Intel Helps IntellectEU Fight Insurance Fraud with ClaimShare

security cyberweek 2x1
What’s New: IntellectEU, a technology company focused on emerging technologies, digital finance and insurtech, has implemented Intel® Software Guard Extensions (Intel® SGX) to secure ClaimShare, its new insurance fraud detection platform. ClaimShare uses R3’s Conclave confidential computing platform powered by Intel SGX and enabled on Microsoft Azure. Additionally, ClaimShare utilizes Corda blockchain and artificial intelligence to help solve the insurance industry’s growing problem with fraudulent duplicate claims.

“The application of Intel SGX technology and confidential computing to help combat this prominent form of insurance fraud will be a game changer for insurance companies. GDPR (General Data Protection Regulation) and strict data privacy compliance is critical in the insurance industry, and innovative solutions like ClaimShare will support collaboration, communication and further privacy.”
–Michael Reed, Intel director of Confidential Computing

Why It Matters: According to the FBI, the total cost of non-health insurance fraud is estimated to be more than $40 billion a year, meaning insurance fraud costs the average U.S. family between $400 and $700 a year in increased premiums. And while insurance companies invest in fraud-prevention technologies to identify patterns of fraudulent behavior, they are often limited to internal data. Coupled with a lack of collaboration, this proves problematic when bad actors create multiple claims for the same loss event at multiple insurers – a duplicate claims fraud also called “double dipping.”

IntellectEU launched its innovative solution ClaimShare to solve this problem of “double-dipping.” ClaimShare’s industrywide platform facilitates secure data sharing between insurers, powered by confidential computing and Intel SGX. Confidentiality is crucial given regulatory and privacy constraints when sharing sensitive, personal insurance information.

“ClaimShare is the first industrywide platform that addresses these fraudulent challenges in the insurance industry while respecting business and client privacy. Until recently, there was no technology that supported this way of data exchange. With the recent advancements and adoption of enterprise blockchain and confidential computing, insurers can now securely and privately share and match data. We are fighting insurance fraud head-on,” said Chaim Finizola, director of ClaimShare.

How It Works: Once the insurer validates the claims, ClaimShare separates claims data into personally identifiable information (PII) and non-personally identifiable information (non-PII). Using the Corda distributed ledger, the non-PII is shared between the insurers and matched using fuzzy matching algorithms to identify suspicious claims. Once claims are suspected of being fraudulent, confidential computing is used to match the PII, confirming the fraud attempt before the second payout happens for the same claim.

ClaimShare offers a duplicate fraud claim verification solution across insurers, significantly decreasing the number of fraudulent claim payouts by enabling industry collaboration. This allows insurers to put public claims data on the ClaimShare ledger after verification so other insurers can check if the claim has already been paid.

Intel SGX uses a hardware-based trusted execution environment or enclave – an area of memory with a higher level of security protection – to help isolate and protect specific application code and data in memory. By creating a confidential computing environment with Intel SGX, ClaimShare can improve the security of encrypted data sharing and collaboration between insurers and help ensure privacy so that no competitive or sensitive information is leaked. The pilot detection program focused on auto insurance but can be replicated for other insurance products.

More Context: Security News at Intel

Intel Partner Stories: Intel Customer Spotlight on Intel.com | Partner Stories on Intel Newsroom

The post Intel Helps IntellectEU Fight Insurance Fraud with ClaimShare appeared first on Intel Newsroom.

People, Processes, Products Define Intel’s Security Strategy

martin dixon
Martin G. Dixon
Intel fellow and Vice President, Intel Security Architecture and Engineering Group

By Martin G. Dixon

For more than 50 years, Intel has played a key role in shaping the future of computing and communications technologies that are the foundation of the world’s innovations. We strive to design, manufacture and sell the world’s most secure technology products. We also understand there is an intersection between innovation and security that requires a sense of trust.

Utilizing the breadth and scale of our reach is not something we take lightly. It takes commitment and a willingness to invest heavily in building systems that are resistant to emerging threats and to strategize for those that are not yet realized.

More: Security News at Intel

IDC expects worldwide security spending to reach $174.7 billion in 2024 with a compound annual growth rate of 8.1% over the 2020-2024 forecast period.1

Every year, even as the total investment in cybersecurity grows, vulnerabilities persist with an ever-increasing volume of threats to the confidentiality, integrity and availability of data.

Security doesn’t just happen. At Intel, our success relies on the success of our customers, and it starts with us. We have a clear long-term strategy, and it boils down to our people, our processes and our products.

People

I am proud that many of the world’s greatest security experts are at Intel. These trusted leaders are embedded across every product group, from architects and designers to technologists and researchers, and help ensure we all operate with a security-first mindset.

It is our people who build new security capabilitiesprotect against evolving threats and co-engineer security solutions with our partners. Our products are highly complex, and we cannot anticipate the myriad ways in which they will be used nor how sophisticated third parties will seek to undermine their integrity. We work with skilled security researchers across the globe to identify, test and validate the security of Intel products through our Bug Bounty Program and academic programs, including the Side Channel Academic Program.

Beyond what we do for Intel, we also work with the broader community and contribute to industry standardsdiscussions and think tanks to accelerate industry-level progress in security. Our success depends on executing the best possible products, and for that, we must have a culture where individuals are heard and the best idea wins.

