Skip to content

Releases: intel/confidential-computing-zoo

CCZoo Release v1.1

13 Jun 07:54
@RodgerZhu RodgerZhu
v1.1
2232107
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
CCZoo Release v1.1 Latest
Latest

What’s New:

1.  2 New Solutions based on TDX Published, Ready for use.​​​​​​

  • Attested boot with encrypted TDVM OS image - Link
    Introduction: This solution builds an E2E attested boot solution with encrypted Intel TDVM OS image to protect customized guest OS image booting in cloud environment, also it provides the remote attestation capability to guarantee the trust environment and retrieve the secret key with RA-TLS.

  • Horizontal Federated Learning with TDX CoCo - Link
    Introduction: This solution builds horizontal federated learning framework with TDX confidential container. It demonstrates a full chain data security with encrypted docker image deployment protecting runtime security, data at-rest security and communication with remote attestation.

  1. Updates of Previously Published Solutions
  • Add TF Serving Cluster PPML support for - - Azure AKS and MAA
    • Add document to introduce the deployment in Azure SGX instance
    • Update source code to support the integration with Azure services (MAA & AKS)
    • Deliver docker image for Azure cloud deployment
  • Add TDX-TEE and Bazel support for gRPC RA-TLS
  • Deliver TDX docker image for TDX Encrypted VFS
  1. New published documents 
Assets 2
Loading

CCZoo Release v1.0

06 Feb 09:43
@RodgerZhu RodgerZhu
v1.0
582cf46
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
CCZoo Release v1.0

What’s New

3 solutions published in the main branch, ready for use.

  • Horizontal Federated Learning with Intel TDX
  • Encrypted virtual File System with TDX-RA
  • Encrypted VFS and TDX-RA Enhanced TensorFlow Serving

Updates of Previously Published Solutions.
o Horizontal Federated Learning

Document updates
Add Azure Cloud Deployment Support

Assets 2
Loading

CCZoo Release v0.7

23 Dec 08:43
@RodgerZhu RodgerZhu
v0.7
c0a356b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
CCZoo Release v0.7

What’s New

  1. 2 solutions published in the main branch, ready for use.
    o Machine binding key backup
    o HTTPA(Hypertext Transfer Protocol Attestable)

  2. Updates of Previously-Published Solutions.
    o Horizontal Federated Learning

    • Document updates.
    • Upgrade Gramine to v1.3.1
      o TensorFlow Serving Cluster PPML
    • Upgrade Gramine to v1.3.1
    • Document updates
      o Cross languages framework based on Gramine
    • Document updates
      o PSI
    • Document updates
    • Add Azure Cloud Deployment Support
Assets 2
Loading

CCZoo Release v0.6

28 Oct 02:31
@RodgerZhu RodgerZhu
v0.6
2d57d8d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
CCZoo Release v0.6

What’s New

  1. 2 solutions published in main branch, ready for use.
    -> Secure AI Inference & Training
    o Secure Logistic Logical Regression Inference with HE and SGX- Link
    ->Incubating Component
    o Librats - Link

  2. Updates of Previously-Published Solutions.
    o Horizontal Federated Learning
     Document updates.
     Upgrade Gramine to v1.2
     Add OpenAnolis Support
    o TensorFlow Serving Cluster PPML
     Upgrade Gramine to v1.2
     Document updates
     Add OpenAnolis Support
     Add Tencent CCP Integration Support
    o Cross languages framework based on Gramine
     Document updates
     Add Tencent CCP integration Support
    o PSI
     Document updates
     Add Tencent CCP integration Support
     Upgrade Gramine to v1.2
     Add OpenAnolis Support

  3. Integration to 1 new open community - OpenAnolis
    OpenAnolis CNCC SIG accepts CCZoo as one project member
    i. Add CCZoo Introduction in the main page
    ii. Publish 2 Solutions from CCZoo based on Anolis container

  4. New documents added in cczoo.readthedoc.io
    a. Add documents for
    i. Secure Logistic Logical Regression Inference with HE and SGX
    ii. Librats

Assets 2
Loading

CCZoo v0.5 Release

19 Aug 09:18
@RodgerZhu RodgerZhu
v0.5
1d7d989
Compare
Choose a tag to compare
CCZoo v0.5 Release

What’s New

  1. 3 solutions published in main branch, ready for use.
    o Homogenous Logistic Regression Training with Intel Paillier Library and Intel SGX - link
    o Private Set Intersection (PSI) with Intel SGX - link
    o BigDL Privacy Preserving Machine Learning (PPML) - link

  2. Add 1 new Public Cloud Deployment Validation Configuration
    o Add new one Cloud Deployment
    - Microsoft Azure - DCsv3-series.

