Proto commits in intel/confidential-computing-zoo

These 22 commits are when the Protocol Buffers files have changed:

Commit:db03241
Author:Zhu Yunge
Committer:GitHub

Add RAG(Retrieval-Augmented Generation) solution (#274) (#275) Co-authored-by: Hsy-Intel <siyuan.hui@intel.com>

The documentation is generated from this commit.

Commit:beb4e66
Author:Hsy-Intel
Committer:GitHub

Add RAG(Retrieval-Augmented Generation) solution (#274)

The documentation is generated from this commit.

Commit:75f6793
Author:0400H
Committer:GitHub

Upgrade gramine to v1.6 for VFL (Use RSA sign for RA) (#263) * Add support for tf-serving deployments on Azure Start tf-serving container in the background Fix tf-serving dockerfile to specify tensorflow-model-server version compatible with Ubuntu 18.04 glibc Change tf-serving k8s deployment to only request two cpus, to specify local docker registry, to fix file paths * Update tensorflow-serving-cluster/index.rst * Update cloudDeployment.md * Add setup_azure_vm.sh * Modify secret_prov.dockerfile to include && operator between Azure DCAP Client build steps * Modify secret_prov.dockerfile to include && operator between Azure DCAP Client build steps * Update tensorflow-serving-cluster/index.rst * Load secret from clf_server.conf This secret can be used as pf key Signed-off-by: Liang Fang <liang.a.fang@intel.com> * BigDL PPML * Refine reference * Add bigdl ppml readthedoc * Refine link * Update tensorflow-serving-cluster/index.rst * Add Recommendation System example * delete log files * Add Recommendation System example * Modify README.md * Modify container config and README * Modify README * Update dockerfile * make port and cert configurable Signed-off-by: Liang Fang <liang.a.fang@intel.com> * fix buffer overflow Signed-off-by: Liang Fang <liang.a.fang@intel.com> * use log_error to replace print Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Load secret from clf_server.conf This secret can be used as pf key Signed-off-by: Liang Fang <liang.a.fang@intel.com> * make port and cert configurable Signed-off-by: Liang Fang <liang.a.fang@intel.com> * fix buffer overflow Signed-off-by: Liang Fang <liang.a.fang@intel.com> * use log_error to replace print Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update and rename install cr_lan framework .bash to auto_install_clf.bash * Update auto_install_clf.bash * TEE dev image: upgrade base image to ubuntu:20.04 && upgrade gramine version to v1.2 Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Upgrade base image of tf-serving to ubuntu:20.04 * initial commit of phe_homo_lr Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Upgrade TF-Serving base image && Update readme * Update phe_homo_lr.md * upgrade gramine to v1.2 and ipcl to v1.1.3 Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Update support for hfl deployments on Azure Reduce recommendation system cores per container from 12 to 9 to accommodate 48 core DCsv3 Azure VM Add VM setup script for Azure * Add dependencies to setup_azure_vm.sh * Update hfl.md * Update README.md * Update hfl.md * Add psi with Intel SGX solution * solve a known issue * solve sgx lib installation issue * Modify doc * initial commit of phe_homo_lr Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Update phe_homo_lr.md * upgrade gramine to v1.2 and ipcl to v1.1.3 Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Fix kubernetes version to 1.23.9 in tensorflow-serving-cluster Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update occlum and gramine dev docker files Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update grpc-ra-tls dev docker image * Update grpc-ra-tls readme Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update tensorflow-serving-cluster/index.rst * TEE dev image: upgrade base image to ubuntu:20.04 && upgrade gramine version to v1.2 Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Upgrade base image of tf-serving to ubuntu:20.04 * Upgrade TF-Serving base image && Update readme * Fix kubernetes version to 1.23.9 in tensorflow-serving-cluster Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update occlum and gramine dev docker files Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update grpc-ra-tls dev docker image * Update grpc-ra-tls readme Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * add the diagram to readme Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Fix some known issues * Update PSI.md * Update phe_homo_lr.md * Update README.md * Fix grpc-ra-tls merge error Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Add Ubuntu 20.04 support, upgrade gramine to v1.2 and update doc * Update doc * Modify the image path * Add Ubuntu 20.04 support, upgrade gramine to v1.2 and update doc * Update doc * Modify the image path * Set CLF copyright to Apache2.0 copyright set as below: /* * * Copyright (c) 2022 Intel Corporation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * */ Signed-off-by: Liang Fang <liang.a.fang@intel.com> * modify code to fit Gramine code change Gramine changed secret_prov file path and API, we do code change to fit that. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Fix tensorflow-protobuf TypeError (by explicitly installing protobuf 3.19.2). Fix secret_prov.dockerfile so tzdata setup is non-interactive. * Update index.rst * Update index.rst Kubernetes instructions * modify code to fit Gramine code change Gramine changed secret_prov file path and API, we do code change to fit that. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update hfl.md * enable gramine in anolisos and update docs and readme * fixup! enable gramine in anolisos and update docs and readme * Add support for Ubuntu 20.04 and gramine v1.2 * Update dockerfiles in common folder * Update image * Support docker Signed-off-by: Liang Fang <liang.a.fang@intel.com> * add the script to support tencent ccp Signed-off-by: Liang Fang <liang.a.fang@intel.com> * add parameters and revise Readme * Add TF Serving integration in Anolis (#147) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolisos (#139) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolis OS Co-authored-by: Liang, Ma <liang3.ma@intel.com> * Add HFL integration in Anolis docker * Add Ubuntu 20.04 support, upgrade gramine to v1.2 and update doc * Update doc * Modify the image path * enable gramine in anolisos and update docs and readme * fixup! enable gramine in anolisos and update docs and readme * Fix bug for anolisos in hfl Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> Co-authored-by: Liang,Ma <liang3.ma@intel.com> * Fix bugs in parameter parsing Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update ehsm rats-tls sourcecode download method in the docs. Signed-off-by: pengyuabc <pengyux.ji@intel.com> * revise dockerfile and convert_docker file * add clf_server ccp template Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Enable TF Serving in CCP (#153) * Ccp 3 (#137) * Set CLF copyright to Apache2.0 copyright set as below: /* * * Copyright (c) 2022 Intel Corporation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * */ * Add ccp support for tf serving * Add ccp support for tf serving * Add replace process for ssl.cfg in tf-serving * Fix CCP script errors * Update sgx_default_qcnl.conf Signed-off-by: pengyuabc <pengyux.ji@intel.com> * Update CLF to main (#154) * Support docker Signed-off-by: Liang Fang <liang.a.fang@intel.com> * add the script to support tencent ccp Signed-off-by: Liang Fang <liang.a.fang@intel.com> * add parameters and revise Readme * Fix bugs in parameter parsing Signed-off-by: Liang Fang <liang.a.fang@intel.com> * revise dockerfile and convert_docker file Signed-off-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: hhr293 <17888821684@163.com> Co-authored-by: ubuntu <ubuntu@localhost.localdomain> * Fix bug: mrenclave checking is broken by last commit Signed-off-by: Liang Fang <liang.a.fang@intel.com> * revise convert_docker file and add readme for ccp * Update README_for_clf_server.md * Update README_for_clf_client.md * secure logistic regression inference based on HE and SGX (#151) (#159) * inital commit Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> * first commit of lr_sgx_he solution Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * infer client and infer server communicate via grpc Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * add dockerfile and build scripts Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * update dockerfile and build scripts Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Create README.md * Update README.md * update license wording in each file Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * update the license date of gflags.cmake Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * add the doc of lr_infer_he_sgx Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Co-authored-by: Xiaojun Huang <xiaojun.huang@intel.com> * Add librats (#160) * Refine rats-tls index in the doc Signed-off-by: RodgerZhu <yunge.zhu@intel.com> * cczoo: Add librats project into cczoo (#152) Signed-off-by: Liang Yang <liang3.yang@intel.com> Signed-off-by: Liang Yang <liang3.yang@intel.com> Signed-off-by: RodgerZhu <yunge.zhu@intel.com> Signed-off-by: Liang Yang <liang3.yang@intel.com> Co-authored-by: YangLiang <liang3.yang@intel.com> * Enable psi in anolisos (#135) * enable psi in anolisos * fixup! enable psi in anolisos * fixup! enable psi in anolisos * Enable PSI with Anolis (#161) * Add support for Ubuntu 20.04 and gramine v1.2 * Update dockerfiles in common folder * Update image * Enable psi in anolisos (#135) * enable psi in anolisos * fixup! enable psi in anolisos * fixup! enable psi in anolisos Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> Co-authored-by: Liang Ma <liang3.ma@intel.com> * Update README.md * Update README.md * Add script to generate certification Signed-off-by: Liang Fang <liang.a.fang@intel.com> * add commandline option to gen_cert.sh Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update lr_he readme and doc (#166) * Update README.md * Update index.md Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> * Update cloudDeployment.md * Update build_python.sh * Update build_cpp.sh * revert to last commit - graminev1.2 (#167) Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Upgrade gramine from v1.2 to v1.3.1 (#164) * Upgrade gramine from v1.2 to v1.3.1 * fixup! Upgrade gramine from v1.2 to v1.3.1 * Update Gramine v1.2 to v1.3.1 (#173) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolisos (#139) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolis OS * Ccp 3 (#137) * Set CLF copyright to Apache2.0 copyright set as below: /* * * Copyright (c) 2022 Intel Corporation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * */ Signed-off-by: Liang Fang <liang.a.fang@intel.com> * modify code to fit Gramine code change Gramine changed secret_prov file path and API, we do code change to fit that. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * modify code to fit Gramine code change Gramine changed secret_prov file path and API, we do code change to fit that. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update hfl.md * Add ccp support for tf serving * Add ccp support for tf serving * Add replace process for ssl.cfg in tf-serving * fixup! update docs and readme * Add TF Serving integration in Anolis (#147) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolisos (#139) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolis OS Co-authored-by: Liang, Ma <liang3.ma@intel.com> * Add HFL integration in Anolis docker * Add Ubuntu 20.04 support, upgrade gramine to v1.2 and update doc * Update doc * Modify the image path * enable gramine in anolisos and update docs and readme * fixup! enable gramine in anolisos and update docs and readme * Fix bug for anolisos in hfl Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> Co-authored-by: Liang,Ma <liang3.ma@intel.com> * Update ehsm rats-tls sourcecode download method in the docs. Signed-off-by: pengyuabc <pengyux.ji@intel.com> * Fix CCP script errors * Update sgx_default_qcnl.conf Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: pengyuabc <pengyux.ji@intel.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Co-authored-by: Bu Jianlin <jianlinx.bu@intel.com> Co-authored-by: Liang, Ma <liang3.ma@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> * Upgrade gramine from v1.2 to v1.3.1 in tf-serving-cluster (#171) Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: pengyuabc <pengyux.ji@intel.com> Co-authored-by: Liang, Ma <liang3.ma@intel.com> Co-authored-by: pengyuabc <109656991+pengyuabc@users.noreply.github.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: Bu Jianlin <jianlinx.bu@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> * revert to last commit - graminev1.2 (#167) Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Support lr he grpc under Azure (#174) * secure logistic regression inference based on HE and SGX (#151) * inital commit Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> * first commit of lr_sgx_he solution Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * infer client and infer server communicate via grpc Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * add dockerfile and build scripts Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * update dockerfile and build scripts Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Create README.md * Update README.md * update license wording in each file Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * update the license date of gflags.cmake Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * add the doc of lr_infer_he_sgx Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> * update readme and document (#165) * Update README.md * Update index.md Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> * Add Secure Logistic Regression Inference with HE and Intel SGX solution support for Azure deployments (#170) Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Co-authored-by: Xiaojun Huang <xiaojun.huang@intel.com> Co-authored-by: shui1 <sammy.hui@intel.com> * Support for Gramine v1.2 and update docs (#172) * Support for