As Nilofer Merchant wrote in the Harvard Business Review, “Culture Trumps Strategy, Every Time.” It is this culture that helps ensure that everything we build is designed to deliver the highest performance and optimal protections.

Processes

As we consider who we are and what’s changing in the world, we prioritize innovation, execution, culture and impact. We established the Intel Security Architecture and Engineering Group to lead this effort.

The entirety of a product’s life needs to be secure, and our development practices stem from a security development lifecycle (SDL). Intel SDL is a robust set of processes that integrates security principles and privacy tenets into every step of product development, from concept to support. We take a holistic approach to SDL, customizing the process to address the highly integrated nature of hardware, firmware and software development. This helps to ensure the delivery of a trustworthy product that can be effectively supported from beginning to end of life.

Building security and privacy into products from concept to retirement is not only a strong development practice, but it is also essential to enable customers to truly unleash the power of their data.

Once products are released, we continue to support them and address vulnerabilities. Our SDL process is closely connected to the Intel Product Security Incident Response Team and our internal research efforts that contribute to ongoing security assurance for products both in development and in the field. We feed the learnings of vulnerabilities directly into the concept and architecture stages of our products — constantly learning as threats evolve.

In 2020, 92% of vulnerabilities addressed in our products were a direct result of the proactive investment in our processes. It is our processes that allow us to address threats in a manner that is both comprehensive and maintains high performance, while adapting to new classes of vulnerabilities.

Products

Security is a system-level property rooted in the silicon. Every component in the system — from software to silicon — needs to do its part to help keep data secure.

Today, billions of devices are interconnected and operate in increasingly diverse and complex environments requiring workloads to execute seamlessly between different architectures, with data moving through a multitude of hierarchies. To address these challenges, our product strategy focuses on three areas: foundational security, workload protection and software reliability.

We start with a solid foundation of security to build upon. Intel has delivered security engines being used more than a billion times worldwide. Our platforms have features such as Intel® OS Guard, BIOS Guard and Boot Guard, which help them start up correctly and verify that it is running as expected. These and other technologies are the building blocks that provide ways to verify trustworthiness of devices and data.

Once a platform has started correctly, the next step is to protect workloads. These workloads vary depending on the environment, and to help protect data that moves through them, we continue to build upon silicon-based control schemes that optimize security and performance in foundational technologies. One such example of this is the work Intel is doing to accelerate the use and performance of stronger cryptographic algorithms that encrypt data.

The primary way attackers get into systems continues to be through something they can scale — and that is software. Intel has a history of improving software reliability by building silicon enhancements realized through logic inside the processor. These architectural advancements can result in considerably less execution overhead compared to software-only implementations. A recent example of this work is the release of Intel® Control-flow Enforcement Technology, which helps find the weaknesses that lead to common malware attack methods that have been a challenge to mitigate with software alone.

Security solutions rooted in hardware provide the greatest opportunity to provide security assurance against current and future threats. Intel hardware, and the added assurance and security innovation it brings, helps to harden the layers of the computing stack.

Intel is shaping the future of computing and communications technologies that are the foundation of the world’s innovations. Our success relies on the success of our customers and it is though our ongoing commitment and investment that we earn our customers’ trust.

Martin G. Dixon is an Intel fellow and vice president in the Intel Security Architecture and Engineering Group at Intel Corporation.

1 IDC’s Worldwide Security Spending Guide, 2020V2, July 2020.

The post People, Processes, Products Define Intel’s Security Strategy appeared first on Intel Newsroom.

Demetics Protects AI-Based Medical Innovation with Intel SGX

What’s New: Demetics Medical Technology Co. Ltd. is using Intel® Software Guard Extension (Intel® SGX) and Intel® oneAPI Math Kernel Library (oneMKL) to protect its medical artificial intelligence (AI) algorithms and intellectual property (IP) in medical devices at the edge. A pioneer in China of AI-based ultrasonography, Demetics accelerated adoption of DE-Light, its independently developed deep-learning framework that has shown outstanding performance and improved the accuracy of thyroid nodule detection under an open source framework by 30% to 40%.1

“Due to the nature of the medical industry, some artificial intelligence vendors have to deploy their solutions on the client side. Therefore, protecting the core intellectual property of manufacturers’ AI models has become an urgent need. The trusted execution environment technology based on Intel SGX technology has become the most cost-effective and ultimate solution for runtime protection. With the support of Intel, they [Demetics] strategically apply SGX technology to a series of AI products, including its ultrasonic AI products, greatly enhancing its market competitiveness and innovation capabilities.”
–Yali Liang, Intel vice president in the Sales, Marketing and Communications Group and general manager of PRC Business Consumption

Why It Matters: Ultrasonic imaging diagnosis and analysis are widely used and an important part of current healthcare diagnosis and treatment; however, imaging examination depends heavily on manual analysis and can be inefficient.

One of AI’s greatest values in medicine is its quick analysis of a large amount of data and its ability to obtain accurate results. By using intelligent imaging diagnostics, AI technology in diagnosis and analysis can help medical institutions accelerate detection and treatment. Doctors can improve the efficiency of film reading, reduce the probability of misdiagnosis and obtain diagnostic assistance, while patients can receive more accurate diagnoses and personalized treatment recommendations.

