Intel Trusted Execution Technology is a hardware solution that validates the behavior of key components within a server or PC at startup. Known as the “root of trust,” the system checks the consistency in behaviors and launch time configurations against a “known good” sequence. It is designed to help protect against software-based attacks, Intel Trusted Execution Technology integrates new security features and capabilities into the processor, chipset and other platform components. Using this verified benchmark, the system can quickly assess whether any attempts to alter or tamper with the launch time environment have been made. It provides a general-purpose safer computing environment capable of running a wide variety of operating systems and applications. When used in conjunction with Intel Virtualization Technology, Intel Trusted Execution Technology Provides hardware rooted trust in which a chain of trust for your execution environment can be built upon.
Intel Trusted Execution Technology capabilities include protected execution and memory spaces where sensitive data can be processed out of view of any other software. Sealed storage shields encryption keys and other data from attack while in use or stored. Attestation enables a system to provide assurance that it has correctly invoked the Intel Trusted Execution Technology environment, as well as enable a verified measurement of the software running in the protected space. Measured launch capability to help Reduce IT support costs with improved services Enable decentralized or remote computing, Verify platform configuration with a higher level of assurance Memory protection to help - Enhance protection of system resources, Increase confidentiality and integrity of data – Improve assurance of data transfers and resources – Improve protection of sensitive information
Benefits of Trusted Execution Technology
Trusted Execution Technology. The use models
1. Local verification
Local verification uses the measurement capability of Trusted Execution Technology to allow the local user to have confidence that the platform is executing in a known state. The confidence comes from the hardware ability of Trusted Execution Technology to properly measure the launched configuration and store the measurement in the platform Trusted Platform Module -TPM
2. Remote verification
Remote Verification Remote verification takes the measurements obtained by Trusted Execution Technology and stored in the TPM, and uses the TPM to inform remote (not executing on the platform) entities about the current platform configuration. Of essence in this use model is that the remote entity can rely on the properties of Trusted Execution Technology to provide the protections listed above
3. Multi-level operation
Multi-level operation takes advantage of the memory protections provided by Trusted Execution Technology to run two or more applications or operating systems that require strict separation and
managed communication between the entities. Those wishing to rely on these properties make use of either local or remote verification to ensure that the proper environment is setup and executing.
Intel Trusted Execution Technology capabilities include protected execution and memory spaces where sensitive data can be processed out of view of any other software. Sealed storage shields encryption keys and other data from attack while in use or stored. Attestation enables a system to provide assurance that it has correctly invoked the Intel Trusted Execution Technology environment, as well as enable a verified measurement of the software running in the protected space. Measured launch capability to help Reduce IT support costs with improved services Enable decentralized or remote computing, Verify platform configuration with a higher level of assurance Memory protection to help - Enhance protection of system resources, Increase confidentiality and integrity of data – Improve assurance of data transfers and resources – Improve protection of sensitive information
Benefits of Trusted Execution Technology
Trusted Execution Technology. The use models
1. Local verification
Local verification uses the measurement capability of Trusted Execution Technology to allow the local user to have confidence that the platform is executing in a known state. The confidence comes from the hardware ability of Trusted Execution Technology to properly measure the launched configuration and store the measurement in the platform Trusted Platform Module -TPM
2. Remote verification
Remote Verification Remote verification takes the measurements obtained by Trusted Execution Technology and stored in the TPM, and uses the TPM to inform remote (not executing on the platform) entities about the current platform configuration. Of essence in this use model is that the remote entity can rely on the properties of Trusted Execution Technology to provide the protections listed above
3. Multi-level operation
Multi-level operation takes advantage of the memory protections provided by Trusted Execution Technology to run two or more applications or operating systems that require strict separation and
managed communication between the entities. Those wishing to rely on these properties make use of either local or remote verification to ensure that the proper environment is setup and executing.