IBM And Intel Combine To Deliver Chip-Level Security

There’s a strange thing happening with Intel and its partners (and, before I go on, I have to disclose that this week I’m attending the Intel Developer Forum and Intel is covering my travel and expenses to attend the event). On the one hand, more and more customers are attracted towards the idea of abstracting low level parts of their technology operations away to third parties and, in doing so gaining the ability to forget about the “raw plumbing”. You’d think that given that move, companies like Intel that deliver the very lowest level parts of the stack (and when I saw low level, I don’t mean that pejoratively) would be forgotten. Put it this way, if you’re thinking about how mobile backend as a service and big data analytics can help you, do you really care about the silicon on which that all runs?

On the other hand however, and entirely counter-intuitively, it seems that people do care what is inside. Previously I’ve been amazed that Amazon Web Services, the undisputed king of the public cloud, was busy telling the world about its “Intel Inside” services. This Intel Inside for the Cloud program was extended at the start of the year and I saw it as a marketing coup of massive proportions. I suggested that someone inside Intel’s cloud business unit needed a serious bonus - whoever takes the credit however, this ability to differentiate a service provider’s offering simply based on the flavor of silicon they use is pretty amazing.

So it will be interesting to see how much success Intel sees with some of its new solutions that provide higher level capabilities right down to the chip level. Intel’s “Trusted Execution Technology (TXT - but excuse the marketing acronym) is a solution that provides hardware monitoring and security controls. Recently it was announced that security vendor HyTrust was using the TXT technology to offer new data and application security functions to its customers. Things like the ability to control geographic boundaries, the separation of virtual workloads and validation of hardware specifications for a particular workload.

Today IBM is jumping on the bandwagon and announcing that SoftLayer is the first cloud vendor offering TXT-enabled bare metal clouds. With the deal, organizations will be able to certify that a particular pool of resources is appropriately secured for the compliance setting that is relevant, be it HIPAA, PCI, FedRAMP, ISO, FISMA or SSAE16.

Intel TXT verifies the components of the computing system from its operating system or hypervisor all the way to its boot firmware and hardware. Combined with attestation (root of trust software) this verification is then used to permit or deny a workload from running on that select server system. Hybrid cloud solutions can leverage partner software and Intel TXT, to limit data decryption to specific geo-located servers, in support of local data privacy laws. And because Intel TXT is activated during boot up, the added security does not add any performance overhead to applications.

In order to actually use Intel TXT, SoftLayer customers need to order bare metal servers available with a Trusted Platform module (TPM) installed. Once activated and deployed with attestation software Intel TXT allows clients to build trusted computing pools. It’s an added “seal of approval” for highly regulated industries.

It’s also a proof point that what is inside still matters. No end of commoditization and disintermediation impacts upon that core principle. Lucky Intel.