Demetics has successfully deployed AI medical application products in more than 400 hospitals across China, and it plans to deploy in more than 1,000 hospitals in the coming year.

How It Works: Demetics launched the AI-SONIC™ computer-aided diagnosis system for ultrasonic imaging and also developed several other AI products that use Intel SGX to protect algorithms. In the ultrasonic AI model solution, to ensure that the algorithm in Intel SGX can make full use of the computing power of Intel® processors, the project team, with the help of the Intel® C++ Compiler, manually optimized the core calculation of the algorithm floating-point matrix multiplication modeled on oneMKL.

demetics ultrasonic model protection
AI-powered ultrasonic model protection solution based on Intel architecture.
» Click for full image

oneMKL is a highly optimized and parallel library of mathematical functions for Intel and its compatible processors. In different operating environments, oneMKL can automatically run runtime processor detection and specifically optimized programs on different processors, thus enabling better performance across all its processors. Intel® oneAPI Math Kernel Library (oneMKL) and Intel® oneAPI Deep Neural Network Library (oneDNN) provide underlying support for commonly used deep learning frameworks and numerous self-developed AI applications.

Intel SGX is a set of instructions that increase the security of application code and data, offering them more protection from disclosure or modification. Developers can partition sensitive information into a hardware-based trusted execution environment (TEE) or enclave — an area of memory with a higher level of security protection. The technology helps ensure the root of trust is limited to a small portion of the central processing unit’s hardware, better protecting the confidentiality and integrity of code and data.

More Context: Security News

Intel Partner Stories: Intel Customer Spotlight on Intel.com | Partner Stories on Intel Newsroom

The Small Print:

1 The test results are quoted from internal evaluation of Demetics. For more details, please contact Demetics.

The post Demetics Protects AI-Based Medical Innovation with Intel SGX appeared first on Intel Newsroom.

Intel and Consilient Join Forces to Fight Financial Fraud with AI

What’s New: Consilient, a newly formed company dedicated to establishing a next-generation system for anti-money laundering and countering the financing of terrorism (AML/CFT), launched a new secure, federated learning platform powered by Intel® Software Guard Extensions (Intel® SGX). The artificial intelligence (AI) platform aims to prevent financial crime and enable secure collaboration among financial institutions while helping to protect privacy and secure data.

“The application of the Intel Software Guard Extensions (Intel SGX) technology in the financial space is incredibly exciting. Finance, as we’ve seen in many industries, is often limited by secure information sharing, and initial trial results between Intel and Consilient hold tremendous promise for the future of collaborative finance.”
–Anil Rao, Intel vice president and general manager, Data Platforms Security and Systems Architecture

Why It Matters: According to the United Nations, between 2% and 5% of gross domestic product (GDP) is laundered globally every year, which amounts to $800 billion to $2 trillion. Recognizing the need to move beyond a manual and fragmented monitoring system, Consilient built an intelligent, collaborative and always-on solution that leverages federated learning and Intel SGX to detect financial fraud.

By automating this process through federated learning, access to multiple datasets, databases and jurisdictions are encrypted without ever revealing the data or sensitive customer information to the different parties involved. Government and financial institutions can use this new platform to more accurately and efficiently detect illicit activity, with lower false positive rates, helping to combat financial crime, thwart higher-value money laundering, and enable legitimate individuals and businesses to manage risk more effectively.

“When banks try to detect illicit and fraudulent activity, the system is highly inefficient and ineffective, with over 95% of transaction monitoring rendering false positives and institutions unable to see risk beyond their own walls,” said Juan Zarate, global co-managing partner and chief strategy officer at K2 Integrity and first-ever assistant secretary of the U.S. Treasury for Terrorist Financing and Financial Crimes. “With Consilient’s federated machine learning technology, backed by Intel SGX, we are redesigning the way financial institutions and authorities discover and prevent financial crime risk dynamically and securely. This new approach allows organizations to save costs, redeploy personnel, and manage and prioritize more serious illicit finance risks efficiently and effectively.“

How It Works: Federated learning is a privacy-preserving machine learning (ML) technique and confidential computing model that enables AI training without centralizing data. Consilient has created a behavioral-based, ML-driven platform that runs on its DOZER™ technology. ML models can be trained across multiple datasets to detect and analyze “normal” and “abnormal” patterns that humans and most current technologies cannot. This allows participating institutions, authorities and regulators to collaborate while uncovering and managing systemic risks more effectively, efficiently and sustainably without putting private data at risk.

This computing model is made possible through Intel SGX, which uses a hardware-based trusted execution environment (TEE) to help isolate and protect specific application code and data in memory. The technology helps ensure the root of trust is limited to a small portion of the central processing unit’s hardware and the ML application itself, reducing the attack surface for potential threats, and better protecting the confidentiality and integrity of code and data.

consilients federated learning framework
» Click for full image

More information on using federated learning in the financial services industry is available in the white paper titled, Federated Learning through Revolutionary Technology.