  3. New documents added in cczoo.readthedoc.io
    Add documents for

  4. Updates of Previously-Published Solutions.
    o RA-TLS enhanced gRPC

    • Rename docker name
    • Upgrade dockerfile 18.04 to 20.04
      o Horizontal Federated Learning
    • Document updates.
    • Add 1 new demo - Recommendation system
      o TensorFlow Serving Cluster PPML
    • Upgrade dockerfile 18.04 to 20.04
      o Cross languages framework based on Gramine
    • Document updates
    • Update remote attestation config
Assets 2
Loading

CCZoo v0.4 Release

23 Jun 04:48
@RodgerZhu RodgerZhu
v0.4
3b77608
Compare
Choose a tag to compare
CCZoo v0.4 Release

What’s New:

  1. 3 new reference solution published in main branch, ready for use.

    • Attestation and Secret Provision Service (ASPS)
      Brief Introduction:
      This solution provides a secret provision service following RA-TLS based remote attestation through gRPC.
      Secrets are stored in KMS that is hosted on tenant side beforehand and Secrets distribution is managed by Policy Manager according to predefined policy. Once tenant client verifies quote from CSP SGX Enclave successfully, KMS agent retrieves secrets from KMS and tenant sends them to the remote CSP SGX Enclave through an established secure gRPC channel.
    • Cross Language Framework based on Gramine
      Brief Introduction:
      This framework aims to ease the non-C language (e.g. Java) to do SGX remote attestation and transfer key/data between untrust node
      (clf_client / where running SGX enclave) and trust node(clf_server) when using Gramine.
    • Vertical Federated Learning
      Brief Introduction:
      This solution based on a ByteDance end-to-end open-source framework, called Fedlearner, based on TensorFlow, integrates SGX for
      machine learning, providing interfaces that facilitate federated learning tasks.

  2. Add 1 new Public Cloud Deployment Validation Configuration

    • ByteDance Volcengine SGX Instances (Bare metal)

  3. New documents added in cczoo.readthedoc.io

    • Attestation and Secret Provision Service (ASPS)
    • Cross Language Framework based on Gramine
    • Vertical Federated Learning

  4. Updates of Previously-Published Solutions.

    • RA-TLS enhanced gRPC
      • Add Occlum backend support
      • Add customized option for 1-way or 2-way TLS configuration.
      • Provide optional RA-TLS SDK option
    • Horizontal Federated Learning
      • Document updates.
Assets 2
Loading

v0.3

11 Apr 08:51
@RodgerZhu RodgerZhu
v0.3
1f08308
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.3

What's New

  1. 1 new incubating component project published in main branch, ready for use.

    • RATS-TLS v1.0 - link

      Brief Introduction:
      This project provides a proof-of-concept implementation on how to integrate Intel SGX remote attestation into the TLS connection setup. Conceptually, it extends the standard X.509 certificate with SGX-related information. It also provides three non-SGX clients (mbedtls, wolfSSL, OpenSSL) to show how seamless remote attestation works with different TLS libraries.

  2. 1 new solution published in main branch, ready for use.

    • eHSM-KMS v0.2.1 - link

      Brief Introduction:
      This solution, based on Intel SGX, provides a product-quality reference to help the customers setup a customized KMS (Key Management System) with the capabilities to create and manage cryptographic keys in their cloud environments.

  3. 3 published solutions validated in Ali Cloud and Tencent Cloud

    • Horizontal Federated Learning - link
    • RA-TLS Enhanced gRPC - link
    • TensorFlow Serving Cluster PPML - link

  4. New organization of GitHub main page with 3 designed tables

  5. New documents added in cczoo.readthedoc.io

  6. Add CI/CD basic test

    • Add docker image build test for TensorFlow Serving Cluster PPML, Horizontal Federated Learning,
      RA-TLS Enhanced gRPC.

Bug Fixes

No known issues

Solution Deployment

Please follow the steps in each solution documents to run each solution.

Assets 2
Loading

CCZoo Release v0.2

22 Feb 09:41
@RodgerZhu RodgerZhu
v0.2
dd299c4
Compare
Choose a tag to compare
CCZoo Release v0.2

Highlights

Publish 2 new solutions:

Assets 2
Loading

CCZoo Release v0.1

22 Dec 05:23
@RodgerZhu RodgerZhu
v0.1
5b7539e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
CCZoo Release v0.1

Highlights

Publish The 1st solution - TensorFlow Serving Cluster PPML based on SGX

Details
TEE : Intel SGX
LibOS : Gramine
App : Tensorflow Serving
Encryption/Decryption : Yes
TLS : gRPC

Assets 2
Loading