TEE
龙蜥社区 openanolis
Inclavare Containers
https://github.com/inclavare-containers/inclavare-containers
Inclavare Containers is an innovation of container runtime with the novel approach for launching protected containers in hardware-assisted Trusted Execution Environment (TEE) technology, aka Enclave, which can prevent the untrusted entity, such as Cloud Service Provider (CSP), from accessing the sensitive and confidential assets in use.
rats-tls
https://github.com/inclavare-containers/rats-tls
https://github.com/inclavare-containers/librats
RATS architecture based TLS using librats
HyperEnclave
https://github.com/HyperEnclave/hyperenclave
HyperEnclave is an open and cross-platform trusted execution environment which runs on heterogeneous CPU platforms but decouples its root of trust from CPU vendors. In its nature, HyperEnclave calls for a better TEE ecosystem with improved transparency and trustworthiness. HyperEnclave has been implemented on various commodity CPU platforms and deployed in real-world confidential computing workloads.
[USENIX ATC'22] HyperEnclave: An Open and Cross-platform Trusted Execution Environment. Yuekai Jia, Shuang Liu, Wenhao Wang, Yu Chen, Zhengde Zhai, Shoumeng Yan, and Zhengyu He. 2022 USENIX Annual Technical Conference (USENIX ATC 22). Carlsbad, CA, Jul, 2022.
Teaclave
https://github.com/apache/incubator-teaclave
https://github.com/apache/incubator-teaclave-java-tee-sdk/tree/master
Apache Teaclave (incubating) is an open source universal secure computing platform, making computation on privacy-sensitive data safe and simple.
SGX Projects
https://www.intel.cn/content/www/cn/zh/developer/tools/software-guard-extensions/overview.html
Confidential Computing Zoo
https://github.com/intel/confidential-computing-zoo
Confidential Computing Zoo provides confidential computing solutions based on Intel SGX, TDX, HEXL, etc. technologies.
SGX SDK
Intel(R) Software Guard Extensions for Linux* OS
https://github.com/intel/linux-sgx
https://www.intel.cn/content/www/cn/zh/developer/tools/software-guard-extensions/linux-overview.html
Teaclave SGX SDK
https://github.com/apache/incubator-teaclave-sgx-sdk
Apache Teaclave (incubating) SGX SDK helps developers to write Intel SGX applications in the Rust programming language, and also known as Rust SGX SDK.
Asylo (asylo.dev)
https://github.com/google/asylo
Asylo is an open and flexible framework for developing enclave applications. Asylo lets you take advantage of a range of emerging trusted execution environments (TEEs), including both software and hardware isolation technologies.
Open Enclave SDK
https://github.com/openenclave/openenclave
The Open Enclave SDK is a hardware-agnostic open source library for developing applications that utilize Hardware-based Trusted Execution Environments, also known as Enclaves.
SGX LibOS
Occlum
https://github.com/occlum/occlum
Occlum: Secure and Efficient Multitasking Inside a Single Enclave of Intel SGX has been accepted by ASPLOS'20.
Occlum is a memory-safe, multi-process library OS (LibOS) for Intel SGX. As a LibOS, it enables legacy applications to run on SGX with little or even no modifications of source code, thus protecting the confidentiality and integrity of user workloads transparently.
Gramine
https://github.com/gramineproject/gramine
A library OS for Linux multi-process applications, with Intel SGX support
CSV
海光CSV:海光安全虚拟化技术
https://github.com/inclavare-containers/cncc-sig-white-paper/blob/master/cc_platform/hygon_csv.md
https://gitee.com/anolis/cloud-kernel