confidential-computing-zoo
edgelessdb
| confidential-computing-zoo | edgelessdb | |
|---|---|---|
| 2 | 3 | |
| 286 | 169 | |
| 0.4% | 0.0% | |
| 7.1 | 1.6 | |
| 1 day ago | about 1 year ago | |
| CMake | Go | |
| Apache License 2.0 | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
confidential-computing-zoo
edgelessdb
-
What is your opinion on Confidential computing?
There's some existing work by https://www.edgeless.systems/products/edgelessdb/ and their repo https://github.com/edgelesssys/edgelessdb
-
Microsoft Introduces EdgelessDB: A Database Designed for Confidential Computing
The title is a bit misleading: EdgelessDB was not developed by Microsoft but by a German startup (Edgeless Systems, https://www.edgeless.systems/ and https://github.com/edgelesssys/edgelessdb).
The announcement is about its availability on the Azure Marketplace.
-
We built an open-source SQL DB for Intel SGX enclaves
Hi everyone! Our team just released EdgelessDB, an open-source database built on MariaDB that runs completely inside Intel SGX enclaves. As storage engine, it uses RocksDB with a custom encryption engine. The engine uses AES-GCM and is optimized for RocksDB’s specific SST file layout and the enclave environment. It has some nice properties like global confidentiality and verifiability and it considers strong attackers like malicious admins or rootkits. It also delivers rather low overheads (<10% for the TPC-C benchmark on Azure). In short: all data is only ever decrypted inside the enclave. This is different from other databases, where data and corresponding keys are processed in the clear in memory. We believe this is useful because (1) it’s very secure and (2) it enables some interesting use cases, like secure data pooling between parties. If you’re interested in trying it out: here’s a quickstart guide. In essence, you can run the Docker image with a single command on any recent Intel Xeon with SGX. Code and more info can be found on GitHub. Would be great to get your feedback on this :-)
What are some alternatives?
enclaive-docker-nginx-sgx - SGX-ready Enclaive Docker Image for Nginx
MariaDB - MariaDB server is a community developed fork of MySQL server. Started by core members of the original MySQL team, MariaDB actively works with outside developers to deliver the most featureful, stable, and sanely licensed open SQL server in the industry.
keylime - A CNCF Project to Bootstrap & Maintain Trust on the Edge / Cloud and IoT
migrate - Database migrations. CLI and Golang library.
ego - EGo is an open-source SDK that enables you to develop your own confidential apps in the Go programming language.
marblerun - MarbleRun is the control plane for confidential computing. Deploy, scale, and verify your confidential microservices on vanilla Kubernetes. 100% Go, 100% cloud native, 100% confidential.
RocksDB - A library that provides an embeddable, persistent key-value store for fast storage.
veracruz - Main repository for the Veracruz privacy-preserving compute project, an adopted project of the Confidential Compute Consortium (CCC).
enclaive-docker-mariadb-sgx - SGX-ready Enclaive Docker Image for MariaDB
incubator-teaclave-sgx-sdk - Apache Teaclave (incubating) SGX SDK helps developers to write Intel SGX applications in the Rust programming language, and also known as Rust SGX SDK.
mysql-5.6 - Facebook's branch of the Oracle MySQL database. This includes MyRocks.