Container Course – Containers for Privacy - Yiwen Li

Questions and Answers

What is the purpose of Occlum?

To secure applications running in the public cloud

To manage secrets and keys

To establish encrypted connections

To provide multitasking and memory safety (correct)

True or false: Occlum is a lightweight library OS that offers multitasking and memory safety.

True

What technology is used to provide hardware-enforced isolation between a tenant’s workload and the privileged software controlled by the CSP?

Kubernetes Containers

Intel SGX (correct)

RATS-TLS

Occlum

What technology is used by Inclavare Containers to provide hardware-enforced isolation?

Intel SGX

True or False: Intel SGX is used to protect secrets and keys in a multi-cloud deployment model.

True

What is the purpose of the SGX-tools command line tool?

To retrieve materials from Attestation Service for Intel

What is the Open Enclave SDK used for?

To build Intel SGX applications

What component is responsible for forwarding the traffic between the confidential container and shelter?

Inclavare

True or False: Open Enclave SDK provides support for Intel SGX on Windows container workloads.

True

What is the purpose of the confidential inferencing ONNX runtime?

To establish a secure channel between the client and the server

What is the primary benefit of using Inclavare Containers?

It allows for confidential data and secrets in multi-cloud environments.

What protocol is used to support trusted communication between heterogeneous hardware TEEs?

RATS-TLS

What is the main benefit of public cloud container deployment?

Convenience of deployment

True or False: The confidential inferencing ONNX runtime establishes a secure channel between the client and the server.

True

What is the main benefit of using Intel SGX containers?

Increased privacy

What does RATS-TLS do?

It enhances standard TLS protocol to support trusted communication between heterogeneous hardware TEEs.

What is the main concern of public cloud container deployment?

Privacy

What is the purpose of the Attestation Service for Intel or IAS?

To retrieve various materials such as launch tokens, quoting enclave target information, enclave quote, and remote attestation report

What component of TEE is used to establish the attested Inclavare TLS channel?

Shelter

True or False: Public cloud container deployment is secure and does not have any privacy concerns.

False

What is the purpose of Intel SGX?

To protect customer data and secrets

What is the Azure Enclave Aware Container used for?

To verify secure confidential container environments

What is the purpose of HashiCorp Vault software?

To manage secrets and keys

What type of protocols are used to establish encrypted connections?

mTLS

What type of security is provided by Intel SGX?

Hardware-based trusted execution

Study Notes

• Public cloud container deployment has many benefits, such as convenience of deployment.
• Public cloud container deployment has serious security and privacy concerns.
• To secure sensitive data in a cloud environment, applications should run inside confidential containers where data and programs are protected by the hardware.
• In a multi-cloud deployment model, distributed services are hosted in the public cloud. Secrets and keys are managed by HashiCorp Vault software in an Intel SGX-protected confidential container.
• Distributed service requests keys and certificates to establish encrypted connections, such as SSL, mTLS, and other protocols. Therefore, keys and certificates must be protected by Intel SGX. This way, even though services are hosted on public cloud and the underlying infrastructure is not owned by the customer, sensitive customer data and secrets are safe due to Intel SGX.
• Occlum is a lightweight library OS that offers multitasking and memory safety.
• Occlum can be used to secure applications running in the public cloud.
• The public cloud environment must be attested to verify that it has a secure confidential container environment for secure communication between the public cloud and the private cloud.
• There are some key enablers in the Azure Enclave Aware Container that make this possible.
• Open Enclave SDK is a library for developing C and C++ applications that use hardware-based trusted execution environments.
• The current implementation provides support for Intel SGX.
• Intel maintains a software development kit for building Intel SGX applications for both Linux and Windows container workloads.
• The confidential inferencing ONNX runtime is an open-source, enclave-based ONNX runtime that establishes a secure channel between the client and the inference server, ensuring that neither the request nor the response can leave the secure enclave.
• This solution allows you to bring an existing machine learning-trained model and run it confidentially while providing trust between the client and the server through attestation and verifications.

Description

Test your knowledge of securing sensitive data in public cloud container deployments, including the use of Intel SGX, Occlum, and Open Enclave SDK for ensuring secure communication and protection of customer data. Explore topics such as confidential containers, multi-cloud deployment, and the use of enclave-based runtimes for machine learning models.