Intel® Trusted Execution Technology

Posted on 27th Jul 2011 @ 1:10 AM



Intel® Trusted Execution Technology (Intel® TXT)

What is it?

Intel® Trusted Execution Technology (Intel® TXT) is a hardware solution that validates the behavior of key components within a server or PC at startup. Known as the “root of trust,” the system checks the consistency in behaviors and launch time configurations against a “known good” sequence. Using this verified benchmark, the system can quickly assess whether any attempts to alter or tamper with the launch time environment have been made.

Why it matters.

Malware is a consistent and growing threat to IT. While the mechanisms of malware vary, they all seek to corrupt systems and disrupt business, steal data, or usurp control of platforms. As companies adopt more virtualized, shared, and multi-tenant infrastructure models, the perimeter of the traditional network infrastructure is more dispersed and exposed to vulnerabilities. Similarly, traditional approaches of looking for “known bad” elements (the approach of most anti-virus or anti-malware programs) are only partially effective at coping with the increasing volume and sophistication of attacks today. Intel TXT provides an additional enforcement point and a different “known good”–focused approach to check for malicious software on client and server platforms.


How it works.

Intel TXT provides an infrastructure rooted in the processor that enables an accurate comparison of all the critical elements of the launch environment against a “known good” source. Intel TXT creates a cryptographically unique identifier for each approved launch-enabled component, and then provides hardware-based enforcement mechanisms to block the launch of any code that does not match the approved code. This hardware-based approach provides the foundation on which a trusted platform solution can be built to better protect against software-based attacks. Intel TXT is designed to scale with the needs of your organization and help protect both the end user and the company infrastructure from malicious intent.