their applications in the best way possible the the underlying technologies are enabled in silicon and that's not um you know it's not as not a source code or not an open source component but um what we're trying to do is provide as much as possible in open source so that people can use the the enclave technology and get the protections that they that they need okay so that trusted compute base is that uh software or is that a hardware thing i'm trying to wrap my brain around that so it's rooted in hardware and we do that specifically because it and as we discussed recently um on one of the previous slides is um the lower in the stack that you can go um for your route of trust um the less likely it is that somebody's gonna come in underneath you right so that so this this enclave technology sgx that we have is rooted in hardware um and is provided by by the cpu and as you know the use of it as you go up the stack it's something that's used via via software okay okay and is there a performance penalty for for an app utilizing sgx versus not using it um so there can be and it depends on what you how you want to protect your application so there are a couple of models that that are that are proven models for use with sgx one of them is i'm going to take my entire application and you think of an application as a as a group of classes or objects or methods or functions or what have you um some subset of those of those components deal with your most secure aspects and that could be dealing with keys it could be dealing with customer you know encrypted customer data and so one of these models is let's pull you know let's produce a chokepoint within our application and let's put some subset of that app into a secure enclave um and that enclave provides you know the measurements and the memory encryption protection and all those good things that you would expect and if depending on how you do it and depending on on the nature of the application you can do that in many cases without having any kind of an impact at all or a noticeable impact on the platform another model is i'm going to take everything i can possibly find and i'm going to drop it into an enclave and both of these models are are valuable and provide you know and and provide some real protections on that second model you may um have some observable impact and of course the the reason being um because you've taken everything that you've got and you put it into this enclave now what we've done is we've worked very hard between the the client version of sgx and the server version of sgx and we've added some really impressive and and we'll be talking about when we do the launch of of uh our third generation um xeon platform we'll be talking about absolute numbers but we've worked very hard to make sure that the performance penalties are minimized that things are running as as quickly as possible and yet provide the protections that are there and it's always you know it's always a balance between how can i provide a a security control i don't care what it is it's a virus scanner it's a it's an encrypted disk it's a tls session it's it's an enclave how can i ensure that the value that i provide with that security control exceeds the penalty or the cost that i pay either either in terms of performance or or in terms of of usability or what have you and i think what we've done in this particular case is we've um frankly the engineers have knocked it out of the park the value that you get from this technology um really really provides uh a great trade-off um with a with uh with the usability and and and the other aspects um that we talked about yeah and gary to your point i mean i always say that you can have better security without compromising your performance that's really what we're focused on from an engineering perspective and i know scott can can lean in a little bit here um in regards to attestation how important that is and how you don't have to compromise that security for that extra layer of attestation to make sure it's actually secure and then also with ice lake which is launching that's our code name for the third gen um that's launching soon in q2 we will see some accelerators built into the technology that really speeds that up our partners have been testing we've been doing some internal testing we're extremely excited um to showcase that technology and all of the different usages that enables while still not compromising performance so would you say that going forward with the ice lake generation the default should be taking advantage of this sgx as opposed to it being a special case no absolutely if you have confidential workloads that you need to protect you should enable sgx i always say if you think about it from a total cost of ownership you own the technology if you have a xeon processor in your data center you can enable sgx on it and it's free why wouldn't you do it um it's not like a virus scanner so i come from an antivirus background i was in um security for a long time before i came to intel and sometimes those antivirus scanners would literally crash my machine and it would drive me crazy you don't have to worry about that with this technology again those crypto accelerators that have been built in are really fantastic you're going to see some amazing use cases that come out of this and again we're going to announce that in a couple of weeks some of those those stories will that that narrative will come to life and i'll give a couple of examples that are happening right now um in a few minutes but i i really think that this is an impressive ice like it's very impressive from a performance and a security perspective and so i'll leave it at that all right so it sounds like we've reached a tipping point where ssl was or tls was a little while ago where you need an accelerator card to really do ssl and now it's gotten to the point where you don't really need that card anymore and you should just use ssl everywhere because why wouldn't they do yep and most people are yeah and and and laura made a really good point um you know the i would i would argue the most ubiquitous technology um in terms of acceleration used in tls every you know aes and i so these are the the instructions that we've had in in processors for quite some many many generations um what you'll see is a doubling down if you will um in the iceland time frame and so you know the intent here is just to make the entire experience a net positive right plus a a security improvement just a quick question so if you were to enable sgx at the hardware layer is there anything that's required on the uh os on top of that hardware to take advantage of it or is that somehow exposed to applications that right at the top of that stack i i see scots chomping at the bed here okay yeah sure sure so yes yes there are os uh requirements um the the sgx