marblerun
edgelessdb
marblerun | edgelessdb | |
---|---|---|
2 | 3 | |
232 | 169 | |
0.4% | 0.0% | |
9.2 | 1.6 | |
about 21 hours ago | about 1 year ago | |
Go | Go | |
Mozilla Public License 2.0 | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
marblerun
-
How do other securely manage their secrets?
To encrypt secrets even at runtime "in-use," you can use something like https://github.com/edgelesssys/marblerun in combination with a confidential container.
-
Adding an extra layer of data security to your Kubernetes workloads: Project Marblerun
Check it out on GitHub
edgelessdb
-
What is your opinion on Confidential computing?
There's some existing work by https://www.edgeless.systems/products/edgelessdb/ and their repo https://github.com/edgelesssys/edgelessdb
-
Microsoft Introduces EdgelessDB: A Database Designed for Confidential Computing
The title is a bit misleading: EdgelessDB was not developed by Microsoft but by a German startup (Edgeless Systems, https://www.edgeless.systems/ and https://github.com/edgelesssys/edgelessdb).
The announcement is about its availability on the Azure Marketplace.
-
We built an open-source SQL DB for Intel SGX enclaves
Hi everyone! Our team just released EdgelessDB, an open-source database built on MariaDB that runs completely inside Intel SGX enclaves. As storage engine, it uses RocksDB with a custom encryption engine. The engine uses AES-GCM and is optimized for RocksDB’s specific SST file layout and the enclave environment. It has some nice properties like global confidentiality and verifiability and it considers strong attackers like malicious admins or rootkits. It also delivers rather low overheads (<10% for the TPC-C benchmark on Azure). In short: all data is only ever decrypted inside the enclave. This is different from other databases, where data and corresponding keys are processed in the clear in memory. We believe this is useful because (1) it’s very secure and (2) it enables some interesting use cases, like secure data pooling between parties. If you’re interested in trying it out: here’s a quickstart guide. In essence, you can run the Docker image with a single command on any recent Intel Xeon with SGX. Code and more info can be found on GitHub. Would be great to get your feedback on this :-)
What are some alternatives?
vals - Helm-like configuration values loader with support for various sources
MariaDB - MariaDB server is a community developed fork of MySQL server. Started by core members of the original MySQL team, MariaDB actively works with outside developers to deliver the most featureful, stable, and sanely licensed open SQL server in the industry.
confidential-computing-zoo - Confidential Computing Zoo provides confidential computing solutions based on Intel SGX, TDX, HEXL, etc. technologies.
conduit - Ultralight, security-first service mesh for Kubernetes. Main repo for Linkerd 2.x.
migrate - Database migrations. CLI and Golang library.
kuma - 🐻 The multi-zone service mesh for containers, Kubernetes and VMs. Built with Envoy. CNCF Sandbox Project.
RocksDB - A library that provides an embeddable, persistent key-value store for fast storage.
sops - Simple and flexible tool for managing secrets
enclaive-docker-mariadb-sgx - SGX-ready Enclaive Docker Image for MariaDB
ms-demo-gen - MSDGen: Generater for microservice demos of any given size and connectivity constraints.
mysql-5.6 - Facebook's branch of the Oracle MySQL database. This includes MyRocks.