Overview and Definitions

Confidential Computing Manager

Fortanix Confidential Computing Manager (CCM) provides ‘data-in-use’ protection for your container workloads. It leverages Intel® Software Guard Extensions (SGX) technology to run code and data in CPU-hardened “enclaves” or a ‘Trusted Execution Environment’ (TEE). The enclave is a trusted area of memory where critical aspects of the application functionality are protected, helping keep code and data confidential and unmodified.

Remote Attestation Service

Since enclaves are instantiated on platforms by untrusted code, before enclaves are provisioned with application confidential information, it is essential to be able to confirm that the desired enclave was correctly instantiated on a platform protected by Intel SGX. This is done by a remote attestation process. This is a one-time action for every Application Node. Before any Application Node runs, it must be enrolled in Fortanix CCM. The Application Node sends an attestation to Fortanix CCM, which verifies the attestation with the Intel® Attestation Service to confirm that the Application Node is a genuine Intel® SGX machine. Once this has been confirmed, the CCM can provision a secret with the Fortanix Quoting and Provisioning Enclave (FQPE) such that the future requests for attesting EnclaveOS applications can be satisfied by the CCM, and there is no further need to contact Intel® for future attestations. The FQPE is a service that runs on each application node. The FQPE manages a node private key and has a role in the attestation process. For more information, please refer to the SGX Attestation Process article.

Certificate Authority

The Certificate Authority issues TLS certs to EnclaveOS applications on verifying their remote attestation signed by the FQPE. The attestation step can be added either manually or automatically in an existing private CA, or using CCM to issue TLS certificates. Applications can use this TLS certificate as a server certificate (e.g., web servers, databases, etc.), or a client certificate, or both.

Application Conversion

Application conversion is to enable an application to run inside an Enclave.
CCM provides a runtime environment for applications, which implements some of the functionality traditionally provided by  OS  kernel in user space,  thus enabling the applications to run unmodified in a  secure execution environment. This secure execution environment uses encryption and hardware-enforced security isolation to make applications in this environment completely immune
to a wide range of threats originating in traditional host software including root users, network intruders, malicious insiders, code-injection, cold-boot attacks, and OS zero-day bugs. This is done by establishing a root of trust in the CPU itself and using that to encrypt all the system memory and all other sensitive IO accesses.

Approving Applications

The CCM can approve EnclaveOS applications. The enclave related properties of the application are included for the application while approving. This includes the identity or hash of the enclave (MRENCLAVE), the identity of the signer of the enclave (MRSIGNER), product identifier (ISVPRODID),
security version number (ISVSVN). When the enclave runs and presents its attestation to the CCM, all of these values are included in the attestation report, which can be used by the CCM to determine whether to accept the attestation.

Confidential Computing Manager User Interface

The Fortanix CCM Applications screen shown in Figure 1 is the main workspace which is the landing page for adding an application using the Add application form shown in Figure 2. The Add application page is used to add the details of an application that will be deployed in the cluster. These attributes will be used to create secure images of the application which will eventually get deployed on the cluster.

                                                       Figure 1: Applications Page
                                  Figure 2: Add Applications Page

Navigation Buttons

The Navigation buttons for Fortanix CCM are located on the left panel of the GUI and identify the screen functionality. The following table illustrates button functions:




Compute Nodes

Click this button to see all the Compute Nodes that are part of your cluster. You can view the SGX software version, secure application’s information, and attestation status of each of these Compute Nodes on which your Fortanix CCM components are running.



Click this button to see all the Fortanix CCM secured applications deployed on the cluster. An application is a way to let the service know which all parameters to configure for a Source Container Image to run in SGX and where to push the converted Image.



Click this button to see all the Fortanix CCM secured Docker images for the applications deployed on the cluster.


Audit Logs

Click this button to see all the important events happening across the cluster. Type of events includes user logins, node enrollments, certificate issuance, and failures.



Click this button to see all the requests that need Administrator approval. For example, node enrollment, application domain approval, image approval, and certificate issuance.



Click this button to access the SGX Converter tool to convert an application.



Click this button to see the list of users added to the Fortanix CCM. The Users page also allows you to edit the properties of a user and add new users.


Was this article helpful?
0 out of 0 found this helpful