More Context: Intel Works with University of Pennsylvania in Using Privacy-Preserving AI to Identify Brain Tumors | Advancing Both AI and Privacy is Not a Zero-Sum Game (Fortune Op-Ed)

Intel Customer Stories: Intel Customer Spotlight on Intel.com | Customer Stories on Intel Newsroom

The post Intel and Consilient Join Forces to Fight Financial Fraud with AI appeared first on Intel Newsroom.

Intel Xeon Scalable Platform Built for Most Sensitive Workloads

NEWS HIGHLIGHTS

  • Intel introduces new security technologies to help secure sensitive workloads and enable new opportunities to unleash the power of data in its upcoming 3rd Generation Intel® Xeon® Scalable Platform, code-named “Ice Lake.”
  • Proven Intel® Software Guard Extensions comes to the volume mainstream server platform with Ice Lake, along with new technologies that include Intel® Total Memory Encryption, Intel® Platform Firmware Resilience and new cryptographic performance accelerators to address today’s most pressing data protection concerns.
  • With revolutionary new capabilities, Intel’s approach is to drive continuous innovation and deep collaboration with technology partners to improve the confidentiality and integrity of data.

SANTA CLARA, Calif., Oct. 14, 2020 – Intel today unveiled the suite of new security features for the upcoming 3rd generation Intel® Xeon® Scalable platform, code-named “Ice Lake.” Intel is doubling down on its Security First Pledge, bringing its pioneering and proven Intel® Software Guard Extension (Intel® SGX) to the full spectrum of Ice Lake platforms, along with new features that include Intel® Total Memory Encryption (Intel® TME), Intel® Platform Firmware Resilience (Intel® PFR) and new cryptographic accelerators to strengthen the platform and improve the overall confidentiality and integrity of data.

Data is a critical asset both in terms of the business value it may yield and the personal information that must be protected, so cybersecurity is a top concern. The security features in Ice Lake enable Intel’s customers to develop solutions that help improve their security posture and reduce risks related to privacy and compliance, such as regulated data in financial services and healthcare.

“Protecting data is essential to extracting value from it, and with the capabilities in the upcoming 3rd Gen Xeon Scalable platform, we will help our customers solve their toughest data challenges while improving data confidentiality and integrity. This extends our long history of partnering across the ecosystem to drive security innovations,” said Lisa Spelman, Intel corporate vice president in the Data Platform Group and general manager of the Xeon and Memory Group.

Data Protection across the Compute Stack

Technologies such as disk- and network-traffic encryption protect data in storage and during transmission, but data can be vulnerable to interception and tampering while in use in memory. “Confidential computing” is a rapidly emerging usage category that protects data while it is in use in a Trusted Execution Environment (TEE). Intel SGX is the most researched, updated and battle-tested TEE for data center confidential computing, with the smallest attack surface within the system. It enables application isolation in private memory regions, called enclaves, to help protect up to 1 terabyte of code and data while in use.

“Microsoft Azure was the first major public cloud to offer confidential computing, and customers from industries including finance, healthcare, government are using confidential computing on Azure today,” said Mark Russinovich, chief technology officer, Microsoft Azure. “Azure has confidential computing options for virtual machines, containers, machine learning, and more. We believe the next-generation Intel Xeon processors with Intel SGX featuring full memory encryption and cryptographic acceleration will help our customers unlock even more confidential computing scenarios.”

Customers like the University of California San Francisco (UCSF)NECMagnit and other organizations in highly regulated industries have relied on Intel to support their security strategy and leveraged Intel SGX with proven results. For example, healthcare organizations can more securely protect data — including electronic health records — with a trusted computing environment that better preserves patient privacy. In other industries, such as retail, companies rely on Intel to help keep data confidential and protect intellectual property. Intel SGX helps customers unlock new multiparty shared compute scenarios that have been difficult to build in the past due to privacy, security and regulatory requirements.

Intel is also introducing new security capabilities to improve data protection and strengthen the platform, including:

  • Full memory encryption: To better protect the entire memory of a platform, Ice Lake introduces a new feature called Intel Total Memory Encryption (Intel TME). Intel TME helps ensure that all memory accessed from the Intel® CPU is encrypted, including customer credentials, encryption keys and other IP or personal information on the external memory bus. Intel developed this feature to provide greater protection for system memory against hardware attacks, such as removing and reading the dual in-line memory module (DIMM) after spraying it with liquid nitrogen or installing purpose-built attack hardware. Using the National Institute of Standards and Technology (NIST) storage encryption standard AES XTS, an encryption key is generated using a hardened random number generator in the processor without exposure to software. This allows existing software to run unmodified while better protecting memory.
  • Cryptographic acceleration: One of Intel’s design goals is to remove or reduce the performance impact of increased security so customers don’t have to choose between better protection and acceptable performance. Ice Lake introduces several new instructions used throughout the industry, coupled with algorithmic and software innovations, to deliver breakthrough cryptographic performance. There are two fundamental innovations. The first is a technique to stitch together the operations of two algorithms that typically run in combination yet sequentially, allowing them to execute simultaneously. The second is a method to process multiple independent data buffers in parallel.
  • Growing resilience: Sophisticated adversaries may attempt to compromise or disable the platform’s firmware to intercept data or take down the server. Ice Lake introduces Intel® Platform Firmware Resilience (Intel PFR) to the Intel Xeon Scalable platform to help protect against platform firmware attacks, designed to detect and correct them before they can compromise or disable the machine. Intel PFR uses an Intel FPGA as a platform root of trust to validate critical-to-boot platform firmware components before any firmware code is executed. The firmware components protected can include BIOS Flash, BMC Flash, SPI Descriptor, Intel® Management Engine and power supply firmware.

