How Intel and AMD hope to win the cloud security game

Team Xeon reveals 'Trust-as-a-Service' while Google Cloud details deeper ties with Team Zen

Analysis As cloud service providers increasingly look to x86 architecture alternatives, Intel and AMD are trying to find ways to gain or hold favor in the market – and this includes baking in security features and forming services and partnerships.

Both semiconductor giants announced cloud security initiatives this week. At the Intel Vision event on Wednesday, Intel revealed its Project Amber remote verification service for cloud providers, among other things. A day before, Google Cloud detailed a collaboration with AMD to harden the security of the chip designer's Epyc processors.

The dueling efforts both revolve around confidential computing, which aims to protect sensitive data by encrypting it in memory using hardware-based so-called trusted execution environments, also known as secure enclaves, which are provided by the latest server chips from Intel and AMD. This technology is backed by industry players, including Arm, which too has confidential computing in its architecture.

At the heart of confidential computing is the desire to protect sensitive data and code from not only other software and users on a cloud server but also the administrators of the machine. It's aimed at customers who want to process information off-premises and be assured that not even a rogue insider, or a compromised or malicious hypervisor or system software component, at the remote datacenter can interfere with or spy on that data.

While Intel has historically been the dominant fabricator of CPUs for cloud providers, the company's manufacturing missteps has allowed AMD to steal market share and double its cloud business for several quarters with faster, higher-core-count processors fabbed by TSMC.

Now that Intel is working to regain technology leadership as part of an ambitious comeback plan, the two rivals are facing a threat in the form of cloud providers adopting alternative chip architectures, primarily Arm, to provide faster and more efficient services.

New 'trust-as-a-service' from Intel

It is against this backdrop that Intel on Wednesday announced Project Amber, a software-as-a-service offering that acts as an independent authority for remotely verifying the trustworthiness of a confidential computing environment in cloud and edge infrastructure.

Intel plans to offer Project Amber as a multi-cloud service that supports multiple kinds of secure enclaves accessible from bare-metal containers, virtual machines, and containers in VMs.

The initial version will only support secure enclaves protected by the Intel Software Guard Extensions (SGX) feature, natch, which debuted in mainstream Xeon processors last year with the launch of Intel's much-delayed Ice Lake server chips. The chipmaker said it hopes to extend coverage to enclaves provided by other companies in the future.

Intel plans to build a software ecosystem around the service, saying its staff are working with independent software vendors to build services on top of Project Amber, which will be managed by software tools and APIs.

In Wednesday's Intel Vision keynote, Intel CTO Greg Lavender called Project Amber a "trust-as-a-service solution" and said it establishes trustworthy environments through the process of attestation so that users can feel safe running "sensitive, mission critical data" in the cloud.

"In this architecture, the attestation authority is no longer linked to the infrastructure provider. This decoupling helps provide objectivity and independence to enhance trust assurance to users and application developers," said Lavender, who leads Intel's software organization.

Intel is expected to run a pilot for Project Amber with select customers later this year. A spokesperson declined to provide details of how it plans to monetize Project Amber, but with its SaaS slant, we suspect it could join the chipmaker's expanding portfolio of commercial software products that CEO Pat Gelsinger hopes will make Intel more competitive.

Lavender said Intel is working to make it easier for companies to use Intel SGX with an open-source project called Gramine that enables developers to run unmodified Linux applications in SGX enclaves. This is important, because the feature has historically required developers to modify the code of applications to make use of SGX, which has created obstacles for wider industry adoption.  

"Gramine provides a 'push button' method for easily protecting applications and data. This means a faster, more secure and more scalable end-to-end security solution with minimal effort," Lavender said.

AMD deepens collaboration with Google Cloud

While Intel introduced SGX all the way back in 2013, AMD beat its rival to the datacenter market with the first mainstream server CPUs to incorporate confidential computing capabilities with the debut of its Epyc family in 2017. AMD then made things more viable for cloud providers by significantly increasing the number of encryption keys in the second generation of Epyc in 2019.

The fact that AMD was the only chip designer at the time with confidential computing capabilities in mainstream server CPUs was one of the main reasons Google Cloud ended up choosing AMD over Intel to power its Confidential Virtual Machines product, which launched in 2020.

Google Cloud said ease-of-use and low-performance impact were two other reasons it chose AMD's Secure Encryption Virtualization (SEV), the main feature enabling confidential computing capabilities in Epyc. Despite the expansion of Intel SGX in mainstream Xeon processors in 2021, Google Cloud has yet to adopt SGX for new products in its Confidential Computing portfolio.

