AMD’s Infinity Guard technology, is designed to enable confidential computing. It outlines a series of security layers and technologies that work together to protect data and systems. The process begins with the AMD Secure Root of Trust Technology, which provides a hardware root of trust and safeguards against BIOS modification and firmware attacks.
This is followed by AMD Secure Memory Encryption (SME), which uses an AES-128 engine to encrypt all memory, protecting against direct memory or physical server access attacks.
AMD Secure Encrypted Virtualization (SEV) is also included, offering additional security for virtual machines. The image shows the flow of loading and authenticating components, starting from the on-chip Boot ROM, off-chip Boot Loader, BIOS, and OS Secure Boot (UEFI), extending to applications and virtual machines. Keys are used to secure the hypervisor and virtual machines, ensuring comprehensive protection without requiring changes to application software.
Data Centric 