New Show Hacker News story: Show HN: Cape: Serverless Confidential Computing
Show HN: Cape: Serverless Confidential Computing
11 by gavinuhma | 1 comments on Hacker News.
Cape is a serverless platform for deploying functions to secure enclaves. Our mission is to give every developer a simple way to build secure apps that respect end-user privacy through encryption and confidential computing. Cape is built on AWS Nitro Enclaves, which are isolated VMs carved out by EC2's Nitro Hypervisor. They have no network, no storage, and no interactive access (such as a shell). So effectively, no one can see what the enclave is doing. The way Cape uses Nitro Enclaves is unique, as we add a number of security, scale, and ease of use features for developers. Cape has three main features: - `cape encrypt`: Encrypts data that can only be processed by your functions within Cape's secure enclave. - `cape deploy`: Deploy your encrypted functions to Cape (anything from simple scripts to machine learning pipelines). - `cape run`: Run your functions on the encrypted data, keeping your functions and the data confidential. How did we get here? Four years ago we launched a project called TF Encrypted, which is framework for running Tensorflow on encrypted data. TFE is based on secure multi-party computation. It's popular with cryptographers and machine learning engineers doing research on secure computation protocols applied to neural networks. Our work with TFE inspired us to think about developers and the tools they have to build secure apps that can protect the confidentiality of their end-user's data. I believe that developer's want to do right by their users, they often just don't have the time or the resources. Security and privacy features tend to fall off of the priority list, unfortunately. We hope Cape can help usher in a new era of secure, privacy-focused apps by making confidential computing accessible to the average developer. I'll leave it at that for now. Please reach out if you have any questions. The open beta of Cape is currently free. You can signup and run your first function within a few minutes.
11 by gavinuhma | 1 comments on Hacker News.
Cape is a serverless platform for deploying functions to secure enclaves. Our mission is to give every developer a simple way to build secure apps that respect end-user privacy through encryption and confidential computing. Cape is built on AWS Nitro Enclaves, which are isolated VMs carved out by EC2's Nitro Hypervisor. They have no network, no storage, and no interactive access (such as a shell). So effectively, no one can see what the enclave is doing. The way Cape uses Nitro Enclaves is unique, as we add a number of security, scale, and ease of use features for developers. Cape has three main features: - `cape encrypt`: Encrypts data that can only be processed by your functions within Cape's secure enclave. - `cape deploy`: Deploy your encrypted functions to Cape (anything from simple scripts to machine learning pipelines). - `cape run`: Run your functions on the encrypted data, keeping your functions and the data confidential. How did we get here? Four years ago we launched a project called TF Encrypted, which is framework for running Tensorflow on encrypted data. TFE is based on secure multi-party computation. It's popular with cryptographers and machine learning engineers doing research on secure computation protocols applied to neural networks. Our work with TFE inspired us to think about developers and the tools they have to build secure apps that can protect the confidentiality of their end-user's data. I believe that developer's want to do right by their users, they often just don't have the time or the resources. Security and privacy features tend to fall off of the priority list, unfortunately. We hope Cape can help usher in a new era of secure, privacy-focused apps by making confidential computing accessible to the average developer. I'll leave it at that for now. Please reach out if you have any questions. The open beta of Cape is currently free. You can signup and run your first function within a few minutes.
Comments
Post a Comment