Privacy-preserving, trusted platforms in the upcoming 3rd generation Xeon Scalable processors will help drive even greater innovative services, usage models and solutions for organizations looking to activate the full value of their data.

To learn more about how Intel SGX can help protect sensitive workloads and data, visit www.intel.com/sgx and www.confidentialcomputing.io.

More Use Cases:

The post Intel Xeon Scalable Platform Built for Most Sensitive Workloads appeared first on Intel Newsroom.

Intel SGX Enables Magnit to Create a Trusted Computing Environment

magnit 2x1 1
Magnit, one of Russia’s leading food retail chains, implemented Intel SGX into its digital advertising data management platform. Developed by Aggregion and Scontain, the platform is built on Azure Confidential Computing and is designed to improve the accuracy of audience targeting in advertising campaigns by using anonymized customer data, such as purchases in Magnit supermarkets. (Credit: Magnit)

What’s New: Magnit, one of Russia’s leading food retail chains with more than 20,000 locations and 16 million daily visitors, has implemented Intel® Software Guard Extensions (Intel® SGX) into its digital advertising data management platform. The platform, developed by Aggregion and Scontain, is built on Azure Confidential Computing powered by Intel SGX. Designed to improve the accuracy of audience targeting in advertising campaigns by using anonymized customer data – such as purchases in Magnit supermarkets – the platform utilizes Intel SGX technology to protect the environment’s source data.

“Using Intel SGX has allowed us to build a platform that can securely and privately process data from a variety of partners. This allows us to all collaborate better and create more effective advertising campaigns for customers. Our team is extremely excited about the upcoming enhancements to Intel SGX that will allow the secure enclaves to handle even more data, meaning we can further scale our data management platform.”
–Fabian Schaefer, Director of Analytics and data management, Magnit

Why It Matters: Intel SGX gives organizations the ability to use hardware-based controls when securing data. More specifically, it delivers hardware-based memory encryption that helps isolate specific application code and data in memory. Organizations like Magnit can use these private regions of memory, called enclaves (or Trusted Execution Environments or TEEs) to increase the security of application code and data. These enclaves are designed to protect data by isolating it from the rest of the environment – for example, the operating system, hypervisor, other applications, virtual machine admin, host admin and physical memory access.

The transmitted information is also encrypted and decoded once inside the enclave, improving application integrity and helping to ensure data privacy. Finally, all applications running in a protected area are verified and signed by all data suppliers, which helps protect against malicious functions hidden in application code.

Magnit utilizes Intel SGX when working with partners who want to participate in campaigns through their data management platform but may have privacy and data-sharing concerns. Creating systems that securely process and share data from multiple parties (such as advertisers, Fast Moving Consumer Goods organizations and the actual retailers) has historically been a monumental challenge. By creating a confidential computing environment with Intel SGX, Magnit can improve the security of the data collaboration between participants that may have a need to keep data confidential and protect intellectual property, even if a lack of trust exists between parties. Magnit and its partners understand that as digitalization and the reliance on cloud continue to grow, improving code and sensitive data protection with confidential computing environments will be critical to help ensure the data will not be compromised.

More Context: Intel Xeon Scalable Platform Built for Most Sensitive Workloads (News Release)

Intel Customer Stories: Intel Customer Spotlight on Intel.com | Customer Stories on Intel Newsroom

The post Intel SGX Enables Magnit to Create a Trusted Computing Environment appeared first on Intel Newsroom.

Intel SGX Helps UCSF Propel Medical Device Innovations

ucsf 2x1 1
New Helen Diller Medical Center signs on 505 Parnassus Avenue.

What’s New: The University of California San Francisco’s (UCSF) Center for Digital Health Innovation (CDHI) is using Intel® Software Guard Extensions (Intel® SGX) featured in Intel® Xeon® E processors and Fortanix® Confidential Computing Enclave Manager to help streamline certification of breakthrough medical devices with embedded artificial intelligence (AI) capabilities. The UCSF BeeKeeperAI™ project utilizes the unique hardware enhanced security of Intel SGX to accelerate the validation of the devices’ data and algorithms in order to improve both patient care and privacy. Validating these algorithms against multiple distinct datasets owned by various organizations can be challenging and time-consuming, but essential for user security.

“UCSF’s Center for Digital Health Innovation is pleased to be collaborating with Fortanix, Intel and Microsoft Azure to establish a confidential computing platform with privacy-preserving analytics to accelerate the development and validation of clinical algorithms. The platform will provide a ‘zero trust’ environment to protect both the intellectual property of an algorithm and the privacy of healthcare data. Using Fortanix Enclave Manager for orchestration of Intel’s SGX enclaves on Azure confidential computing infrastructure with Azure Kubernetes Service (AKS), and CDHI’s proprietary BeeKeeperAI data access, transformation, and orchestration workflows, the platform will reduce the time and cost of developing clinical algorithms.”
–Michael Blum, MD, associate vice chancellor for informatics, executive director of CDHI and professor of medicine at UCSF

Why It Matters: UCSF is leveraging the Fortanix Confidential Computing Enclave Manager platform that uses Intel SGX to help protect the privacy of patient data. Intel SGX enables the platform to create a trusted computing environment that offers hardware-based memory encryption that helps isolate specific application code and data in memory. This means the BeeKeeperAI project can use these private regions of memory, called enclaves (or Trusted Execution Environments or TEEs), to increase the security of application code and data (to run signed applications in enclaves). This enables other organizations to confidently work together to validate the algorithms while helping to keep each organization’s data confidential and protect intellectual property.

