Giters

project-oak / oak

Meaningful control of data in distributed systems.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

distributed-systemsenclavepolicy

Project Oak Logo

Build Status Docs

The goal of Project Oak is to provide infrastructure to transfer, store and process sensitive user data in a secure and transparent way.

To do so, Oak relies on running a Trusted Application in a Trusted Execution Environment (TEE). An example of a Trusted Application is Oak Functions. The Trusted Application can provide the client cryptographically attested evidence of the executable state of the TEE through Remote Attestation. Together with Transparent Release this binds the open-source source code to the remotely attested binary running inside the TEE. In order to feasibly review all the source code running inside the TEE, and minimize our trusted computing base, Oak provides the following infrastructure: stage 0, Oak Restricted Kernel and controlled communications interfaces, i.e., the Oak Comms Channel and microRPC.

Parties involved

  • Trusted Application Authors: The authors writing the Trusted Application running on Oak Infrastructure.
  • Oak Infrastructure Authors: The authors of the code in this repository; mostly this corresponds to the Project Oak team, but also any contributors, and, by extension, the authors of third party dependencies used in Oak.
  • Platform Provider: The entity in charge of maintaining and running the combined hardware and software stack surrounding the TEE, for instance a cloud provider; this includes their software, hardware, and employees.
  • TEE Manufacturer: The entity in charge of manufacturing the TEE, including hardware, software, and cryptographic keys.

Threat Model

  • untrusted:
    • most hardware (memory, disk, motherboard, network card, external devices)
    • Platform Provider
    • Host Operating System (kernel, drivers, libraries, applications)
    • Hypervisor / VMM
  • trusted-but-transparent
    • Oak Infrastructure Authors
    • Trusted Application Authors
  • trusted:
    • TEE Manufacturer

Side channels are out of scope for Project Oak at present. While we acknowledge that TEEs cannot defend against all possible attacks (and therefore we do need resistance to side channels) we leave their resolution to the respective TEE Manufacturers and other researchers.

Getting involved

We welcome contributors! To join our community, we recommend joining the mailing list and the slack.

Oak development covers practical steps for getting a development Oak system up and running.

About

Meaningful control of data in distributed systems.

distributed-systemsenclavepolicy

License:Apache License 2.0

Languages

Language:Rust 77.6%Language:C++ 8.0%Language:Starlark 5.3%Language:Java 4.7%Language:Shell 2.0%Language:Assembly 0.8%Language:Nix 0.4%Language:Python 0.3%Language:Just 0.3%Language:Dockerfile 0.2%Language:JavaScript 0.1%Language:Kotlin 0.1%Language:C 0.1%Language:Makefile 0.1%Language:Smarty 0.0%Language:HTML 0.0%