Intel® Tiber™ Trust Authority
Data is one of your most valuable assets. Trust the systems that run it.
Zero Trust Attestation Service Without High Cost or Complexity
Intel Tiber Trust Authority is a zero-trust attestation service that provides customers with assurance that their apps and data are protected on the platform of their choice, including multiple cloud, sovereign clouds, edge, and on-premises environments.
Intel Tiber Trust Authority verifies the trustworthiness of compute assets, including infrastructure, data, applications, endpoints, and AI/ML workloads. This attests to the validity of Intel Confidential Computing environments, also known as Trusted Execution Environments (TEEs), running on CPUs and GPUs.
Benefits
Independent
Verify the environment's trustworthiness, regardless of who manages the data center. Address the increasing demand for the separation of duties between the cloud infrastructure provider and the verifier of the infrastructure’s authenticity and integrity.
Easy to Deploy
Easily set, monitor, and verify security policies across multiple cloud environments and improve operational efficiency without the cost and complexity of building your own attestation service.
Free to Use
Intel Tiber Trust Authority is a free, independent attestation platform, with an option for paid support. This helps key cloud service providers (CSPs) and independent software vendors (ISVs) grow the confidential computing market.
Learn More
Certified for Information Security, Cybersecurity, & Privacy Protection
ISO 27001:2022 certification helps put Zero Trust within reach. Designed for public cloud flexibility with private cloud security, our independent attestation service is committed to delivering best practices in security controls, information technology, and cybersecurity to our clients and their customers.
Intel and NVIDIA are providing a unified attestation solution for customers to verify the trustworthiness of the CPU and GPU Trusted Execution Environments (TEEs) for Confidential Computing based on Intel® Xeon® processors with Intel® Trust Domain Extensions (Intel® TDX) and NVIDIA H100 GPUs.
Get Started
Simplify the security and trustworthiness of the platform on which your workload runs with Intel's infrastructure-agnostic attestation services. Intel Tiber Trust Authority is now free to use for customers using TEEs on select cloud service providers. Refer to the ‘Frequently Asked Questions’ section below for more information on how to get started.
What Others Are Saying
"With innovations across security, Intel will enable Azure customers using VMs based on Intel® SGX technology or Intel® TDX technology to have a choice for their attestation verifiers with a new service that attests to the provenance of the Confidential Computing environment with Intel Tiber Trust Authority."
Mark Russinovich
Fellow and CTO
“Our collaboration enables security conscious organizations to share data safely end-to-end while preserving privacy, confidentiality, and compliance with regulatory requirements. Confidential computing is especially important for highly regulated industries where data security is paramount to safeguarding the privacy of the information.”
Todd Moore
Vice President of Data Security Products
"In a world where protecting our assets on all levels is paramount, confidential compute technology one of the elements in our protection shield. The most crucial piece of the puzzle? Independent attestation. That's precisely what Intel Tiber Trust Authority delivers. It's a must-go scenario."
Jonas De Troy
Head of Public Cloud and Edge
Expert Insight
Frequently Asked Questions
Confidential computing is an approach focused on helping to secure data in use. The efforts can enable encrypted data to be processed in memory while lowering the risk of exposing it to the rest of the system, thereby reducing the potential for sensitive data to be exposed while providing a higher degree of control and transparency for users.
At the core of confidential computing is an isolated, hardware-based Trusted Execution Environment (TEE) where trusted software can access confidential data. Data is only released to the TEE for decryption & processing when authorized by the owner's key. The TEE can be verified through a process called attestation, which helps assure users their TEE is genuine and correctly configured.
A trusted execution environment (TEE) is a secure area of a main processor. It protects code and data loaded inside with respect to confidentiality and integrity. Data integrity—prevents unauthorized entities from altering data when any entity outside the TEE processes data, Code integrity—the code in the TEE cannot be replaced or modified by unauthorized entities.
Attestation of a Trusted Execution Environment (TEE) is the dynamic measuring of the health of the isolated execution technology and is based on building a trust chain from the manufacturer to the last power cycle of the device.
Intel Tiber Trust Authority is a Zero Trust attestation SaaS that verifies the trustworthiness of compute assets in the cloud. Intel Tiber Trust Authority attests to the validity of Intel Confidential Computing environments, also known as Trusted Execution Environments (TEEs).
Intel Tiber Trust Authority is now free to use for customers using TEEs on select cloud service providers. US and European customers can visit the customer portal for more information on how to get started.
If you are interested in an extended support agreement for Intel Tiber Trust Authority, please contact an Intel representative.
CSP: Azure, Google Cloud, and IBM Cloud.
ISV: Thales, Proximus.
Get started with these steps:
· Sign in to the customer portal to obtain an API key.
o US Customers: https://portal.trustauthority.intel.com/
o EU Customers: https://portal.eu.trustauthority.intel.com/
Download instructions from the portal.
Intel Tiber Trust Authority offers an operator-independent attestation service that helps provide end users with confidence that the TEE provided by the CSP is trustworthy. End users can encrypt their application and not release the decryption key, nor decrypt it, until the attestation token is received. End users can maintain their own KMS on-prem or depend on CSP-provided key vaults, such as Azure Key Vault, to manage these encryption and decryption keys. Therefore, KMS is an integral part of the customer solution, and Intel Tiber Trust Authority is designed to interoperate with it.
Intel followed its Security Development Lifecycle (SDL) when developing Intel Tiber Trust Authority. Before we deliver products to our customers, we apply rigorous testing and offensive research, scouring code for potential security vulnerabilities. But we don’t stop with our own assessment. We work with the best in the business—whether that’s a top university, a major technology vendor, or even a group of elite hackers to put our products to the test.
Intel Tiber Trust Authority has achieved ISO 27001:2022 certification. The Confidential Computing attestation service is committed to delivering best practices in security controls, information technology and cybersecurity to our clients and their customers. For more information: https://www.intel.com/content/www/us/en/quality/corporate-certifications/directory.html.