The system allows user to upload their 3D models for rendering in the cloud. In order to ensure privacy, the models are transferred in a secure fashion to the rendering service using TLS and encrypted before stored on the disks running in the cloud. The rendering is then executed using Intel SGX where the job's output is also encrypted prior storing on the local disks of the node. Only the client who uploaded the model in the first place can access and download the rendered models.
Demostrates that public cloud services can be used for processing of privacy sensitive data.
The challenge is to provide full end-to-end encryption such that at no point of time the cloud provider can get access to the encrypted data nor the keys and certificate used for encryption.
The demonstration shows that end-to-end encryption and cloud security primitives such as Intel SGX can be applied to off-the-shelve software stacks such as rendering services.
Secure cloud processing was not possible due to the lack of technology such as Intel SGX as well as mechanisms such as transparent key generation and configuration to provide full end-to-end encryption.\
Trusted execution environments enable cloud providers to provide secure services that can be trusted by clients.
Application developer
Using SCONE, application developers simply use the cross compiler to transform the insecure version of a tool into a secure one.
Data scientist
Can use public cloud services without worrying about privacy issues.
Application manager
Not relevant
System administrator
Not relevant
Data owner
Has guarantees that his models will be kept confidential.
More info soon
More info soon