Skip to content

ddhawal/intel-secl

Repository files navigation

Intel® Security Libraries for Data Center (Intel® SecL-DC)

Intel® Security Libraries for Data Center (Intel® SecL-DC) enables security use cases for data center using Intel® hardware security technologies.

Hardware-based cloud security solutions provide a higher level of protection as compared to software-only security measures. There are many Intel platform security technologies, which can be used to secure customers' data. Customers have found adopting and deploying these technologies at a broad scale challenging, due to the lack of solution integration and deployment tools. Intel® Security Libraries for Data Centers (Intel® SecL - DC) was built to aid our customers in adopting and deploying Intel Security features, rooted in silicon, at scale.

Intel® SecL-DC is an open-source remote attestation implementation comprising a set of building blocks that utilize Intel Security features to discover, attest, and enable critical foundation security and confidential computing use-cases. It applies the remote attestation fundamentals and standard specifications to maintain a platform data collection service, and an efficient verification engine to perform comprehensive trust evaluations. These trust evaluations can be used to govern different trust and security policies applied to any given workload.

For more details please visit : https://01.org/intel-secl

Architecture

The below diagram depicts the high level architecture of the Intel®SecL-DC,

isecl-arch

Components and Repositories

Component Abbreviation Github Repository URL
Certificate Management Service CMS https://github.com/intel-secl/intel-secl/tree/master/pkg/cms
Authentication and Authorization Service AAS https://github.com/intel-secl/intel-secl/tree/master/pkg/aas
Workload Policy Management WPM https://github.com/intel-secl/intel-secl/tree/master/pkg/wpm
Key Broker Service KBS https://github.com/intel-secl/tree/master/pkg/kbs
Trust Agent TA https://github.com/intel-secl/go-trustagent
Application Agent AA https://github.com/intel-secl/go-trustagent/tree/master/tboot-xm
Workload Agent WLA https://github.com/intel-secl/workload-agent
Host Verification Service HVS https://github.com/intel-secl/intel-secl/tree/master/pkg/hvs
Integration Hub iHUB https://github.com/intel-secl/intel-secl/tree/master/pkg/ihub
Workload Service WLS https://github.com/intel-secl/workload-service
ISecl K8s Extensions -- https://github.com/intel-secl/k8s-extensions
SGX Caching Service SCS https://github.com/intel-secl/sgx-caching-service
SGX Quote Verification Service SQVS https://github.com/intel-secl/sgx-verification-service
SGX Host Verification Service SHVS https://github.com/intel-secl/sgx-hvs
SGX Agent AGENT https://github.com/intel-secl/sgx_agent
SKC Client/Library SKC Library https://github.com/intel-secl/skc_library

Getting Started

Build Instructions

Intel® SecL-DC is provided as reference code and is also extensible to include any future security use cases and technologies. To build components necessary to try out different use cases, please follow instructions here,

https://github.com/intel-secl/build-manifest/

It makes use of repo tool which simplifies your all efforts to clone and build multiple repos. Also, it helps to build latest v3.0.0 version of Intel® SecL-DC with as simple instruction as,

# repo init -U <build-repo-url> -b <release-tag> -m <usecasemanifest>

example:

# repo init -u https://github.com/intel-secl/build-manifest.git -b refs/tags/v3.6.0 -m manifest/fs.xml

Product Guide

For more details on the product, installation and deployment strategies, please go through following, (Refer to latest and use case wise guide)

https://01.org/intel-secl/documentation/intel%C2%AE-secl-dc-product-guide

Release Notes

https://01.org/intel-secl/documentation/intel%C2%AE-secl-dc-release-notes

Issues

Feel free to raise build, deploy or even runtime issues here,

https://github.com/intel-secl/intel-secl/issues

NOTE: Instructions specific to build components only in monorepo

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Packages

No packages published