Shielding Applications in an untrusted Cloud

Computing on secret data is challenging with today’s cloud service provider (CSP) offerings. CSP have full visibility into their client’s workloads and data while run in a VM or container and shielding against other tenants. On the contrary, confidential computing (CC) techniques (e.g., Intel Software Guard Extension (SGX)) offer a reverse sandbox. These techniques shield the workload and data from accesses by the underlying system software (e.g., OS or VMM) and hardware attacks. Thus, preventing CSPs from accessing secrets. In addition, CC provides remote attestation to verify the integrity of applications.

Projects in this space focus on popular cloud deployment scenarios and automate the process to deploy applications in confidential compute enclaves.


Privacy-Preserving Machine Learning in Untrusted Clouds Made Simple arXiv, 2020.


Tutorial: Graphene: Confidential Computing for Unmodified Linux Applications IEEE Secure Development Conference (SecDev), 2020.

Slides Video

Automatically Securing Linux Application Containers in Untrusted Clouds Linux Security Summit, 2020.

Slides Video