Media Alert
153
0 Kommentare
Intel at Open Confidential Computing Conference 2024 - Seite 2
In this talk, Mikko Ylinen, senior Linux software engineer at Intel, and Malini Bhandaru, senior principal engineer and cloud native architect at Intel, will share an overview of the landscape followed by a proposal to measure
invariants in a typed data structure with a summary in the CVM tamper-resistant measurement registers and how it supports scalable attestation. It will be illustrated in the context of Intel Trust
Domain Extensions (Intel TDX) using established techniques, such as CoCo, Linux IMA, dm-verity or CCNP.
When: Wednesday, March 13, 8-8:30 a.m. PDT
Where: Virtual through conference platform
Confidential Computing in 2024 – Innovating Secure and Scalable Solutions
We are on the cusp of a transformative era. Technical readiness and market momentum will converge in 2024 to accelerate growth and adoption of confidential computing. This session, presented by
Anand Pashupathy, vice president and general manager of Security Software and Services at Intel, will offer a comprehensive assessment of the industry’s progress as the industry aligns with
imperatives described in Intel CTO Greg Lavender’s 2023 keynote at OC3. Pashupathy will also provide an in-depth look at Intel’s strategic initiatives to address remaining adoption barriers and
elevate confidential computing to new levels of security, performance and user-friendly scalability.
When: Wednesday, March 13, 10:30-11 a.m. PDT
Where: Virtual through conference platform
Tightening Side Channel Protections with Intel SGX AEX-Notify
Lesen Sie auch
Intel Software Guard Extensions (Intel SGX) supports the creation of shielded enclaves within unprivileged processes. Code and data within an enclave cannot be read or modified by the operating system or hypervisor, nor by any other software. However, side-channel attacks can be challenging to comprehensively mitigate. This talk by Scott Constable, research scientist, Cybersecurity and Computer Security at Intel, will give an overview of AEX-Notify, a new flexible architecture extension that makes enclaves interrupt-aware: Enclaves can register a trusted software handler to be run after an interrupt or exception (such as a fault). AEX-Notify can be used as a building block for implementing countermeasures against different types of interrupt- and fault-based attacks. AEX-Notify is available on 4th Gen Intel Xeon Scalable processors and newer products with Intel SGX and is also backward-portable to all older server products via a microcode update. The Intel SGX SDK for Linux now supports a default trusted software handler that mitigates attacks that use interrupts or exceptions to exert fine-grained control over enclave execution, for example, by forcing a single enclave instruction to execute each time the enclave is entered.