Gaining regulatory approval for clinical AI algorithms requires highly diverse and detailed clinical data to develop, optimize and validate unbiased algorithm models. Algorithms used in the context of delivering healthcare should be capable of consistently performing across diverse patient populations, socioeconomic groups and geographic locations, and be equipment-agnostic. Few research groups, or even large healthcare organizations, have access to enough high-quality data to accomplish these goals.

How It Works: The platform will provide a “zero-trust” environment designed to protect both the intellectual property of an algorithm and the privacy of healthcare data, while CDHI’s proprietary BeeKeeperAI will provide the workflows to enable more efficient data access, transformation and orchestration. The confidential computing technology helps protect the privacy of patient data by enabling a specific algorithm to interact with a specifically curated dataset, which remains at all times in the control of the healthcare institution. The data is placed into an enclave protected by Intel SGX and leveraging Fortanix cryptographic functions, including validating the signature of the algorithm’s image.

“BeeKeeperAI will accelerate the development of clinical AI algorithms while protecting the privacy of patient data with confidential computing technology,” said Ambuj Kumar, CEO and co-founder, Fortanix. “This groundbreaking new healthcare AI platform will enable life-saving clinical AI algorithms to be validated in days instead of years. The UCSF Center for Digital Health Innovation is using Fortanix technology to secure both the private patient data and the intellectual property of the artificial intelligence algorithms, enabling researchers to combine diverse sets of data while ensuring complete data privacy.”

More Context: Intel Xeon Scalable Platform Built for Most Sensitive Workloads (News Release)

Intel Customer Stories: Intel Customer Spotlight on Intel.com | Customer Stories on Intel Newsroom

The post Intel SGX Helps UCSF Propel Medical Device Innovations appeared first on Intel Newsroom.

NEC Creates a Confidential Computing System Backed by Intel SGX

nec 2x1 1
Intel SGX and Fortanix Confidential Computing Enclave Manager were leveraged by NEC to create a confidential computing system to more securely share, analyze and manage customer data, while also facilitating better collaboration with partners. (Credit: NEC)

What’s New: NEC, a multinational information technology and electronics company, is using Intel® Software Guard Extensions (Intel® SGX) and Fortanix® Confidential Computing Enclave Manager to build a confidential computing system that will more securely share, analyze and manage partner and customer data. This new system will facilitate better collaboration with partners on new technology initiatives, including privacy-preserving analytics in the retail, hospitality and government industries.

“Using Fortanix Confidential Computing Enclave Manager, NEC is able to create new business opportunities by combining sensitive data and performing analytics, all while preserving the privacy of both the underlying data and the intellectual property contained in the analytics algorithm. Fortanix, an early pioneer in using Intel SGX, allows customers to quickly create new confidential computing applications and secure data in use, helping NEC to create valuable business insights that weren’t possible without Fortanix and Intel. The Fortanix technology works without requiring any modification to existing applications and provides enterprise-grade management of the Intel SGX enclaves.”
–Ambuj Kumar, CEO and co-founder, Fortanix

Why It Matters: Intel SGX delivers hardware-based memory encryption that is designed to isolate specific application code and data in memory. NEC can use these private regions of memory, called enclaves (or Trusted Execution Environments or TEEs) to increase the security of application code and data on each server, including when running in public cloud. These enclaves are designed to be isolated from the rest of the environment allowing data to be better protected at the processor microarchitectural level. When information is transmitted between server nodes (from contributing partners), it is encrypted and can only be decoded once inside the enclave, in a central hub. Finally, all applications running in an enclave are verified and signed by all data suppliers, which helps protect against malicious functions hidden in application code.

NEC is specifically creating a trusted computing environment to combine customer data from multiple vendors, perform analysis and generate business insights, all while helping protect the privacy and confidentiality of the customer data from all parties. In all of these cases, the ability to establish a trusted computing environment is critical to giving both customers and businesses the confidence to perform privacy-preserving analytics.

“NEC is developing an innovative confidential computing system that will enable multiple companies to share and analyze customer data more securely across the industrial boundaries, creating value for both companies and their customers,” said Shinji Abe, executive director for Technology, NEC. “We chose Fortanix Enclave Manager using Intel Ice Lake servers to run our applications because the solution enables us to encrypt data while in use, provide precise access controls for the analytics data, and help protect the privacy of companies’ and customers’ information.”

More Context: Intel Xeon Scalable Platform Built for Most Sensitive Workloads (News Release)

Intel Customer Stories: Intel Customer Spotlight on Intel.com | Customer Stories on Intel Newsroom

The post NEC Creates a Confidential Computing System Backed by Intel SGX appeared first on Intel Newsroom.

