Intel® Trusted Execution Technology Hardware-based Technology for Enhancing Server Platform Security

Abstract

architecture called Intel® Trusted Execution Technology (Intel® TXT) that provides hardware-based security technologies to help build a solid foundation for security.1 Built into Intel’s silicon, these technologies address the increasing and evolving security threats across physical and virtual infrastructures by complementing runtime protections such as anti-virus software. Intel TXT also can play a role in meeting government and industry regulations and data protection standards by providing a hardwarebased method of verification useful in compliance efforts. Intel TXT is specifically designed to harden platforms from the emerging threats of hypervisor attacks, BIOS, or other firmware attacks, malicious root kit installations, or other softwarebased attacks. It increases protection by allowing greater control of the launch stack through a Measured Launch Environment (MLE) and enabling isolation in the boot process. More specifically, it extends the Virtual Machine Extensions (VMX) environment of Intel® Virtualization Technology (Intel® VT), permitting a verifiably secure installation, launch, and use of a hypervisor or operating system (OS). Intel TXT gives IT and security organizations important enhancements to help ensure more secure platforms; greater application, data, or virtual machine (VM) isolation; and improved security or compliance audit capabilities. Not only can it help reduce support and remediation costs, but it can also provide a foundation for more advanced solutions as security needs change to support increasingly virtualized or “multi-tenant” shared data center resources. This paper describes the basic uses of Intel TXT, the core components, how they operate, and critical enabling requirements for the technology in server implementations. Executive Summary A building is only as good as its foundation. The same is true for a computer architecture’s information security. In an age where security breaches in IT infrastructure are increasingly common front page news, it’s imperative that organizations use the most secure building blocks for the foundations of their IT solutions. This is of growing importance today, as IT managers are being asked to evolve their data centers into new and more demanding uses that challenge existing security practices. For example, as the data center gets increasingly virtualized, high-value or highly sensitive workloads from different lines of business will be shared across common physical infrastructure. Where traditional physical isolation is no longer possible a more trusted infrastructure is the key to maintaining the high assurance and control required to meet the security needs in the data center. The increased interest in cloud computing will only further emphasize the need for more visibility into the security status of workloads and systems and new control capabilities to meet compliance mandates. Intel® Trusted Execution Technology

Extracted Key Phrases

3 Figures and Tables

01020201520162017
Citations per Year

Citation Velocity: 10

Averaging 10 citations per year over the last 3 years.

Learn more about how we calculate this metric in our FAQ.

Cite this paper

@inproceedings{Greene2013IntelTE, title={Intel® Trusted Execution Technology Hardware-based Technology for Enhancing Server Platform Security}, author={James Greene}, year={2013} }