Intel announces Project Amber, with the goal of independent trust assurance

The new service will provide its users with third-party attestation over a host of different environments.

Image: iStockphoto/JHVEPhoto

As part of its annual Intel Vision event, the company has officially announced Project Amber, an application aimed at assisting businesses with protecting their compute assets in cloud, edge and on-premises environments. The new service is expected to provide organizations with remote, third-party verification of trustworthiness in a host of environments.

“As organizations continue to capitalize on the value of the cloud, security has never been more top of mind. Trust goes hand in hand with security, and it is what our customers expect and require when delivering on Intel technology,” said Greg Lavender, chief technology officer, senior vice president and general manager of the Software and Advanced Technology Group at Intel. “With the introduction of Project Amber, Intel is taking confidential computing to the next level in our commitment to a zero-trust approach to attestation and the verification of compute assets at the network, edge and in the cloud.”

The foundational basis of trust in a confidential computing environment is established via a process called attestation, according to Intel. As the verification process is imperative for organizations with the move towards hybrid and remote work environments, it is key that enterprises know their employees are working on secured and confidential platforms. Using a hardware-based trusted execution environment (TEE), Intel says they are hoping Project Amber is the beginning of a move towards a new multi-cloud, multi-TEE service for third-party attestation.

As an example, Project Amber will serve as an independent attestation service, ensuring that containers are not performing their own verification process. This gives users another level of security when trusting that the environment they are working in is secure and authenticated.

SEE: Windows, Linux, and Mac commands everyone needs to know (free PDF) (TechRepublic)

With the goal of enhanced trust assurance, Intel sees Project Amber as an independent trust authority in the form of an innovative, service-based security implementation. This innovation will provide businesses with the assurance that their compute assets in a variety of different environments are safe and have been independently verified to be secure. Using a third-party for the process of attestation is aimed at providing businesses with peace of mind that will assure enterprises that their environments are adequately secured.

In the initial rollout of Project Amber, Intel expects the service to work on a number of different platforms, deployed as bare metal containers, virtual machines and containers running in virtual machines using Intel TEEs. The initial release will support Intel TEEs, with plans to extend coverage to platforms, devices and other TEEs in the future.

The service is set to be independent of the cloud, supporting confidential computing workloads in the public cloud and in private, hybrid cloud and in edge computing. Trust has become a key for many industries today, helping prevent businesses from being exploited through a number of different types of malware and ransomware.

Intel says it plans to launch a customer pilot of Project Amber in the second half of this year, followed by general availability for enterprises in the first half of 2023.