Intel Fuels the Edge Today with Expanded Tech, Customer Deployments

tom lantzch dan rodriguez
Tom Lantzsch
Senior Vice President
General Manager, Internet of Things Group
Dan Rodriguez
Corporate Vice President
General Manager, Network Platforms Group

By Tom Lantzsch and Dan Rodriguez

Without a question, we are at a key industry inflection point with the exponential growth of data creating a massive opportunity for new business insight and revenue-generating services.

Cloud workloads are diversifying, networks are transforming to deliver 5G, artificial intelligence (AI) is pervasive and expanding, and more computing performance is moving to the edge.

Industry analysts speak to the expansion of edge computing, noting that by 2023, 75% of the data created will be outside the data center. It will be in factories, hospitals, retail stores and cities and driven by many forms of video. Additionally, more than 50% of that data will be processed, stored and analyzed closer to the creation of the data – at the edge – to deliver the right latency, bandwidth, reliability, security and privacy for a wide variety of uses across many markets.

More: IoT-Enhanced Processors Increase Performance, AI, Security | Intel Industrial Summit (Press Kit)

At Intel, we’ve been transforming computing at the edge for years – delivering customer value across a range of industries from industrial to retail to telecommunications. To meet the significant $65 billion edge silicon opportunity we expect by 2024, we are constantly expanding our suite of edge technology solutions, including purpose-designed, feature-rich silicon, open and optimized software and tools, and hundreds of preconfigured edge-to-cloud solutions.

As an example, Audi uses Intel-based edge analytics and machine learning to automate and enhance critical quality-control processes for the welds on its vehicles. Its factory systems eliminate the need to perform manual inspections. As a result, Audi simultaneously has cut labor costs by 30% to 50% and boosted weld inspections by 100 times with only 18 milliseconds latency using a repeatable, Intel-based platform that it can now extend to automate and optimize other factory processes.

To further deliver the products and solutions our customers need to drive their businesses forward, at the Intel Industrial Summit we introduced two new processors that will bring features such as new AI, security, functional safety and real-time capabilities to edge customers. Developed alongside the silicon are software tools and hardware modules that accelerate time to market for a wide range of vertical solutions so customers can quickly customize their edge applications.

In addition to what we are building, we have cultivated and are engaged with a vast ecosystem of more than 1,200 partners focused on edge computing. Working with our partners, we have more than 15,000 end customer deployments across nearly every industry. It’s a number that is growing rapidly. With Intel’s diverse edge-ready product portfolio, robust developer tools and a global partner ecosystem, we are delivering breakthrough customer value today with such organizations as Accenture, Bosch, ExxonMobil, Lumen Technologies (formerly CenturyLink), Philips, Sensormatic, Verizon and ViewSonic, among others.

At Intel, we have been, and will continue to focus on helping our customers drive better business outcomes at the edge.

Thomas (Tom) P. Lantzsch is senior vice president and general manager of the Internet of Things (IoT) Group at Intel Corporation.

Daniel (Dan) C. Rodriguez is corporate vice president and general manager of the Network Platforms Group at Intel Corporation.

The post Intel Fuels the Edge Today with Expanded Tech, Customer Deployments appeared first on Intel Newsroom.

Intel Delivers Advances Across 6 Pillars of Technology, Powering Our Leadership Product Roadmap

Raja Koduri
Raja Koduri
Senior Vice President
Chief Architect
General Manager, Intel Architecture, Graphics, and Software

By Raja Koduri

At Intel, we truly believe in the potential of technology to enrich lives and change the world. This has been a guiding principle since the company was founded. It started with the PC era, when technology enabled the mass digitization of knowledge and networking, bringing 1 billion people onto the internet. Then came the mobile and cloud era, a disruption that changed the way we live. We now have over 10 billion devices connected to supercomputers in the cloud.

We believe the next era will be the intelligent era. An era where we will experience 100 billion intelligent connected devices. Exascale performance and architecture will make this intelligence available to all, enriching our lives in more ways than we can imagine today. This is a future that inspires and motivates me and my fellow Intel architects every day.

More: Architecture Day 2020 (Press Kit)

We are generating data at a faster rate than our current ability to analyze, understand, transmit, secure and reconstruct it in real time. Analyzing a ton of data requires a ton of compute. More important, for this data to help us with insights, it needs access to compute in real time, which means low-latency, close to the user. At Intel, we are on a journey to solve this exponentially hard problem.

Since the end of the Dennard scaling era, extracting the exponential value from transistor technology inspired us to look at new approaches across the whole stack. This led us to what we call our Six Pillars of Technology Innovation, which we introduced at our Architecture Day in December 2018. We believe that delivering advances across these pillars is necessary to continue the exponential essence of Moore’s Law.

This week, at Architecture Day 2020, we showcased how we are taking this forward with a broad range of exciting new breakthroughs. We have made great progress with our diverse mix of scalarvectormatrix and spatial architectures – designed with state-of-the-art process technology, fed by disruptive memory hierarchies, integrated into systems with advanced packaging, deployed at hyperscale with lightspeed interconnect links, unified by a single software abstraction, and developed with benchmark defining security features.

You can watch all of the Architecture Day 2020 presentations in the event press kit, but let me underscore some of the highlights.

