Inclavare Containers is a confidential container runtime that leverages hardware-assisted Trusted Execution Environments to securely isolate sensitive workloads in cloud-native environments.
A novel container runtime, aka confidential container, for cloud-native confidential computing and enclave runtime ecosystem.
This tool is designed for cloud tenants and developers who need to protect sensitive data and workloads from untrusted cloud service providers by running containers inside hardware-enforced enclaves. It enables secure deployment of trusted applications on any public cloud Kubernetes platform while ensuring confidentiality and integrity through enclave technology.
Inclavare Containers requires hardware with Trusted Execution Environment support such as Intel SGX. Users should ensure their cloud environment supports enclave technologies. The tool integrates closely with containerd and OCI runtime specifications, so familiarity with container runtimes and Kubernetes is beneficial. Since it is a CNCF sandbox project, it is under active development and may require monitoring for updates and best practices.