Confidential computing for enterprise-grade servers took a big step forward in the summer, when Google Cloud announced it was leveraging the AMD 2nd Gen Epyc chips to offer secure enclaves to customers. Customers could put entire virtual machines inside these enclaves to protect data with hardware-based encryption, even while applications were using it.
Normally, data is protected when it is stored or while in transit, but it must be decrypted for applications to work with it, creating a significant security vulnerability. Confidential computing addresses this issue.
Google and AMD weren’t the first to take the approach. IBM had a similar offering with its IBM Z chips, available both on IBM Z and Linux servers. Like Google’s, an IBM secure enclave was large enough to hold an entire virtual machine.
Intel has been a player here as well, with its Intel SGX confidential computing platform. But the Intel SGX secure enclave was initially a fraction of the size of the ones available from Google and IBM, making it suitable only for small or niche applications. Plus, unlike with Google or IBM, applications had to be rewritten specifically to take advantage of the Intel SGX feature. Finally, the technology was only available on workstations and difficult to deploy on data center-grade servers.
This week Intel addressed all those issues, announcing that its SGX secure enclaves will be available for larger servers, will be 1 terabyte in size — big enough to hold virtual machines — and, with help from third parties like Fortanix, users will be able to use the feature without rewriting their applications.
“We are bringing Intel SGX to mainstream dual-socket processors, specifically the upcoming 3rd generation Intel Xeon Scalable processors, code named Ice Lake,” an Intel spokesperson told DCK. Intel expects to start “production shipments” of Ice Lake, its first 10nm-based Xeon Scalable server chips, by the end of the year, the spokesperson said.