An open source enclave container runtime and security architecture for confidential computing scenarios.
Designed to help users protect the security, integrity and confidentiality of data in use
Fully open source and co-constructed, maintaining community neutrality, compatible communities, and compatible open source ecology
Create a cloud-native confidential computing universal base for trusted business applications and second-party products to the cloud
Inclavare Containers, developed by Alibaba Cloud and Ant Group and cooperated with Intel, is the industry's first open source container runtime for confidential computing. Inclavare Containers significantly reduces the user's threshold for use. A variety of different enclave forms are available, providing more choices and flexibility between safety and cost for end users.
|Isolate privileged software||Create the hardware-enforced isolation between tenant’s workload and privileged software controlled by CSP.|
|Remove CSP||Remove CSP from the Trusted Computing Base（TCB） of tenant in untrusted cloud.|
|Remote attestation||Construct the general attestation infrastructure to convince users to trust the workloads running inside TEE based on hardware assisted enclave technology.|
|Easy to use||Provide low barrier to the use of confidential computing and the same experience as ordinary container.|