Java Confidential Container

Java is a high-level, class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible. It is a general-purpose programming language intended to let programmers write once, run anywhere, meaning that compiled Java code can run on all platforms that support Java without the need to recompile

Description

JAva-SGX: Java Con­fi­den­tial Com­pute Container

enclaive deliv­ers a con­fi­den­tial com­pute vari­ant of Java, called JAVA-SGX. This vari­ant runs in Intel SGX enclaves. Intel Secu­ri­ty Guard Exten­sion (SGX) deliv­ers advanced hard­ware and RAM secu­ri­ty encryp­tion fea­tures, so-called enclaves, to iso­late code and data that are spe­cif­ic to each appli­ca­tion. When data and appli­ca­tion code run in an enclave addi­tion­al secu­ri­ty, pri­va­cy, and trust guar­an­tees are giv­en, mak­ing the con­tain­er an ide­al choice for (untrust­ed) cloud environments.

Why Java-SGX images?

Fol­low­ing ben­e­fits come with Java-SGX :

  • con­fi­den­tial com­pute ready
  • con­tain­er escape pro­tec­tion through hard­ware-grad­ed security
  • con­tain­er images are released on a reg­u­lar basis with the lat­est dis­tri­b­u­tion pack­ages available
  • images use the same com­po­nents and con­fig­u­ra­tion approach — mak­ing it easy to switch between for­mats based on your project needs
  • com­pat­i­ble with DevOps best prac­tices (e.g., Dock­er, Dock­er Swarm, Kubernetes)

Fea­tures

  • con­tain­er-in-use encryp­tion and authentication
  • encrypt­ed and authen­ti­cat­ed volume/files
  • remote­ly authenticable
  • con­fi­den­tial key man­age­ment and provisioning

Pre­req­ui­sites

  • Dock­er Engine 20.1.0 or later
  • Dock­er com­pose plu­g­in is recommended
  • Intel SGXv2/x86 archi­tec­ture or later

 

Installation

Quick­start

Addi­tion­al Resources

 

Repositories

Com­mu­ni­ty Edition

Avail­able versions
Github repos­i­to­ry
6.0.2–1
Dock­er Hub

Cloud Hosting

Man­aged VM

Series Proces­sor Cores RAM (GB) Data disks (GB) IOPS (GB/s)
DC1s_v2 Intel Xeon‑E 2288G — 3.7GHz/5.0 GHz 1 4 1x50 1x0.5
DC2s_v2 Intel Xeon‑E 2288G — 3.7GHz/5.0 GHz 2 8 2x100 2x0.5
DC4s_v2 Intel Xeon‑E 2288G — 3.7GHz/5.0 GHz 4 16 4x400 4x0.5

Addi­tion­al Links

Ded­i­cat­ed Server

Series Proces­sor Cores RAM (GB) Data disks (GB) IOPS (GB/s)
Advance 1 Intel Xeon‑E 2386G — 3.5GHz/4.7GHz 6 128 4x3.84 1
Advance 2 Intel Xeon‑E 2388G — 3.2GHz/4.6GHz 8 128 4x3.84 5
Advance 6 Intel Xeon Gold 6312U — 2.4GHz/3.6GHz 24 1024 4x3.84 5

Addi­tion­al Links

Contact us

Cookie Consent with Real Cookie Banner