instruction set um though it is it's an application layer technology there are uh kernel mode instructions that have to work in conjunction um and so there there is a kernel mode driver required um for the os uh for those in for the you know the the the lower level supervisor instructions as we call kernel mode instructions as well if um with the way that that we put it out there's also uh application layer components um to help you when you're executing enclaves it helps you in loading them up and and and executing them um it just basically makes your life as an application developer easier so but yes there there are components there's you know shared object libraries that are required at the os at the app level as well as a kernel mode driver that's required thanks i i i was actually interested in asking a very specific question actually on sgx uh i come from a vmware background so my question is going to be like that as well and i know that this is not about vmware but we know the vsphere 7 supports sgx as well and vs gx so if for example we've we're protecting that kind of space my concern has always been that um when security gets in the way of either operations performance was one thing but i wasn't too concerned about that because generally not that visible but operations of something or even security so for example if you're protecting your memory being taken because v sgx is enabled stuff like vmotion starts breaking or things like snapshotting you can't do which are pretty common operations in vmware or even carbon black when it comes to security that gets into sj gets into the way of that as well can you see that someone gets the best of all walls that it can be enabled and then still all these operations work can you see that happening um absolutely and i'll give you a couple of examples um you may have seen in the news that intel's ceo has a rich vmware background and i was i was actually in a meeting earlier today where um uh somebody was saying how it's been um a thousand questions um about how we can work more closely together um what i'll tell you is is that this actually started some time ago and um somebody on uh in the in the same group that i'm in uh i meet with every day i met with them today um is focused on making sure that those you know whether it's vmotion you know live migrations um specifically i have been in a number of conversations around how do we make sure that this works um and the usability is a is a critical aspect well what i'll tell you is is that and you know this as a security professional but what i'll tell you is is that there is a fine line um and sometimes it's not initially obvious is where do i draw that line between the the feature and the security right and i remember and i'll give you an example from years ago when when there was a point at which we said hey intercepting proxies that is the way to go we're going to terminate all ssl sessions at the border of our company at the proxy server we're going to do our analysis we're going to record stuff and then we're going to go off and we're going to create a new ssl session on to the you know the host that we're talking to um what we found is that that's hard right that's complicated it interferes with user sessions um often interferes with the ui often makes people uncomfortable about their credentials that they're typing in um and what we did was we said you know at least as an industry you said hey there are cases where we want another alternative right let's do endpoint security instead and we'll deploy something in the browser we'll deploy something on the on the web server after the ssl you know session is terminated and so what i'll tell you is that the the two companies and and it's not just those but all of us who are participating in the proliferation of of confidential computing are working very hard on specifically those items that you mentioned um usability items and and so i absolutely see that as something that um that we'll get that will get through and i know that some of the you know at least the versions that we've got now um don't offer the full rich set of features um from a usability and manageability perspective um but i know for a fact those things are coming yeah thank you because i mean that will definitely help with organizations enabling these technologies more if they can and keep it usable as well yeah fantastic question yeah great question uh let's talk about um you know the key uh the key challenges here um execution isolation you know this is um we talked a little bit about tcp how do we make that small um how do we keep the the most um important assets you know in an enclave you talk about attestation and ceiling and scott i'm going to ask you to go just a click deeper on on those um on all three of these frankly and then the recovery from hardware issues um if you could just give us a click down on on these i'd appreciate it sure yeah so you know the first the trusted execution environment boundary i kind of touched on earlier the fact that the whole point of sgx was to shrink that that attack surface to as small as possible um uh and that's that's exactly what sgx allows you to do once you're your your code is pulled into the processor it's cache once the data is in there um it's it's as tiny as it's possible as you need it to be to do the work you needed to be inside there um to so one of the questions earlier about performance um it kind of goes to this too one thing i always point out in in a lot of my deep dives with customers is the fact that once you're inside an enclave once your code is cached once your data is cast you're running at the full full speed of the processor just as if you were outside of an enclave you could do this two side by side and depending on depending on the flow of course um you would you would see similar results again once you're you're cached in the processor um at that station sdx remote at the station really it's one of the big differentiators in my mind and i point this out a lot as well and in the deep fives the whole point of this is to allow an enclave to request request a a quote a report of not only itself but of the platform the entire tcb um adding to again that the other question was added before we've talked about what is the tcb um for sgx there's a huge number of components um it could be the microcode version of running on that processor it could be the different acms authenticated code modules running in that platform if they're on there are they all up up to stuff are they are they the right versions um as well as the enclave itself it's a report of the enclave the measurement of the enclave the first security version number of that enclave given that that all that information you know it's comprised into a quote you can give it to a remote party um and based on that information working alongside