Canonical and Intel bring confidential computing with Intel TDX on Ubuntu
Addressing the challenge of data security at run-time, a critical issue in computing, has led to the development of confidential computing.
This movement aims to safeguard data in use, particularly as data must be decrypted in system memory for processing. Intel Trust Domain Extensions (Intel TDX) is a significant contribution to Intel's confidential computing portfolio, addressing this need.
Canonical and Intel have formed a strategic partnership to ensure that customers have access to an Ubuntu build optimised for Intel, complete with the latest host-to-guest patches. These patches are available by default, even before being integrated into the mainstream Ubuntu images.
Intel TDX on 5th Gen Intel Xeon scalable processors
Intel TDX, available on 5th Gen Intel Xeon scalable processors, introduces architectural elements to enhance run-time security in virtualised environments. It establishes secure virtual machines or trust domains (TDs), protected against various software threats. Intel TDX also defends against physical access attacks on platform memory, incorporating a new AES-128 hardware encryption engine in the CPUs to encrypt memory pages at run-time.
Initially limited to select 4th Gen Intel Xeon scalable processors and offered by a few public Cloud providers, Intel TDX is now broadly available through 5th Gen Intel Xeon scalable processors. These processors ensure IT investment longevity with backward compatibility and offer a portfolio of silicon-based security features.
Mark Skarpness, Vice President and General Manager of System Software Engineering at Intel, states: “Intel has a well-established and collaborative relationship with Canonical, and we work closely to enable our security capabilities within the Ubuntu operating environment. Through our collaboration, Canonical now offers an Intel-optimised version of their enterprise distributions that incorporates all the latest Intel TDX architectural elements and innovations in 5th Gen Xeon Scalable processors. This will provide customers with the confidence that their most sensitive data is more secure, while also helping maintain privacy and promote compliance.”
Cindy Goldberg, VP of Silicon Alliance at Canonical, expresses excitement about extending their partnership with Intel into Intel TDX, saying: “This will enable 5th Gen Intel Xeon scalable processors’ users to start building their confidential computing infrastructure with Ubuntu today, and benefit from its strong hardware-rooted confidentiality and integrity security guarantees.”
The collaboration also addresses the potential lag between silicon innovation and software readiness. Canonical has released an Intel TDX private preview on Ubuntu 23.10, laying the groundwork for future plans with Ubuntu 24.04 LTS. This staged approach includes incremental security maintenance and enterprise support, with Canonical providing first-line support and Intel handling second-line support.
Looking forward, this partnership between Canonical and Intel is a significant step in advancing confidential computing, bridging the gap between hardware innovation and software capabilities. The availability of Ubuntu-based Intel TDX on major public Cloud providers enables the development of multi-cloud hybrid confidential computing strategies. Canonical invites users to deploy the Ubuntu Intel TDX build and provide feedback, emphasising the importance of collaborative efforts in enhancing data security.
Product Spotlight
APV1111GVY
Panasonic
Panasonic PhotoMOS® Photovoltaic MOSFET High-Power Drivers
| SKU: | |
|---|---|
| Stock: | 3490 |
| Cost: | $3.95 |
