Today at RSA in San Francisco, Intel announced a framework & built-in foundation of security capabilities called Intel® Security Essentials. These capabilities are available across Intel® processor lines, and they enable security professionals to protect platforms, data, and to build trusted applications in a consistent way.
Intel® Security Essentials core capabilities can be used by OEMs and solution providers as ingredients to seed solutions leveraging hardware rooted security in a variety of common security usage models. We expect the lower cost and consistent implementation to accelerate the adoption of hardware-rooted security in devices, networks, and cloud platforms.
Today, implementing hardware-based security is a widely recognized best practice compared to software-only based approaches. However, the complexities of enabling systems with discrete hardware security components from multiple vendors creates design, deployment, and operational barriers that hinder adoption of such protections. With multiple discrete hardware security components, each with diﬀerent and disconnected root-of-trust capabilities, it may not be possible to fully integrate the components’ security capabilities into a cohesive security architecture. The result is often a fragmented solution with significant barriers for upgrades post-deployment.
The industry is also beginning to move to a software-defined model where applications and workloads span devices and servers running at the edge (IoT and fog) to data center platforms running in the cloud. So the need for consistent and reliable security implementations is greater than ever.
After implementing a multi-year roadmap, Intel has converged & defined our key root of trust security capabilities across all our processors and chip sets. Intel’s existing processor security technologies can be enabled to deliver these baseline protections. These building blocks form a recommend suite of baseline hardware protections that should be used by the ecosystem to deliver a variety of security usage models. This common set of capabilities include:
- Crypto: Hardware-assisted crypto acceleration and secure key generation
- Protected Data, Keys, and Identity: Encryption and storage for sensitive data, keys, or credentials, at rest and in transport
- Platform Integrity: Protected and verified boot process with hardware attestation of the platform
- Trusted Execution: Isolated enclaves that protect shared secrets, code, or sensitive data in the application runtime
Intel embarked on this effort to accelerate the adoption of best practice hardware protections and to drive consistent security models that speed development. Intel is committed to delivering a write once run anywhere model for security. Intel seeks to equip developers with the same four capabilities on the processor - regardless of whether the goal is to secure a cloud platform or an IoT device.
With zero incremental cost beyond the Intel SoC itself, Intel® Security Essentials gives the ecosystem a more cost-effective and performant option. These designed-in capabilities also deliver the flexibility to upgrade firmware and repurpose devices to face future threats, or to address new security use cases.
With our hardware strengths, Intel is uniquely positioned to inﬂuence and promote a consistent hardware security model across a broad ecosystem. Intel Security Essentials is based on a consistent architecture, with integrated firmware, development libraries, and validation on wide variety of operating systems. Intel’s general purpose systems-on-a-chip (SoCs) with integrated security oﬀer a new way forward to implement hardware-based security.
Intel will continue to innovate new technologies to implement the foundational capabilities of Intel Security Essentials. Stay tuned throughout 2018, as Intel business units bring out references to Intel® Security Essentials in their platform security architectures and portfolios.
Intel® Security Essentials represents a leap forward that will stimulate the adoption of hardware security to better protect our digital world. Visit Intel’s hardware enabled security page to explore Intel® Security Essentials technologies and use cases.