Li Lei 2a98391d7b Graphene-SGX Secure Container: Seamless Integration of Docker Container and Graphene-SGX (#177) 5 years ago
..
README 2a98391d7b Graphene-SGX Secure Container: Seamless Integration of Docker Container and Graphene-SGX (#177) 5 years ago
gen_manifest 2a98391d7b Graphene-SGX Secure Container: Seamless Integration of Docker Container and Graphene-SGX (#177) 5 years ago
gsce 2a98391d7b Graphene-SGX Secure Container: Seamless Integration of Docker Container and Graphene-SGX (#177) 5 years ago

README

Graphene-SGX Secure Container
--------------------------------
Graphene-SGX Secure Container (GSC) is a container system where the containerized application can be protected by Graphene-SGX while it is running in a container environment. The GSC system includes two parts: (1) a Docker container instance where the application is running inside Graphene-SGX and both of them are running inside the container instance; (2) a front-end named GSCE (GSC Engine) which takes a legacy Docker container image and automatically launches the contained application inside a GSC container instance.

Launching a GSC container instance includes following steps:

(1) Make sure there is a Docker container image of your application in the local or remote image repository.

(2) Download and Compile Graphene-SGX;

(2) Go to graphene/Tools

(3) Run a GSC container via the following command:

./gsce run [All the arguments used for launching a normal Docker container] [docker Image Name:Tag].

Let's take redis, a key-value, in-memory database as an example. Assume the user runs a normal redis from its docker image as follows.

docker run -i -t -p 6379:6379 redis:latest

To launch a GSC container running redis, simply change docker to "./gsce", i.e., the user runs the command as follows.

./gsce run -i -t -p 6379:6379 redis:latest