Instead, the cloud provider has deepened its partnership with AMD through a collaborative, in-depth security review of Epyc's security capabilities, which was announced on Tuesday. The review allowed the chip designer to identify and fix vulnerabilities in the secure coprocessor that enables SEV and other confidential computing features in Epyc chips.

The results of that technical review are here, and it revealed 19 security weaknesses, which were addressed by AMD in patches that were released over past months.

The audit is a big deal because it required AMD to give Google Cloud's security teams access to the chip designer's proprietary firmware and hardware components so that researchers could scrutinize every detail of AMD's implementation and devise custom tests.

After all, there have been plenty of times when independent researchers have uncovered flaws in both Intel SGX and AMD SEV on their own, so AMD has incentive to work with a cloud provider that is buying a substantial amount of its processors.

Google Cloud conducted the review as it seeks to expand its Confidential Computing portfolio, and the cloud provider said the audit gave it the confidence that such products meet a "elevated security bar" as its Confidential VMs are now "protected against a broad range of attacks."

"At the end of the day, we all benefit from a secure ecosystem that organizations rely on for their technology needs and that is why we're incredibly appreciative of our strong collaboration with AMD on these efforts," said Royal Hansen, a security engineering veep at Google.

While Intel has yet to win over Google Cloud with SGX, the semiconductor giant's confidential computing capabilities have been adopted by Microsoft Azure and IBM, among smaller infrastructure providers. Azure and IBM have also bought into AMD's competing features.

With one research firm estimating the confidential computing market to reach $54 billion by 2026, the latest efforts by Intel and AMD underline how both companies view the underlying technology as an important way to win favor with cloud providers in the future. And they're no doubt getting ready for other chip vendors to entry the fray with their own capabilities. ®


Intel did introduce SGX in the company's Xeon E CPUs for entry-level servers in 2017, but they were only made for single-socket servers, and they were not part of the mainstream Xeon Scalable lineup.

Broader topics

Other stories you might like

  • Stolen university credentials up for sale by Russian crooks, FBI warns
    Forget dark-web souks, thousands of these are already being traded on public bazaars

    Russian crooks are selling network credentials and virtual private network access for a "multitude" of US universities and colleges on criminal marketplaces, according to the FBI.

    According to a warning issued on Thursday, these stolen credentials sell for thousands of dollars on both dark web and public internet forums, and could lead to subsequent cyberattacks against individual employees or the schools themselves.

    "The exposure of usernames and passwords can lead to brute force credential stuffing computer network attacks, whereby attackers attempt logins across various internet sites or exploit them for subsequent cyber attacks as criminal actors take advantage of users recycling the same credentials across multiple accounts, internet sites, and services," the Feds' alert [PDF] said.

    Continue reading
  • Big Tech loves talking up privacy – while trying to kill privacy legislation
    Study claims Amazon, Apple, Google, Meta, Microsoft work to derail data rules

    Amazon, Apple, Google, Meta, and Microsoft often support privacy in public statements, but behind the scenes they've been working through some common organizations to weaken or kill privacy legislation in US states.

    That's according to a report this week from news non-profit The Markup, which said the corporations hire lobbyists from the same few groups and law firms to defang or drown state privacy bills.

    The report examined 31 states when state legislatures were considering privacy legislation and identified 445 lobbyists and lobbying firms working on behalf of Amazon, Apple, Google, Meta, and Microsoft, along with industry groups like TechNet and the State Privacy and Security Coalition.

    Continue reading
  • SEC probes Musk for not properly disclosing Twitter stake
    Meanwhile, social network's board rejects resignation of one its directors

    America's financial watchdog is investigating whether Elon Musk adequately disclosed his purchase of Twitter shares last month, just as his bid to take over the social media company hangs in the balance. 

    A letter [PDF] from the SEC addressed to the tech billionaire said he "[did] not appear" to have filed the proper form detailing his 9.2 percent stake in Twitter "required 10 days from the date of acquisition," and asked him to provide more information. Musk's shares made him one of Twitter's largest shareholders. The letter is dated April 4, and was shared this week by the regulator.

    Musk quickly moved to try and buy the whole company outright in a deal initially worth over $44 billion. Musk sold a chunk of his shares in Tesla worth $8.4 billion and bagged another $7.14 billion from investors to help finance the $21 billion he promised to put forward for the deal. The remaining $25.5 billion bill was secured via debt financing by Morgan Stanley, Bank of America, Barclays, and others. But the takeover is not going smoothly.

    Continue reading

Biting the hand that feeds IT © 1998–2022