Confidential Computing Zoo (CCZoo) is a collection of code-ready reference solutions, which can be used as a copy-paste developer guide, demonstrating how to apply modern security technologies to real-life cloud business scenarios, in order to facilitate the developers to build their own end-to-end Confidential Computing solutions more easily. Some of the solutions are also validated on the public cloud services, such as Alibaba Cloud, AWS, Azure, etc.
The concerned modern security technologies are (but not limited to): TEE (Trusted Execution Environment, such as Intel® SGX and TDX), HE (Homomorphic Encryption) and its hardware accelerations, Remote Attestation, LibOS, cryptographic and its hardware accelerations. The concerned business scenarios are (but not limited to): cloud native AI inference, vertical and horizontal federated learning, big data analytics, key management, RPC (Remote Process Call, such as gRPC), etc.
CCZoo maintains a live table, as below, to indicate the correlations between business usages (rows) and security technologies (columns). Each hyperlink will direct you to the document section that explains the corresponding details and then guides you to the source codes. Enjoy!
|
Solutions |
Key Applications |
Status |
Validated in Public Cloud |
Security Technologies |
||||||
|
TEE |
HE | LibOS |
Remote Attestation |
Encryption /Decryption |
CPU HW Acceleration |
TLS | ||||
|
TensorFlow Serving Cluster PPML based on SGX |
TensorFlow Serving, K8s |
Published |
Aliyun ECS |
SGX | - | Gramine | Yes | Yes | - |
gRPC |
|
Horizontal Federal Learning |
TensorFlow |
Published |
- |
SGX |
- |
Gramine |
2-way RA-TLS |
Yes | - |
gRPC |
|
gRPC supporting Intel RA-TLS |
gRPC |
Published |
- | SGX/TDX | - | Gramine |
2-way RA-TLS |
- | - |
gRPC |
|
Secure logistic regression training base on TEE & HE |
- |
In Progress |
- | - | HE | - | - | Yes | - | gRPC |
|
Leveled HE logical regression inference |
- |
In Progress |
- | - | HE | - | - | Yes | - | - |
|
Vertical Federal Learning based on SGX |
TensorFlow | In Progress | - | SGX | - |
Gramine |
2-way RA-TLS |
Yes |
- |
gRPC |
|
Attestation Server & KMS |
- |
Not Start |
- | SGX |
- |
- | Yes | Yes | - | gRPC |
|
Secure Database querying based on HE |
- |
Not Start |
- | - | HE | - | - | Yes | - | - |
|
Secure BigDL Recommend system |
- |
Not Start |
- | SGX/TDX | - | - | Yes | Yes | - | - |
|
MPC Optimization |
- |
Not Start |
- |
|
- | - | - | - | - | - |
The official confidential computing zoo documentation can be found at https://cczoo.readthedocs.io. Below are quick links to some of the most important papers:
- TensorFlow Serving Cluster PPML based on SGX
- Horizontal Federal Learning based on SGX
- gRPC supporting Intel RA-TLS
- Please submit issues in this project if there is any question or request.
- Welcome PRs for contributions.
Welcome to join the Wechat group or Slack channel for CCZoo tech discussion.
You can check CCZoo previous PDT meeting munites here.