> For the complete documentation index, see [llms.txt](https://docs.enclaive.cloud/enclaive-multi-cloud-platform/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.enclaive.cloud/enclaive-multi-cloud-platform/documentation/features/buckypaper.md). # Buckypaper ### Introduction **Confidential Virtual Machines (CVMs)** revolutionize on-premise hosting by introducing cutting-edge technology that ensures enhanced security without requiring changes to your existing code. This documentation explores the challenges associated with traditional infrastructure and highlights how CVMs, powered by Buckypaper technology, provide a solution. #### Challenges without Buckypaper **High Capital Expenditure** Establishing and maintaining on-premise infrastructure involves significant upfront costs in hardware, networking equipment, and data center facilities. **Resource Underutilization** On-premise infrastructure often leads to resource underutilization due to provisioning for peak demand, resulting in idle resources during periods of lower demand. **Limited Scalability** Scaling up or down in an on-premise environment can be time-consuming and expensive, requiring the purchase of additional hardware. **Complexity in Maintenance** Managing on-premise hardware, software, and networking components can be complex and resource-intensive, demanding dedicated IT staff and expertise. #### The Solution: Confidential Virtual Machines (CVMs) with Buckypaper **Key Features** **Security** CVMs leverage hardware-based technologies to create isolated environments, ensuring sensitive data and processes are protected from unauthorized access within a virtualized infrastructure. **Hardware-graded Security** Confidentiality of workloads and applications is ensured by utilizing hardware-based security features, leveraging secure enclaves to isolate and protect code and data. **Workload Isolation** Protected execution environments for critical applications ensure that sensitive workloads remain secure even if the underlying infrastructure is compromised. **Certified EU Datacenters** Choose from various datacenters in Europe meeting compliance standards, ranging from ISO27001 to C5. **Optimized Performance** CVMs offer a remarkable advantage with only a 3% CPU cycle overhead, allowing organizations to maintain high-performance standards while ensuring robust security for critical applications. #### Benefits **Unlock the Power of Confidentiality** Experience unparalleled security and confidentiality with CVMs. **Secure Deployment in the Cloud** CVMs are valuable in cloud environments, providing an added layer of security for sensitive data processed in shared, virtualized spaces. **Secure Multi-Tenancy** Enhance security in multi-tenant environments by providing isolated and encrypted spaces for each workload. **Compliance with Data Regulations** Meet compliance standards with advanced encryption and security measures, reducing the risk of data breaches. **Create a Buckypaper VM within Seconds** Explore the functionality and user experience of Buckypaper VMs on leading cloud infrastructures. ### Technical Information #### Integration into Existing Environments CVMs seamlessly integrate into existing virtualized environments, deploying alongside non-confidential VMs to selectively apply enhanced security measures. #### Intellectual Property Theft Protection CVMs create a protected execution environment, preventing unauthorized access to code and data, especially valuable for organizations developing proprietary software or running proprietary algorithms. #### Applications Applications dealing with sensitive information, such as those in financial services, healthcare, and cryptographic operations, benefit significantly from the confidential execution environments provided by CVMs. #### Deployment in Cloud Environments CVMs are well-suited for deployment in cloud environments, providing an added layer of security for workloads in shared, virtualized spaces. #### Data Confidentiality in Transit CVMs often implement end-to-end encryption, ensuring data remains encrypted during storage, processing, and transit. #### Scenarios where CVMs are Beneficial CVMs are particularly beneficial in scenarios where organizations need to process or store sensitive data. They excel in multi-tenant private, public, and hybrid cloud environments where secure isolation of workloads is crucial. #### CPU Cycle Overhead CVMs are designed with optimized performance, incurring only a minimal 3% CPU cycle overhead, ensuring a negligible impact on overall computational efficiency. #### How CVMs Enhance Security CVMs enhance security by creating confidential execution environments (CEEs) with advanced encryption, protection against insider threats, and secure multi-tenancy features. #### What are Confidential Virtual Machines (VMs)? CVMs are a specialized type of virtual machine designed to provide enhanced security measures for sensitive workloads, leveraging hardware-based security features to isolate and protect data and code within the virtualized environment. {% content-ref url="/spaces/JCiJp92CK5rDzO9DECIa" %} [Buckypaper](https://docs.enclaive.cloud/buckypaper/) {% endcontent-ref %} --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.enclaive.cloud/enclaive-multi-cloud-platform/documentation/features/buckypaper.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.