intel you can decide is that platform up to date um from the hardware all the way to the enclave itself and you can decide am i gonna trust it or not based on your policies once you trust it creating a secure channel sending down the data securely in flight and while executing on that processor such that nobody else can see it and that goes kind of to the last one the recovery from hardware issues if there are you know certain issues found side channel attacks things like that and we have what we call a tcp recovery event this means for example maybe the the fix for particular issue the mitigation for it there's a new version of a microcode that fixes that issue um again using you know the the quote of that platform you would be able to know hey that that particular version of of the microcode is out of date i can choose not to trust it any longer until that platform is up updated and also when you when you bump to the next version for example from one version of a tcp component to the next you can get to your data that was for example sealed with the previous tcp but you can't go the other way around of course so that's what we call a tcp recovery and it just allows us to um to recover again from from from certain types of events that might compromise security on that platform very good what i want to do is jump into some of the some of the use cases here and i'm gonna i'm going to and laura's our um are i was going to say ambassador maybe that's not quite the right but she works a lot with the companies who have been deploying these technologies in actual actually benefiting from them so what i'm going to do is i'm going to skip ahead just a touch because i i really want to get i'm going to use this slide and just kind of introduce it and and this slide is one of the is is a slide that's very specific as most slides are but i'm going to tell you that um the things that happen um in these verticals that we have identified here are really in many ways the tip of the spear and they grow very quickly from there and first example here banking and finance regulatory compliance and audit i i i would argue that there are very few companies um who don't have some regulatory compliance they have to achieve um there are some but for the most part um uh everybody has somebody watching to make sure that what they're doing you know whether it's hipaa from healthcare pci banking finance there's a whole bunch of socks gdpr the list goes on and on and there seems like there's more all the time all the way down and it's you know even though we kind of highlight banking finance i think it goes well beyond that talk about data analytics yes banking finance does a lot of data analytics but everybody does a lot of data analytics there's a great application of this technology um cross-border scott mentioned this kind of enclave to enclave communications and that is a really powerful concept as well as making sure that you not only have your data well attested within an enclave but when you communicate with another party they are also in the same condition or same same level of attestation so i mean everybody on this call is very familiar with the data silos and the barriers that come between companies or even departments uh collaborating with those data's right datas and data silos and how can we take that information out of them to make it um something that's actionable right some kind of insightful data and there are just so many examples of how our partners are doing this of course i am extremely passionate about it so you'll you'll hear that in my voice but i really truly think this technology is amazing because of what it can unlock for example i'll just give a healthcare recent example of healthcare a university of pennsylvania took a uh a public data set of brain scans and i think it was like 270-ish brain scans and as everybody's aware the more inputs you have into the ai models and into those ml models you're able to bring out more meaningful data right and so they were able to collaborate and we're going to give an updated view on that when we talk about launch when we go to launch for ice lake they were able to collaborate and take those learning models from a certain percentile and literally grow that over a hundred percent right so those training models improve by that much why is that important well currently there are 120 different brain abnormalities right oncology issues with neurology so brain scans that are viewed there's very few radiologists that can actually do that in an effective way and so what that allows is these radiologists can look at the most important cases or the most severe cases of things that could cause you know permanent damage or death they're able to immediately step in find those most important cases and do something about that now before that if you have 120 different oncology cases that can happen just in the brain that's much harder to do but if you have trained models to actually determine what is brain cancer and what's not what's an abnormality and what's not you can actually determine those cases um what's the most important go after those another recent example um not healthcare related but we can talk about finance and we we did a news news article on this it's called newsbite and we released that back in december so most financial institutions even if they're you know to gary's point even if they're the smaller banks and credit unions they have to have an anti-fraud department and right now that process is done manually for the most part it's been done manually bank to bank you know branch to branch so for example if you bank at citibank and you're in paris and you need to talk to the branch in the uk they actually have a lot of regulations that don't really allow for easy data sharing with sgx you can actually take that information right the possible fraud that maybe you're committing you put it into a secure enclave you can share those data records and within that federated model you can come out with a higher success rate so consilient was a great example of this and they were able to take anti-fraud cases it took it from a 95 false positive rate all the way down to less than 12 within their first version of their training model so imagine what that's unleashing for the financial services industry right you're you're fighting cyber crime cyber terrorism or just physical terrorism with just those use cases alone right and that's just one example from finance i mean there's just so many exciting usages for this this data sharing this collaborative data sharing another use case that just came out recently and i don't think we have it on this um on this presentation but it was um intellect eu they have a claim share uh technology that allows you let's say i live in in amsterdam and i take my bike everywhere well maybe i'm very afraid of getting