gramine v1.2 and update docs * update docs Co-authored-by: 0400h <git@0400h.cn> * remove cryptography from dockerfile remove cryptography to pass OSPDT Signed-off-by: Liang Fang <liang.a.fang@intel.com> * remove cryptography from dockerfile (#178) remove cryptography Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Modify HFL to start containers in detached mode for automation purposes (#177) * Sync PSI branch to main (#182) * Add support for Ubuntu 20.04 and gramine v1.2 * Update dockerfiles in common folder * enable psi in anolisos * fixup! enable psi in anolisos * Support for Gramine v1.2 and update docs (#172) * update docs Co-authored-by: 0400h <git@0400h.cn> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> Co-authored-by: Liang Ma <liang3.ma@intel.com> Co-authored-by: 0400h <git@0400h.cn> * Modify documentation to move solution ingredients from the prerequisite section into their own list (a clarification based on user feedback) (#183) * Add penetration testing * Update README.md * Sync dev/pentests to main (#187) * Add two-stage demos for Pentests (#186) * Add two-stage key_generator demo for Pentests Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Fix memory_attack doc path Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Fix hyperlinks for Pentests doc Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update README.md * Update Overview.md Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> Co-authored-by: 0400H <jianlinx.bu@intel.com> * Added some miss components (#188) * Fix app version (#191) * Revert "Fix app version (#191)" (#192) This reverts commit 9889b347ffe516a0a04e0974e81a40d1774a9ba9. * Work around python extract tarfile error in encrypted file system (#195) * Change gramine build type to release to workaround python extract tarfile error in encrypted file system * Fix anolisos image build error && Add usage help for gramine-sgx-dev * Submit HTTPA solution (#198) * First commit for httpa * update index.rst for httpa * Update for adding PoC texts * add tootip for clf_server and clf_client (#158) * Sync branch-dev/cross_lang_framework to main Signed-off-by: <RodgerZhu> * Update README.md * fix typo in readme - fix typo - move ca_cert from trust file to allowed file, so that ca_cert can be mapped in in container environment. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update VFL and tf-serving documentation (#200) * Fixed app version (#194) * Add Private Set Intersection support for Azure deployments (#185) * Add Private Set Intersection support for Azure deployments * Revert PSI changes to start_container.sh that started containers detached * Sync branch0.1/tf serving cluster to main (#202) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolisos (#139) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolis OS * Ccp 3 (#137) * Set CLF copyright to Apache2.0 copyright set as below: /* * * Copyright (c) 2022 Intel Corporation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * */ Signed-off-by: Liang Fang <liang.a.fang@intel.com> * modify code to fit Gramine code change Gramine changed secret_prov file path and API, we do code change to fit that. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * modify code to fit Gramine code change Gramine changed secret_prov file path and API, we do code change to fit that. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update hfl.md * Add ccp support for tf serving * Add ccp support for tf serving * Add replace process for ssl.cfg in tf-serving * fixup! update docs and readme * Add TF Serving integration in Anolis (#147) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolisos (#139) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolis OS Co-authored-by: Liang, Ma <liang3.ma@intel.com> * Add HFL integration in Anolis docker * Add Ubuntu 20.04 support, upgrade gramine to v1.2 and update doc * Update doc * Modify the image path * enable gramine in anolisos and update docs and readme * fixup! enable gramine in anolisos and update docs and readme * Fix bug for anolisos in hfl Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> Co-authored-by: Liang,Ma <liang3.ma@intel.com> * Update ehsm rats-tls sourcecode download method in the docs. Signed-off-by: pengyuabc <pengyux.ji@intel.com> * Fix CCP script errors * Update sgx_default_qcnl.conf Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: pengyuabc <pengyux.ji@intel.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Co-authored-by: Bu Jianlin <jianlinx.bu@intel.com> Co-authored-by: Liang, Ma <liang3.ma@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> * Upgrade gramine from v1.2 to v1.3.1 in tf-serving-cluster (#171) * Modify tensorflow_model_server install method (#176) --------- Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: pengyuabc <pengyux.ji@intel.com> Co-authored-by: Liang, Ma <liang3.ma@intel.com> Co-authored-by: pengyuabc <109656991+pengyuabc@users.noreply.github.