Towards Enclave-as-a-Container with Inclavare containers and Occlum

Towards Enclave-as-a-Container with Inclavare containers and Occlum

While containers offer many benefits, they suffer from one major drawback: weak isolation. Security-enhanced implementation (e.g., Kata and Gvisor) does exist, but it still has to put trust in hypervisors and OSes.
In this talk, the speakers envision a new type of implementation for containers: enclave-as-a-container. Enclaves (e.g., Intel SGX) are private memory regions that are protect75ed by the CPU from privileged attackers (e.g., hypervisors). Thus, enclave-as-a-container can enhance the security of containers to an unprecedented level.
Inclavare Containers is an enclave-based, OCI-compliant runtime, and Occlum is a memory-safe enclave OS. These two open source projects aim to bring confidential computing into the cloud native ecosystem. The speakers will give a technical overview of the two projects, and share their experience in building and deploying real-world enclave-as-a-container services.