Security and Privacy | Ensuring Trust at Every Level
Increasing cyber-attacks, video manipulation, and identity theft are driving the need for advanced security measures. Intel Labs’ wide-ranging security research aims to maintain the integrity and confidentiality of data that is stored, in use, or in transit.
Intel Labs' Security Research
Jason Martin, Principal Engineer at the Security Solutions Lab and Manager of the Secure Intelligence Team at Intel Labs, talks about recent security research efforts in his presentation from Labs Day 2020.
Unleasing the Potential of Data
Cybersecurity threats including hacks, data breaches, and malicious attacks are disrupting companies, individuals, and governments. These unlawful acts are also becoming more sophisticated and continue to evolve as data usage grows. In addition, as cloud computing, AI, machine learning (ML), and the intelligent edge revolutionize computing, security will play a major role in successfully implementing next-generation applications.
Since data is dynamic, it must be protected at every level – while at rest, in use, or in transit. As computing moves from on-premises to the public cloud to the edge, safeguarding intellectual property is paramount. Maintaining data integrity, privacy, and accuracy is at the heart of Intel Labs’ security research efforts.
Research spans across several areas from workload and data protection to trusted execution environments (TEE). Isolating sensitive data with hardware-based memory protections can help defend data from malicious attacks. Our main areas of security research include confidential computing, federated learning, and fully homomorphic encryption.
Confidential Computing
As computing spans multiple environments, end-to-end data protection is needed. In addition, increased security assurances are necessary to protect sensitive IP, regulated data, and workloads. Software-based encryption helps ensure protection while data is in storage and in transit but is insufficient in protecting data while its actively in use.
Confidential computing is an industry initiative focused on helping to protect data and code while they are being processed in hardware-based TEEs. Intel Labs’ pioneering research led to the productization of Intel® Software Guard Extensions (Intel® SGX), which helps secure data while in use using TEEs. Featured in Intel® Xeon® Scalable processors, Intel SGX helps protect data using unique application isolation technology.
Another example of Intel Labs’ innovations in confidential computing includes the Gramine Library OS, an open-source community project that supports many unmodified Linux applications. The solution provides a flexible and modular architecture to help secure Linux applications/binaries on Intel SGX.
Federated Learning
Regulatory restrictions can inhibit the use of data for computing purposes and for conducting data analytics. Federated learning is a distributed machine learning (ML) approach that enables organizational collaboration without exposing sensitive data or ML algorithms. Industries such as retail, manufacturing, healthcare, and financial services can benefit from federated learning to gain valuable insights from data.
Research in federated learning explores securely connecting multiple systems and datasets and removing the barriers that prevent the aggregation of data for analysis and insight. Intel Labs’ collaboration with the Center for Biomedical Image Computing and Analytics at the University of Pennsylvania Perlman is an example of federated learning in action. Together, we are co-developing technology to train artificial intelligence models to identify brain tumors.
Homomorphic Encryption
Homomorphic encryption (HE) is a new cryptography system that preserves the integrity of data between multiple parties by performing calculations on encrypted data without exposing it. The technology is emerging as a leading method to enable data privacy and is particularly useful for supply chain security, regulatory compliance, and for performing private data analytics.
3rd Generation Intel® Xeon® Scalable Processors include extensions and tools that help accelerate HE implementations, as demonstrated in a proof-of-concept with Nasdaq. However, the current computational overhead makes HE too cost prohibitive for broader commercialization.
Intel Labs is investigating new hardware and software acceleration approaches to greatly reduce the computational overhead required for HE. Intel Labs is collaborating with Microsoft to build a hardware accelerator to achieve higher commercial viability with funding from the Defense Advanced Research Projects Agency (DARPA). In addition, we are engaging with the ecosystem and standards bodies to promote industry adoption.
Post-Quantum Cryptography
With all its promise, quantum computing poses serious threats to our digital world. Even now, adversaries are likely harvesting encrypted data in anticipation of decrypting it once quantum computers are available. Code signing applications and internet transactions will also be vulnerable to malicious attacks—unless we prepare.
Intel is working to help ensure a safe transition to a quantum-enabled world. From our participation in the development of post-quantum encryption standards to increasing the robustness of code signing applications, we are committed to mitigating the risks associated with this promising technology.
Trusted Media
Almost everything we do today is increasingly digital, from working and learning from home to interacting with family and friends. At the same time, our trust in media has eroded due to deliberate deception via disinformation and manipulated content. Intel Labs’ trusted media research team is stepping in with several initiatives to help users restore trust in media by being able to distinguish between real and fake content.
In partnership with Intel’s security research team and internal business units, Intel Labs is leading and coordinating its Trusted Media research efforts. The team is exploring how to incorporate detection technology and media provenance in Intel products and is looking at how customers can integrate new technologies into their platforms. Two initial research areas include deepfake detection, or the fake production or modification of media using machine learning and AI; and media authentication technology to confirm the validity of the content, among other solutions.
SGX Federated Learning Demo Video
View a demonstration of a federated learning system built using Intel® Software Guard Extensions (Intel® SGX) to provide trust. The video demo features the use of federated learning to enable an encrypted communication channel between multiple collaborators.
Security Research Centers with Universities and Partners
Private AI Collaborative Research Institute
Intel Labs has collaborated with Avast and Borsetta to launch the Private AI Collaborative Research Institute to advance and develop technologies in privacy and trust for decentralized AI. The research institute is currently working with the first nine institute-supported research projects from nine universities worldwide.
Crypto Frontiers Research Center
Intel Labs’ new collaborative, multi-university research center develops cryptographic technologies for future device, edge, and cloud architectures. The Crypto Frontiers Research Center includes researchers from Intel Labs and world-renowned academic researchers from seven universities globally. Research areas include Post-Quantum Cryptography (PQC); privacy-preserving cryptography; and lightweight, low-latency cryptography.
RARE Research Center
The Resilient Architectures and Robust Electronics (RARE) research center focuses on developing new capabilities for secure and resilient hardware and software. Researchers from 10 leading universities were selected to participate in the research center and focus on developing innovations for error characteristics of silicon computing, new solutions to detect compute failure conditions, tools for side-channel-free and fault-tolerant processors, and novel hardware mitigations.