Intel today announced the release of the fourth generation of its Xeon family of server chipsets, with several new features detailed under the company’s confidential computing security features. Intel Improvements Trusted Execution Environment The most notable upgrades were new techniques to combat jump- and return-oriented programming attacks.
The 4th generation of Xeon brings significant improvements in energy efficiency, AI processing and edge workload handling, but the highlight of the security aspect is virtual device (VM) Application of isolation techniques and control flow. The former technique provides hardware-level VM isolation. hypervisor Oversight — Instead of a single app within the trusted environment, the entire VM can be there.
There are many options for trusted execution environments in other areas of the stack, but not all options offer the same capabilities or meet the same standards, said Intel colleague Amy Santoni, the company’s chief Xeon security architect.
Intel aims to secure virtual environments.
“It depends on your goal for a trustworthy environment,” she said. “If you look at the cloud today, virtualization technologies allow you to run multiple tenants on the same hardware, but in a normal cloud environment, the hypervisor can still access all VM data if the user allows it. It is at the hardware level.”
This isolation is provided through Intel’s Trust Domain Extensions framework, which already works in Azure, Google Cloud, Alibaba, and IBM.
Control flow enforcement is a feature that Intel has already implemented in its endpoint-centric Core processor family, but is new to the Xeon family, which aims to eradicate a family of cyberattack technologies called return-oriented and jump-oriented programming. The idea behind these attacks is to rearrange the order in which pieces of code are presented back to the application for malicious purposes.
“So you can take snippets of actual released code, but manipulate the order,” Santoni explained.
However, control flow enforcement adds a secondary or “shadow stack” to the regular stack used to direct the execution of instructions. The idea comes to mind that bad actors cannot manipulate it because it is completely inaccessible to the programmer. The order of instructions is compared to the “shadow stack” which throws an error if it is not in the correct order.
Finally, Project Amber, already announced by Intel, is on the 4th generation of Xeon. This is what the company describes as an external feature for Trusted Execution Environment, which allows users to verify that their workloads are running on Intel hardware regardless of information provided by the cloud service provider.
“The idea is to give customers the ability to validate the configuration of their running environment,” said Santoni. “It doesn’t mean CSP doesn’t offer it, it’s an additional option. When buying a used car from a dealer. [still] I recommend taking it to an independent mechanic.”
Approximately 50 SKUs in the 4th Gen Xeon family will be available for pre-order starting February 15th.
Copyright © 2023 IDG Communications, Inc.