Intel’s Approach To Zero Trust Architecture

Intel has technologies in place to allow immutable identifiers inside the chips.

Rooted in the principle of ‘never trust, always verify’ is a strategic security initiative that prevents successful data breaches by eliminating the concept of ‘trust’ from an organisation’s network architecture. The Zero Trust Architecture works upon traditional systems’ flaw, which believes that data needs to be only protected from outside of an organisation.

Intel is one of the companies that believe that cybersecurity measures and zero trust, in particular, should not be just restricted to networks or systems but must be applied all the way down inside the silicon. To this end, Intel has technologies in place to allow immutable identifiers inside the chips. Each transaction on the internal fabrics has a hardware-generated identifier. In addition, mutual authentication is required between chiplets within a package. Intel says that these measures are the company’s ways of introducing the zero-trust concept to its design.

Intel’s Zero Trust Approach 

Many security paradigms still rely on physical connectivity in hardware. This means that when access is on a hardware bus, it is often considered legitimate. Typically, hardware designers are not taught to ask questions. A bit or message is automatically assumed to come from the right party. As attackers become increasingly sophisticated in physical attacks, these assumptions must be questioned just as the paradigm of authenticating the network once was questioned.

Subscribe to our Newsletter

Join our editors every weekday evening as they steer you through the most significant news of the day, introduce you to fresh perspectives, and provide unexpected moments of joy
Your newsletter subscriptions are subject to AIM Privacy Policy and Terms and Conditions.

To counter this, Intel and others in the industry have contributed technology on the system level like the DMTF’s Security Protocol and the Data Model (SPDM). This model allows for secure collaboration between hardware elements similar to how TLS and HTTPS secure web transactions. Intel also used PCI-SIG and Compute Express Link to add Integrity and Data Encryption (IDE), which helps protect physical links to accelerators such as GPUs when implemented. 

As mentioned above, Intel intends to widen the scope of zero trust to hardware as well. While hardware development has different characteristics than software, the two share a lot of commonalities in terms of security principles. 

Some of Intel’s security principles for hardware are: 

  • Fail safely and securely
  • Memory management checks
  • Least-privilege access
  • Protect the weakest part of the design
  • Blocking Resource Access for specific tasks
  • Inventing simple architectures
  • Easy to use security mechanisms.

(Source: Intel)

Intel applies these principles while developing the security technologies of their products to improve fundamental security, protection of data and workloads, and software reliability. This provides the customers with robust technologies which strengthen their safety and thus support a Zero Trust infrastructure.

Intel SGX

Today Intel has Software Guard Extensions (Intel SGX), Virtualization Technology, and other technology designed to protect data and memory against operating system uncertainty and other applications. 

Intel Software Guard Extensions were originally created for protecting identities on laptop machines. Since then, Intel SGX has been expanded beyond the initial small data scenarios it was created for and into big data environments like on-premises data centres or hyperscale cloud infrastructure. Intel SGX allocates a section of memory that is set aside as an encrypted data enclave.

Intel SGX denies entry to any non-approved user. This feature makes it a powerful tool for a zero-trust approach to security. Furthermore, since the code and the data are secluded within the data enclave, Intel SGX successfully thwarts any attack, even the ones that completely breach the other systems in the organisation.

This differentiation makes Intel SGX critical for zero trust. As a result, Intel SGX runs with the least amount of trust necessary to ensure that your data remains confidential.

Ritika Sagar
Ritika Sagar is currently pursuing PDG in Journalism from St. Xavier's, Mumbai. She is a journalist in the making who spends her time playing video games and analyzing the developments in the tech world.

Download our Mobile App


AI Hackathons, Coding & Learning

Host Hackathons & Recruit Great Data Talent!

AIM Research

Pioneering advanced AI market research

Request Customised Insights & Surveys for the AI Industry


Strengthen Critical AI Skills with Trusted Corporate AI Training

Our customized corporate training program on Generative AI provides a unique opportunity to empower, retain, and advance your talent.

AIM Leaders Council

World’s Biggest Community Exclusively For Senior Executives In Data Science And Analytics.

3 Ways to Join our Community

Telegram group

Discover special offers, top stories, upcoming events, and more.

Discord Server

Stay Connected with a larger ecosystem of data science and ML Professionals

Subscribe to our Daily newsletter

Get our daily awesome stories & videos in your inbox