📃
Confidential Computing 101
HomeTechnologyTry CC!
  • Welcome
  • Confidential Computing
    • What is Confidential Computing
    • What problems Confidential Computing solves
      • Bare Metal
      • Docker
      • Kubernetes
      • Knative
    • Why Confidential Computing
    • How Confidential Computing works
      • Memory Encryption
      • Workload Attestation
      • Confidential Boot
      • Sealing / Binding
      • Secret Provisioning
    • Technology Overview
    • Cloud Service Providers
  • Technology in depth
    • Intel SGX
      • Getting Started
        • Bare Metal Server Installation
        • Enclave Development Environment
        • Intel SGX SDK Setup
      • Technology
        • 🎭Features
        • 💂Threat Model
        • 🆚Versions
        • 🟦Concepts
          • 🏦Memory Encryption
          • 👮Local and Remote Attestation
          • 🖼️DCAP-Attestation Framework
          • 🔑Secret Key Provisioning
      • enclaive Development Kit
        • 🏢Architecture
        • 🌪️Workflow
        • 🌍Tutorials
          • Azure DCdsv3, DCsv2, or DCsv3 Setup
          • Redis in cK8s
          • MongoDB in cK8s
          • K8s + HashiCorp Vault on Azure DCsv3
      • Vault Remote Attestation Plug-In
        • 🏃‍♂️Initialization
        • 👮Attestation
        • ⚙️Configuration
    • Intel TDX
      • Getting Started
        • Azure
        • AWS
        • GCP
      • Technology
        • History
          • VT
          • TME/MKTME
          • SGX
        • Features
        • Threat Model
        • Concepts
          • Architecture
            • TDX Module
          • Memory Encryption
            • Confidentiality and Integrity
            • Keys and Key Management
          • TD Partitioning
          • DCAP-Attestation
            • Overview
            • Platform Registration
            • Attestation Report
    • AMD SEV
      • Getting Started
        • Azure
        • AWS
        • GCP
      • Technology
        • History
        • Threat Model
        • SME Concepts
          • Use Models
        • SEV-SNP Concepts
          • Features
            • Integrity Threats
            • Reverse Map Table
            • Page Validation
            • Page States
            • Virtual Machine Privilege Levels
            • Interrupt/Exception Protection
            • Trusted Platform Information
            • TCB Versioning
            • VM Launch & Attestation
            • VM Migration
            • Side Channels
          • Use Cases
          • Architecture
            • Encrypted Memory
            • Key Management
          • Software Implications
    • ARM CC
      • Technology
        • Introduction
        • Threat Model
        • Design
        • Comparison
    • Attestation Methods
      • Raw Attestation
      • Raw Attestation with Secure-Boot
      • Raw Attestation with a vTPM
        • AMD Secure VM Service Module and vTPMs
      • Raw Attestation with paravirtualized TPM
  • Resources
    • Youtube
    • Github
    • Products
Powered by GitBook
On this page
  • Intel SGXv2-ready Containers
  • Prerequisites

Was this helpful?

  1. Technology in depth
  2. Intel SGX

enclaive Development Kit

Last updated 11 months ago

Was this helpful?

Here you will find some practical tutorials for enclaive's confidential computing solution using Intel SGX.

Download the enclaive development kit from Github

Intel SGXv2-ready Containers

The following containers are available to deploy workloads in enclaves.

Prerequisites

To utilize the features of Intel Software Guard Extensions (SGXv2), a CPU with SGX support is necessary. The CPU must also support SGX Flexible Launch Control with Measured Boot. It is also highly recommended that the memory size of the host machine should be equal to or greater than 16 GB to ensure that there is enough memory.

In the realm of confidential computing with SGX, a cloud service provider plays a crucial role beyond merely providing the hardware. They are responsible for delivering specific services necessary for the smooth operation of the Data Center Attestation Primitives (DCAP) attestation flow.

The following cloud infrastructures are equipped with SGX-ready capabilities by default:

Please note that the information may not reflect the latest updates or additions by the cloud providers. It's always advisable to check with the providers directly or refer to their official documentation for the most up-to-date information on their SGX-ready cloud infrastructures. Furthermore, Confidential computing is a rapidly evolving field, and cloud providers consistently enhance their offerings with confidential computing capabilities. If your preferred infrastructure provider is not listed here, please feel free to contact us. We'll be glad to assist you in finding the right solution.

ArangoDB-SGX

MariaDB-SGX

MongoDB-SGX

Redis-SGX

Nodejs-SGX

Python-SGX

Rust-SGX

Go-SGX

PHP-SGX

Ruby-SGX

Java-SGX

C-SGX

Cpp-SGX

Csharp-SGX

Mosquitto-SGX

Nginx-SGX

Wordpress-SGX

Umami-SGX

Always encrypted Hashicorp Vault

Microsoft Azure Confidential Cloud
OVH Cloud
Alibaba Cloud
mysql-sgx
mongodb-sgx
redis-sgx
nodejs-sgx
python-sgx
rust-sgx
go-sgx
php-sgx
ruby-sgx
java-sgx
c-sgx
cplusplus-sgx
csharp-sgx
mosquitto-sgx
nginx-sgx
wordpress-sgx
umami-sgx
hashicorp-vault-sgx
arangodb-sgx