Features

EMCP functions as the gateway to an unparalleled confidential cloud ecosystem, providing a comprehensive array of innovative features designed to uphold the highest standards of security and privacy. At its core, EMCP harnesses state-of-the-art cryptographic techniques to facilitate secure computation over encrypted data, ensuring the confidentiality and integrity of sensitive information throughout all stages of processing, storing and transmitting data. Through the platform, developers can seamlessly access a range of powerful features:

  • Effortlessly create and manage confidential Virtual Machines, referred to as buckypapers, each inherently isolating workloads within enclaves for enhanced security by default.

  • Seamlessly orchestrate confidential Kubernetes clusters, known as dyneemes, where both the control plane and multiple node pools are automatically enclave-protected by default.

  • Utilize a virtual Hardware Security Module (vHSM) to efficiently generate and manage keys and workload identities, safeguarding the provisioning secrets for buckypaper VMs and dyneemes clusters within an environment that offers hardware-grade security akin to traditional HSMs, coupled with the flexibility of confidential virtualization.

  • Seamlessly deploy workloads across multiple cloud environments, with support for major cloud service providers such as Azure, AWS, and Kraud, with GCP integration slated for future releases.

  • Enable Bring Your Own Subscription (BYOS) functionality, allowing users to integrate EMCP with their existing tenant or subscription. This feature empowers users to run confidential workloads alongside non-confidential ones, leveraging their tenant's identity and access management, billing, and cost-saving plans.

Last updated