Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/intel-secl/intel-secl
https://github.com/intel-secl/intel-secl
Last synced: 1 day ago
JSON representation
- Host: GitHub
- URL: https://github.com/intel-secl/intel-secl
- Owner: intel-secl
- License: bsd-3-clause
- Created: 2020-08-25T09:34:45.000Z (almost 4 years ago)
- Default Branch: master
- Last Pushed: 2024-03-27T09:50:18.000Z (3 months ago)
- Last Synced: 2024-05-20T00:25:09.744Z (27 days ago)
- Language: Go
- Size: 46.9 MB
- Stars: 31
- Watchers: 13
- Forks: 21
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Lists
- Awesome-SGX-Open-Source - https://github.com/intel-secl/intel-secl
README
# Intel® Security Libraries for Data Center (Intel® SecL-DC)
Intel® Security Libraries for Data Center (Intel® SecL-DC) enables security use cases for data center using Intel® hardware security technologies.
Hardware-based cloud security solutions provide a higher level of protection as compared to software-only security
measures. There are many Intel platform security technologies, which can be used to secure customers' data. Customers
have found adopting and deploying these technologies at a broad scale challenging, due to the lack of solution
integration and deployment tools. Intel® Security Libraries for Data Centers (Intel® SecL - DC) was built to aid our
customers in adopting and deploying Intel Security features, rooted in silicon, at scale.
Intel® SecL-DC is an open-source remote attestation implementation comprising a set of building blocks that utilize
Intel Security features to discover, attest, and enable critical foundation security and confidential computing
use-cases. It applies the remote attestation fundamentals and standard specifications to maintain a platform data
collection service, and an efficient verification engine to perform comprehensive trust evaluations. These trust
evaluations can be used to govern different trust and security policies applied to any given workload.
## Architecture
The below diagram depicts the high level architecture of the Intel®SecL-DC,
## Components and Repositories
| Component | Abbreviation | Github Repository URL |
|-----------|--------------|-----------------------|
| Certificate Management Service | CMS | [https://github.com/intel-secl/intel-secl/tree/master/pkg/cms](https://github.com/intel-secl/intel-secl/tree/master/pkg/cms) |
| Authentication and Authorization Service | AAS | [https://github.com/intel-secl/intel-secl/tree/master/pkg/authservice](https://github.com/intel-secl/intel-secl/tree/master/pkg/authservice) |
| Workload Policy Management | WPM | [https://github.com/intel-secl/intel-secl/tree/master/pkg/wpm](https://github.com/intel-secl/intel-secl/tree/master/pkg/wpm) |
| Key Broker Service | KBS | [https://github.com/intel-secl/intel-secl/tree/master/pkg/kbs](https://github.com/intel-secl/intel-secl/tree/master/pkg/kbs) |
| Trust Agent | TA | [https://github.com/intel-secl/go-trustagent](https://github.com/intel-secl/go-trustagent) |
| Application Agent | AA | [https://github.com/intel-secl/go-trustagent/tree/master/tboot-xm](https://github.com/intel-secl/go-trustagent/tree/master/tboot-xm) |
| Workload Agent | WLA | [https://github.com/intel-secl/workload-agent](https://github.com/intel-secl/workload-agent) |
| Host Verification Service | HVS | [https://github.com/intel-secl/intel-secl/tree/master/pkg/hvs](https://github.com/intel-secl/intel-secl/tree/master/pkg/hvs) |
| Integration Hub | iHUB | [https://github.com/intel-secl/intel-secl/tree/master/pkg/ihub](https://github.com/intel-secl/intel-secl/tree/master/pkg/ihub) |
| Workload Service | WLS | [https://github.com/intel-secl/intel-secl/tree/master/pkg/wls](https://github.com/intel-secl/intel-secl/tree/master/pkg/wls) |
| ISecl K8s Extensions | -- | [https://github.com/intel-secl/tree/master/pkg/isecl-k8s-extensions](https://github.com/intel-secl/tree/master/pkg/isecl-k8s-extensions) |
| SGX Caching Service | SCS | [https://github.com/intel-secl/sgx-caching-service](https://github.com/intel-secl/sgx-caching-service) |
| SGX Quote Verification Service | SQVS | [https://github.com/intel-secl/sgx-verification-service](https://github.com/intel-secl/sgx-verification-service) |
| SGX Host Verification Service | SHVS | [https://github.com/intel-secl/sgx-hvs](https://github.com/intel-secl/sgx-hvs) |
| SGX Agent | AGENT | [https://github.com/intel-secl/sgx_agent](https://github.com/intel-secl/sgx_agent) |
| SKC Client/Library | SKC Library | [https://github.com/intel-secl/skc_library](https://github.com/intel-secl/skc_library) |
## Getting Started
### Build Instructions
Intel® SecL-DC is provided as reference code and is also extensible to include any future security use cases and
technologies. To build components necessary to try out different use cases, please follow instructions here,
[https://github.com/intel-secl/build-manifest/](https://github.com/intel-secl/build-manifest/)
It makes use of repo tool which simplifies efforts to clone and build multiple repos. To build latest **v5.1.0** version
of Intel® SecL-DC with a single instruction:
```shell
# repo init -U -b -m
example:
# repo init -u https://github.com/intel-secl/build-manifest.git -b refs/tags/v5.1.0 -m manifest/fs.xml
```
### Product Guide
For more details on the product, installation and deployment strategies, please go through following, (Refer to latest and use case wise guide)
[https://intel-secl.github.io/docs](https://intel-secl.github.io/docs)
### Issues
Feel free to raise build, deploy or even runtime issues here,
[https://github.com/intel-secl/intel-secl/issues](https://github.com/intel-secl/intel-secl/issues)
***NOTE:** Instructions specific to [build](./Monorepo-Readme.md) components only in monorepo*