We provided more details about our disaggregated design methodology and our advanced packaging roadmap. We demonstrated our mastering of fine bump pitches in EMIB and Foveros technologies through several product iterations in graphics and FPGAs, and on the client with Lakefield.

We also shared one of the most exciting advancements in our transistor roadmap by introducing our new 10nm SuperFin technology, a redefinition of the FinFET with new SuperMIM capacitors that enables the largest single, intranode enhancement in Intel’s history, delivering performance improvements comparable to a full-node transition and enabling a leadership product roadmap.

When we integrate our next-generation Willow Cove CPU architecture with our 10nm SuperFin technology, the result is the incredible new Tiger Lake platform. We unpacked details of the upcoming Tiger Lake system-on-chip architecture, which provides a generational leap in CPU performance, leadership graphics, leadership artificial intelligence (AI), more memory bandwidth, additional security features, better display, better video and more. I know everyone is eager for all of the details on Tiger Lake and we look forward to sharing more in the coming weeks.

In addition to Tiger Lake, we provided a deep dive into our next generation Intel® Agilex™ FPGA, which provides breakthrough performance per watt. In fact, we showcased two generations of disaggregated products using EMIB and shared the first results of our 224 Gbps transceivers.

We also highlighted how Intel’s Xe GPU architecture is the foundation that helps us build GPUs that are scalable from teraflops to petaflops. Xe-LP powers leadership graphics in Tiger Lake and is our most efficient microarchitecture for PC and mobile computing platforms. Xe-LP also powers our first discrete GPU in more than 20 years, codenamed DG1. This GPU is now in production. We also introduced the first Intel® server GPU, powered by Xe-LP. This GPU will ship later this year and deliver class-leading stream density and visual quality for media transcode and streaming.

On the data center front, we announced that our firstXe-HP chip is sampling to customers. Xe-HP is the industry’s first multitiled, highly scalable, high-performance GPU architecture, providing petaflop-scale AI performance and rack-level media performance in a single package based on our EMIB technology. Xe-HP will leverage enhanced SuperFin technology.

And, our enthusiast and gamer friends, we heard your requests for Xe for enthusiast gaming. We added a fourth microarchitecture to the Xe family: Xe-HPG optimized for gaming, with many new graphics features including ray tracing support. We expect to ship this microarchitecture in 2021 and I can’t wait to get my hands on this GPU!

On software, we have talked before about our vision for providing developers a unified, standards-based programming model across all our XPU architectures. We are executing on that vision with our oneAPI Gold release available later this year. We also announced that we are offering DG1 early access to developers in Intel® DevCloud, enabling them start developing with oneAPI without need for any setups, downloads and hardware installs.

Since our last Architecture Day, we have made some big steps in memory. Most recently, as part of the 3rd Gen Intel® Xeon® Scalable processor launch (code-named “Cooper Lake”), we announced our 2nd Gen Intel® Optane™ persistent memory product (code-named “Barlow Pass”). We also remain on track to move Intel’s 4-bit-per-cell QLC into production by the end of 2020.

We also took a deeper look at how we are advancing security amid a constantly evolving threat landscape. This includes the introduction of new technologies, such Intel® Control-Flow Enforcement Technology, which delivers CPU-level security structures to help protect against common malware attack methods. And, we gave the first look at our longer-term vision around foundational security, workload protection and software reliability.

We have made major progress in advancing interconnect, too. Intel announced in March 2019 that it was working with the industry for broad support for Compute Express Link, designed to accelerate next-generation data center performance and to be offered in Sapphire Rapids. We have also had a significant lead with silicon photonics in terms of customer engagements, and as the data center continues its transformation, Intel is addressing their needs through leadership speeds and foundational and SmartNIC products for network processing offloads.

Our Intel fellows and architects are passionately working on technology for 2021, 2022 and beyond.  We provided a glimpse into our product vision for client and data center leveraging for all six pillars and disaggregated design. Our head of Intel Labs also provided a look at where emerging research areas can get us 100x to 1000x improvements in compute efficiency, including a sneak peek at neuromorphic architectures being researched in our world-leading labs.

For decades, Intel has been at the center of the technology industry. Our products, along with those of our customers, have reshaped the way we all work, live and play. But our collective journey is far from over. I believe we are at the start of a new era, an intelligent era, an exascale for everyone era. This era will be powered by unprecedented levels of compute performance and disruptions across all Six Pillars of Technology Innovation.

Raja M. Koduri is senior vice president, chief architect, and general manager of Architecture, Graphics, and Software at Intel Corporation.

Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors. Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. For more complete information about performance and benchmark results, visit http://www.intel.com/benchmarks.  

No product or component can be absolutely secure. Intel technologies may require enabled hardware, software or service activation. All product plans and roadmaps are subject to change without notice. 

Statements in this document that refer to future plans or expectations are forward-looking statements. These statements are based on current expectations and involve many risks and uncertainties that could cause actual results to differ materially from those expressed or implied in such statements. For more information on the factors that could cause actual results to differ materially, see our most recent earnings release and SEC filings at www.intc.com.

The post Intel Delivers Advances Across 6 Pillars of Technology, Powering Our Leadership Product Roadmap appeared first on Intel Newsroom.