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: Bu Jianlin <jianlinx.bu@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> * Update ccp-tf-serving documentation (#201) * update document * Update README.md * Update README.md * Update README.md * Update README.md --------- Co-authored-by: root <RodgerZhu> * Sync branch dev/machine binding root key backup to main (#206) * add backup schema of machine binding Rootkey * rename folder name to machine_binding_key_backup Signed-off-by: Liang Fang <liang.a.fang@intel.com> * revise README to correct solution name Signed-off-by: Liang Fang <liang.a.fang@intel.com> --------- Signed-off-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: JinkaiYang <jinkai.yang@intel.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> * Update encryption tool & key * Update tensorflow_model_server.toml * Update cert * Update tf_serving.dockerfile * Update tf_serving.dockerfile * Add files via upload * Update tensorflow_model_server.toml * Update tf_serving.dockerfile Remove libsecret_prov_attest.so since it will be found in system path. * Update tensorflow_model_server.toml * Update README.md * Update cloudDeployment.md * Archiving Notice * Update README.md * Add solution tdx-encrypted-vfs and tdx-tf-serving-ppml (#210) * Add solution tdx-encrypted-vfs * Add solution tdx-tf-serving-ppml * Add tdx-hfl solution (#209) (#211) * Add tdx-hfl solution * update copyright Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> * Update tdx-hfl.md * Update README.md * Update requirements.txt * Upgrade tensorflow version (#214) * Bump tensorflow (#213) Bumps [tensorflow](https://github.com/tensorflow/tensorflow) from 2.6.2 to 2.11.1. - [Release notes](https://github.com/tensorflow/tensorflow/releases) - [Changelog](https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md) - [Commits](https://github.com/tensorflow/tensorflow/compare/v2.6.2...v2.11.1) --- updated-dependencies: - dependency-name: tensorflow dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update requirements.txt * Update requirements.txt * Update requirements.txt * Bump pillow from 9.2.0 to 9.3.0 in /documents/readthedoc (#215) Bumps [pillow](https://github.com/python-pillow/Pillow) from 9.2.0 to 9.3.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](https://github.com/python-pillow/Pillow/compare/9.2.0...9.3.0) --- updated-dependencies: - dependency-name: pillow dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fix horizontal_fl/start_container.sh script (#212) Signed-off-by: Kun Lai <me@imlk.top> * Add TF Serving Cluster PPML support for Azure AKS and MAA (#217) * Add TF Serving Cluster PPML support for Azure AKS and MAA * Modify secret provider to check mr_enclave/mr_signer measurements of tf_serving service * Add miscellaneous enhancements - Encrypt ssl.cfg, the private TLS key used by tf-serving container - Update documentation - Add convenience scripts - Change tf-serving imagePullPolicy to Always * Update index.rst * Update index.rst * Update dependencies in requirements.txt * Update manifest.template for anolisos --------- Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> * Add TDX Linux Stack Signed-off-by: yunge.zhu@intel.com <yunge.zhu@intel.com> * Update index.rst * Improve TF Serving PPML (SGX) workflow using Docker Hub container downloads (#220) * Update index.rst * Modify tf-serving client to mount certs at runtime instead of building certs into the container image * Add tf-serving client container build script * Modify secret_prov_server to mount ra_config.json (with SGX measurements) at runtime * Modify tf-serving build scripts to build containers with repo:tag that match repo:tag from intelcczoo Docker Hub * Fix typo in entrypoint_secret_prov_server.sh * Modify k8s install script to install the latest available version of k8s * Update to latest version of flannel k8s deployment yaml * Update deploy.yaml to match updated documentation * Fix TF serving client build issue for anolisos * Update TF Serving (SGX) documentation (#223) * Update index.rst * Updated the script to start the container (#224) * update clf * update clf * Update index.md * Update cczoo_ppml_inference_azure.md (#227) * Add Solution - Attested boot with encrypted tdvm OS image (#229) Signed-off-by: RodgerZhu <yunge.zhu@intel.com> * Update the code of clf (#234) * Add HFL with CoCo (#235) * Update for TDX (#231) * Add Bazel compiling system and TDX support for gRPC-RA-TLS * Add TDX docker support for tdx-encrypted-vfs * Add hfl-tdx-coco