Skip to content
@cc-api

Confidential Computing API

Reduce the complexity of various cloud frameworks and TEE engines
README.md

Welcome to Confidential Computing API Group

The CC (Confidential Computing) API Group is a community to accelerate the adoption of confidential computing technology in cloud environments. It serves as a central gathering place for specs, code, documentation, and ideas.

Welcome to contribute efforts for a common goal of confidential computing technology adoption!

Goals

  1. Define unified and vendor agnostic APIs to collect evidences cross cloud architecture which can be found in the spec and evidence-api. Welcome to propose and define more APIs.

    NOTE:

    • Please get detail Confidential computing use cases for confidential virtual machine (CVM), confidential workload (CW), confidential containers (CCn), confidential cluster (CCl).
    • Confidential Container is ignored here, because it can be regarded as "Confidential VM" from the perspective of measurement and attestation. And Confidential Container is not a good and recommended deployment type for a scalable kubernetes environment due to long latency for POD startup.

  2. Provide stacked measurement frameworks to gether node level evidence and container level evidence for workloads. The evidence can be used to complete remote attestation or other verification based on the business needs.

  3. Provide easy-to-use tools and examples of building trust chain in multiple deloyment flavors of confidential computing environments.

    NOTE:

    • CVM Image Rewriter - Create and customize the confidential VM's qcow2 image including IMA policy, initrd, device permission etc.
    • CC Cloud Automation - Automation framework & tools which supporting diverse confidential cloud flavors like confidential VM/cluster/container/FaaS etc.

  4. Provide the reference design of confidential AI/GenAI loader on model/data protections.

Getting Started

Use Case 1: Node Level Measure in Confidential VM

  1. Create a confidential VM on Google or Azure:
  2. Run cc-measure tool in CVM
  3. Evaluate the node measurement log

Use Case 2: Container Level Measure in Confidential Cluster

Please refer Container Measurement Quick Start - how to prepar a CVM guest image, create a CVM and gather measurement, eventlogs for containers.

More

Please find more introduction to the repositories here.

Join the community

Community Meetings

  • Welcome to join the community meetings. The meeting calendar and agenda can be found here.

More Information

Pinned Loading

  1. community Public

    1

  2. evidence-api Public

    Unified API to Access TCG Compliant measurement, event log, quote in Confidential Computing Environment.

    Python 35 19

  3. container-integrity-measurement-agent Public

    Build Trusted Chain for Cloud Native in Confidential Computing Envrionment

    Rust 16 11

  4. cc-trusted-vmsdk Public

    VMSDK implements the Evidence API

    Python 9 9

  5. confidential-cluster Public

    Trusted Kubernetes Cluster for Confidential Computing

    Shell 1 2

  6. cvm-image-rewriter Public

    CVM image customization tool for confidential computing environment

    Shell 2 6

Repositories

Showing 10 of 20 repositories
  • container-integrity-measurement-agent Public

    Build Trusted Chain for Cloud Native in Confidential Computing Envrionment

    Rust 16 Apache-2.0 11 2 2 Updated Feb 25, 2025
  • llm-serving-demo Public

    llm serving test

    Python 0 0 0 0 Updated Feb 25, 2025
  • cvm-image-rewriter Public

    CVM image customization tool for confidential computing environment

    Shell 2 GPL-2.0 6 0 0 Updated Feb 5, 2025
  • confidential-huggingface-runner Public
    Python 0 Apache-2.0 0 0 0 Updated Feb 5, 2025
  • cc-trusted-vmsdk Public

    VMSDK implements the Evidence API

    Python 9 Apache-2.0 9 2 0 Updated Nov 25, 2024
  • evidence-api Public

    Unified API to Access TCG Compliant measurement, event log, quote in Confidential Computing Environment.

    Python 35 Apache-2.0 19 5 1 Updated Nov 6, 2024
  • .github Public

    public .github repository for cc-api

    0 0 0 0 Updated Sep 12, 2024
  • qemu Public Forked from qemu/qemu

    Official QEMU mirror. Please see https://www.qemu.org/contribute/ for how to submit changes to QEMU. Pull Requests are ignored. Please only use release tarballs from the QEMU website.

    C 0 5,921 0 0 Updated Sep 6, 2024
  • libvirt Public Forked from libvirt/libvirt

    Read-only mirror. Please submit merge requests / issues to https://gitlab.com/libvirt/libvirt

    C 0 LGPL-2.1 708 0 0 Updated Sep 6, 2024
  • linux Public Forked from torvalds/linux

    Linux kernel source tree for cc-api

    C 0 57,460 0 0 Updated Sep 6, 2024
View all repositories