mirror of
https://github.com/confidential-containers/confidential-containers.git
synced 2025-09-24 21:17:42 +00:00
9fc29c7c19
Add a introduction to Trust Model (Part of Issue #28). Include references and links to prior art Follow on Pull Requests will include sections corresponding to orthogonal ways of considering cloud native approaches relevent to the trust model Specifically including - Personas - Lifecycle - Trusted Execution Boundary Location - Secured v unsecured TEE Base Image Signed-off-by: James Magowan <magowan@uk.ibm.com>
Welcome to documentation repository for Confidential Containers
Confidential Containers is an open source community working to leverage Trusted Execution Environments to protect containers and data and to deliver cloud native confidential computing.
Our key considerations are:
- Allow cloud native application owners to enforce application security requirements
- Transparent deployment of unmodified containers
- Support for multiple TEE and hardware platforms
- A trust model which separates Cloud Service Providers (CSPs) from guest applications
- Least privilege principles for the Kubernetes Cluster administration capabilities which impact delivering Confidential Computing for guest application or data inside the TEE.
Further Detail
Associated Repositories
- Kubernetes Operator for Confidential Computing : An operator to deploy confidential containers runtime (and required configs) on a Kubernetes cluster