Home > News content

Tencent Yunxia link uses Intel SGX technology to share "escort" for data flow and sharing

via:智东西     time:2021/11/15 20:13:08     readed:66

| Zer0

Edit | Indo

The core is reported on November 8th. At 2021 Tencent Digital Ecology Conference held on November 4, Intel and Tencent jointly announced a series of deepening innovation results, including joint creation of credible co-share, and code data security.

Under the block chain, Tencent cloud creates a data element sharing platform Tencent cloud link, and uses Intel SGX technology in a trusted execution environment to provide users with a trusted and traceable data interaction mechanism. Break the data barrier to achieve data fusion application.

During the General Assembly, Tencent Blade Team Technology Head of Zhang Bo, Tencent Yunxiandong Products, Liu Jiang and Intel Technical Experts shared Intel Technology and Tencent's cooperation details in many fields.

First, build a safe "flyland" in memory

Software Protection Extensions (SGX) is a very important system feature in Intel Third Generations to Strong Extensible Processors, which is a hardware-based trusted execution environment.

SGX features to ensure data security during the calculation process, which can be combined with protected data in the number of links, and then perform safety calculations in the SGX system trusted execution environment, then feedback to the user, thus excavating data The value.

After more than ten years in the industry, SGX has continuously enhanced security capabilities, can build a safe "fly" in hardware such as memory, help protect code and data, prevent data from being affected by malware attacks and permission improvements during processing. attack.

Tencent Yunxia link product is adopted by SGX technology. Tencent Yunxiando Link Products Liu Jiang recalls that when doing closed or Tob's block chain industry, many customers want to do multi-party data integration sharing, this will first achieve multi-party business cooperation through the block chain. This triggers a new problem - how to protect the business coexistence between multiple parties in the case of protecting the data ownership of each participant, the data is not domain

In this case, Tencent Cloud explored the technology of multi-confidential calculation or privacy calculation. After multi-party research and inspection, I use Intel's SGX technology, combined with its block chain technology, distributed consensus through the block chain. Solve the authorization and fusion of the user in the interaction and sharing process.

Tencent Blade Team Technical Lead, Zhang Bo, Tencent Yunxiandal Based on the underlying architecture of Tongtai, based on Intel SGX technology, such as the bottom layer is the SGX provided by the Intel CPU. Technology, the adaptation of the operating system in the middle, has a trusted calculated software layer, and there is a partial application layer.

"In the calculation process, through SGX credit computing power, protect us in the safety and privacy in the calculation process, thereby better achieving and excavating the value of user business data." Liu Jiang said.

The block chain itself as a distributed expertise, in fact, in the collaboration process, it will also face the security, transaction security, consensus safety, etc. Network sending, key issuance, key issues, etc. in the block chain, etc., as long as it interacts with the CPU memory, it has the opportunity to use SGX capabilities to protect the workloads of different levels.

"Through SGX technology, you can better ensure that our block chain is in the contract, in calculating related aspects of security." Liu Jiang referred to Tencent Yunxiao link product to put the intelligent contract related to user business into the SGX environment. In this way, the entire block chain business collaboration process is achieved, and the safety protection of business data, algorithm model, and contract itself.

Second, compute the confidential calculation requirements, optimize two important directions

According to Intel Technical Experts, SGX technology is released from the 6th generation cool processor, which is a series of lighter amounts such as DRM and passwords on the mainframe, fingerprint protection and electronic signature of electronic signatures such as electronics.

Later, the industry has developed confidential calculation, that is, to protect the data in the use, and memory data interacting with the CPU is generally understood as data in use. After seeing this trend, Intel combines the customer's confidentiality calculation, bringing SGX's ability to the server. The latest release of single and dual-third-generation Intel to strong extensible processors have supported 1TB reserved encryption memory area.

SGX technology has two important development directions. The first is that Tencent cloud supports SGX functionality in its public cloud. Tencent Cloud's users have applied for a virtual machine product, which will have an exhibition of SGX capabilities, how to interact to hundreds of virtual machines with SGX protection, which is the function of the SGX architecture is researching and perfect.

On the other hand, when many customers deploy SGX, a very important feature is remote authentication, because if there is no authentication of the remote machine has allocated a legal memory, it is difficult to load the real workload. This requires the application side to make specific requirements and then achieve the necessary personalization by Intel SGX.

With regard to continuous optimization of safety mechanism, Intel technology experts said that Intel cooperates with many research institutions in the industry, constantly testing their CPU, ensuring that CPUs, especially SGX trust roots can have an early perception and protection. "We are currently in the field of trusted environments, we are the most extensive industry research, discovery problems, and is also the most efficient implementation. With the development of technology, we are constantly optimizing our technology."

Conclusion: Building a trusted data interaction mechanism, open a digital economic bridge

Liu Jiang believes that the largest value of the block chain is to provide better underlying technology, trusted foundation, through the consenscious mechanism, distributed storage, and network technology through the block chain, and better. In the original application closed loop, a data value transmission medium is built to help the development of the entity industry.

At present, there are 50 application scenarios in Tencent block chains, such as supply chain finance, food traceability, credentials, electronic invoices, financial bills, and block chain-based data sharing, cover government, medical, finance, justice, Education and other industries.

Based on Tencent Cloud and Intel Technology Integration, Tencent Yunxiao Link Product Trusted Data Sharing Governance Mechanism is expected to open the digital economic bridge and better solve real problems. As the upstream of the industrial chain, Intel technology experts expressed their hopes to continue to support the problems found and feedback in the actual landing of Tencent block chains.

translate engine: Google

China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments