CCZoo v0.4 Release

What’s New:

1. 3 new reference solution published in main branch, ready for use.

   • Attestation and Secret Provision Service (ASPS)
     Brief Introduction:
     This solution provides a secret provision service following RA-TLS based remote attestation through gRPC.
     Secrets are stored in KMS that is hosted on tenant side beforehand and Secrets distribution is managed by Policy Manager according to predefined policy. Once tenant client verifies quote from CSP SGX Enclave successfully, KMS agent retrieves secrets from KMS and tenant sends them to the remote CSP SGX Enclave through an established secure gRPC channel.
   • Cross Language Framework based on Gramine
     Brief Introduction:
     This framework aims to ease the non-C language (e.g. Java) to do SGX remote attestation and transfer key/data between untrust node
     (clf_client / where running SGX enclave) and trust node(clf_server) when using Gramine.
   • Vertical Federated Learning
     Brief Introduction:
     This solution based on a ByteDance end-to-end open-source framework, called Fedlearner, based on TensorFlow, integrates SGX for
     machine learning, providing interfaces that facilitate federated learning tasks.

2. Add 1 new Public Cloud Deployment Validation Configuration

   • ByteDance Volcengine SGX Instances (Bare metal)

3. New documents added in cczoo.readthedoc.io

   • Attestation and Secret Provision Service (ASPS)
   • Cross Language Framework based on Gramine
   • Vertical Federated Learning

4. Updates of Previously-Published Solutions.

   • RA-TLS enhanced gRPC
     • Add Occlum backend support
     • Add customized option for 1-way or 2-way TLS configuration.
     • Provide optional RA-TLS SDK option
   • Horizontal Federated Learning
     • Document updates.