We're hiring new talents!

Python Confidential Container

Python is an interpreted, object-oriented, high-level programming language with dynamic semantics. Its high-level built in data structures, combined with dynamic typing and dynamic binding, make it very attractive for Rapid Application Development, as well as for use as a scripting or glue language to connect existing components together.

Python is a dynamically-typed garbage-collected programming language developed by Guido van Rossum in the late 80s to replace ABC. Much like the programming language Ruby, Python was designed to be easily read by programmers.

Description

PYTHON-SGX: Python Con­fi­den­tial Com­pute Container

enclaive deliv­ers a con­fi­den­tial com­pute vari­ant of Python, called PYTHON-SGX. This vari­ant runs in Intel SGX enclaves. Intel Secu­ri­ty Guard Exten­sion (SGX) deliv­ers advanced hard­ware and RAM secu­ri­ty encryp­tion fea­tures, so-called enclaves, to iso­late code and data that are spe­cif­ic to each appli­ca­tion. When data and appli­ca­tion code run in an enclave addi­tion­al secu­ri­ty, pri­va­cy, and trust guar­an­tees are giv­en, mak­ing the con­tain­er an ide­al choice for (untrust­ed) cloud environments.

Why ‘Python-SGX images?

Fol­low­ing ben­e­fits come with NGINX-SGX :

  • con­fi­den­tial com­pute ready
  • con­tain­er escape pro­tec­tion through hard­ware-grad­ed security
  • con­tain­er images are released on a reg­u­lar basis with the lat­est dis­tri­b­u­tion pack­ages available
  • images use the same com­po­nents and con­fig­u­ra­tion approach — mak­ing it easy to switch between for­mats based on your project needs
  • com­pat­i­ble with DevOps best prac­tices (e.g., Dock­er, Dock­er Swarm, Kubernetes)

Fea­tures

  • con­tain­er-in-use encryp­tion and authentication
  • encrypt­ed and authen­ti­cat­ed volume/files
  • remote­ly authenticable
  • con­fi­den­tial key man­age­ment and provisioning

Pre­req­ui­sites

  • Dock­er Engine 20.1.0 or later
  • Dock­er com­pose plu­g­in is recommended
  • Intel SGXv2/x86 archi­tec­ture or later

 

Installation

Quick­start

Addi­tion­al Resources

 

Repositories

Com­mu­ni­ty Edition

Avail­able versions
Github repos­i­to­ry
6.0.2–1
Dock­er Hub

Cloud Hosting

Man­aged VM

Series Proces­sor Cores RAM (GB) Data disks (GB) IOPS (GB/s)
DC1s_v2 Intel Xeon‑E 2288G — 3.7GHz/5.0 GHz 1 4 1x50 1x0.5
DC2s_v2 Intel Xeon‑E 2288G — 3.7GHz/5.0 GHz 2 8 2x100 2x0.5
DC4s_v2 Intel Xeon‑E 2288G — 3.7GHz/5.0 GHz 4 16 4x400 4x0.5

Addi­tion­al Links

Ded­i­cat­ed Server

Series Proces­sor Cores RAM (GB) Data disks (GB) IOPS (GB/s)
Advance 1 Intel Xeon‑E 2386G — 3.5GHz/4.7GHz 6 128 4x3.84 1
Advance 2 Intel Xeon‑E 2388G — 3.2GHz/4.6GHz 8 128 4x3.84 5
Advance 6 Intel Xeon Gold 6312U — 2.4GHz/3.6GHz 24 1024 4x3.84 5

Addi­tion­al Links

Contact sales

Cookie Consent with Real Cookie Banner