ran over because you know there's like five cars on the road well i don't have to um get insurance with five agencies right but maybe i do and if i do and i accidentally jump in front of a car with my bike and then i claim that with all five insurance companies that are different they can actually now share that it's called claim share they can share that data from an insurance perspective and determine if that could be someone that's trying to do something nefarious so those are just a few of the examples um i know i gave gary a ton of them i could i could go on for days on these these usages but every day we're unlocking more and more and our partners are unlocking more things that we never even knew were possible and you're going to see a lot of exciting stories coming out of confidential computing and those will be part of the news bites that we're releasing over the next six months or so you know what i what i really like about that first story is is you know when when you get sick or you get hurt right is you don't want you know the person the first person who's available to treat you you want the best people available to treat you your best person or you want the best group of people available and that's something that and i've seen this evolve over the last um probably four or five years where particularly with brain scans and there's been a number of efforts out there where where people have taken these handful of of experts right who really know this and are gifted to recognize specific conditions and working with them to train models and then as soon as you do that you share those models and all of a sudden everyone has access to these experts and it really shortens the process it makes it much more accurate it's the same thing that you mentioned with uh you know with banking is i want my people working on real issues and not false positives right um false positives um we all recognize there there are going to be some um but i'd much rather have people working on real fraud um than demonstrating that something's a false positive right so um being able to and and all of these have that in insurance fraud the same thing is all of these examples have that exact same kind of theme which is sharing data in a secure fashion enclaved enclave is is hugely beneficial um and and gets us out of these as this slide kind of shows gets us out of this data island what we call you know these cylinders of excellence right it gets us out of this this mode and into the mode where we're collaborating together um to to provide you know better faster cheaper more accurate um results uh in in the analysis that we're doing and here's a shot this is um you know here's this is just one of the um examples of of um some of the healthcare work uh that we've been involved in where um where we're able to do some some sharing of data um and some this is kind of the other reason to protect these models right is we want them to maintain their high level of accuracy and not have um any malicious modifications made to those models so it's not only the investment that we've made but but we want to maintain their accuracy as well so here's what we talked about confidential computing and this consortium that's formed growing and and somewhat you know the beginnings we we think the best the best is ahead um and um so confidential computing will will increase in value um and be a fundamental component of securing data in use and sharing data we'll see more of this as part of the launch the third generation intel xeon scalable processors so this is as laura said a couple of weeks out here we'll see a lot more details there we believe solutions start in hardware and so does in the confidential computing consortium really big focus there on rooted in hardware everything else is malleable um and we need to avoid um if we can um you know any changes or attacks that can that can happen there um you know the themes here you know we accelerate the the memory encryption the attestation um the measurements um the recovery all through these enclaves that sgx provide quick question hopefully a quick question yeah i think it's finally starting to form in my mind how these systems can help share data but what isn't clear in my mind is how do you share the keys between these various sgx name enabled enclaves so that one system can decrypt the model and securely run that model you've now shared to another group that you don't know yeah this is a fantastic question and and you hit on one of the key points here which is protecting the keys right because you know the first thing that i'll do as an attacker is i'll go attack the data right can i see the data can i get into the data somehow well it's encrypted okay well let me go see if i can find the keys right if i can get the keys then i can decrypt the data so awesome awesome insight there um the the attestation mechanism here and scott touched on this but the attestation mechanism here allows me to get a signed report out of enclaves now you can think of that in two ways one is i'm just managing the system and i want to be able to make sure that the enclave is valid the other way to think about it is enclave to enclave attestation and this is the case where i've got hospital a in houston and i've got hospital b in los angeles and i want to send some data from point a to point b this can be done in a couple of different ways one way that's already been done is open ssl has been has been modified to actually run out of an enclave um and so the keys that you're using for your session the keys that you're using to establish that session first of all the asymmetric portion secondly the symmetric portion all remain in that enclave and are never um or never have to be out of that enclave um the second step is is i want to know who i'm talking to on the other end sure i've checked you've got the right keys and everything but the other thing i want to do is make sure that you're in an enclave before i start sending you data i don't want to just send data out to an application that may be running kind of out in the wild so to speak so i can do that over a secure channel is i can ask for attestation data i can verify that before i start sending information over to that other enclave that's a model that's actually used very very consistently in communication it's used in some examples for actually installing software um it says i don't want to install it unless i know it's going to be on a system that has an enclave and so one of our partners is actually working on that as well and so we'll have more information on that over the next for the next few weeks
Info
Channel: Tech Field Day
Views: 1,246
Rating: undefined out of 5
Keywords:
Id: MdCObOl8Vww
Channel Id: undefined
Length: 57min 39sec (3459 seconds)
Published: Fri Mar 12 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.