solution Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Remove some useless files && update tdx-dev docker * Update evfs commit --------- Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Remove some useless files and fix evfs commit (#233) --------- Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> Co-authored-by: 0400H <jianlinx.bu@intel.com> * Update index.rst * Create tdxcoco.md * Update TDX coco images * Update index.rst * Update tdxcoco.md * Add TD Encrypted Image (#236) * Add Solution - Attested boot with encrypted tdvm OS image Signed-off-by: RodgerZhu <yunge.zhu@intel.com> * Update TD encrypted image --------- Signed-off-by: RodgerZhu <yunge.zhu@intel.com> * Update index.rst * Updates to tf-serving/hfl (SGX) dockerfiles (#238) * Update tf-serving (SGX) dockerfiles * Update hfl (SGX) dockerfiles * Update hfl.md * Updates to patches/secret_prov_pf files * Add Security.md * Update tf-serving (SGX) dockerfiles (#239) * Update tf-serving/hfl (SGX) documentation (#240) * Update TF Serving (SGX) documentation (#241) * Add tdx_report_parser tool (#243) * Add tdx_report_parser tool Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update README.md --------- Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Add Third party programs * Remove vault token strings (#245) * Add tdx_report_parser tool Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update README.md * Remove vault token strings --------- Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Fix missing package required to use TF Serving with Azure AKS confcom add-on (#246) * docs: Remove --kubernetes-version in kubeadm init Removes the `--kubernetes-version` argument in the kubeadm init command during control plane / master node creation in step 3.1 to resolve fatal preflight error caused by kubelet version skew. Evidently, the use of this argument may have been left over from a time where specifying the version was necessary to correspond to a specific version used in the install_kubernetes.sh script which now installs the latest version. * Update README.md * Update hook-add-executables * Add grpc RA-TLS backend support for Azure TDX and Azure SGX (#252) * Add grpc RA-TLS backend support for Azure TDX and Azure SGX * Update index.md * Remove cczoo/grpc-ra-tls/grpc/grpc_ratls.patch and add to .gitignore * Enable support for Microsoft Azure Attestation * Update index.md * Update requirements.txt * Add HFL support for Azure TDX (#253) * Add HFL support for Azure TDX * Update tdx-hfl.md * Enable support for Microsoft Azure Attestation * Update tdx-hfl.md * Update .readthedocs.yaml * Update .readthedocs.yaml * docs: Fix typos and styling (#254) Fixes typos and grammar. Standardizes paragraph padding, punctuation usage, code formatting, and multi-line code language for syntax highlighting. Formats references to other files as links. * docs: Fix grammar and styling (#256) Fixes grammar, typos and rewords some sections for readability. Standardizes paragraph padding, punctuation usage, code formatting, and multi-line code language for syntax highlighting. * docs: Fix file seperators and add clarifying details (#257) Fixes backslashes to forward slashes per unix convention for file path seperation and adds clarification that "parameter server" corresponds to `ps0`. * Add grpc RA-TLS backend support for Google Cloud TDX (#258) * Core changes for enabling grpc-ra-tls WL on GC Signed-off-by: Gopa Das <gopa.das@intel.com> * Updated sgx_ra_tls_tdx.cc for GCP TDX * Updated index.md for Google Cloud * Fix items from code review --------- Signed-off-by: Gopa Das <gopa.das@intel.com> Co-authored-by: Hui, Sammy <sammy.hui@intel.com> * Add HFL support for Google Cloud TDX (#259) * Add HFL support for Google Cloud TDX * Update tdx-hfl.md * Update RA-TLS gRPC TDX and HFL TDX (for Azure and Google Cloud) (#260) * Modify RA-TLS gRPC TDX (for Azure and Google Cloud): Quote generation to bind TLS public key hash to TDX quote. Quote verification to verify attester's TLS public key hash from attestation token. * Update index.md * Update tdx-hfl.md * Update HFL TDX (for Azure and Google Cloud) to use latest RA-TLS gRPC. * Update tdxstack.md * Upgrade gramine to v1.6 for VFL (Use RSA sign for RA) --------- Signed-off-by: RodgerZhu <yunge.zhu@intel.com> Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Signed-off-by: Zhu Yunge <yunge.zhu@intel.com> Signed-off-by: pengyuabc <pengyux.ji@intel.com> Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> Signed-off-by: Liang Yang <liang3.yang@intel.com> Signed-off-by: <RodgerZhu> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Kun Lai <me@imlk.top> Signed-off-by: yunge.zhu@intel.com <yunge.zhu@intel.com> Signed-off-by: Gopa Das <gopa.das@intel.com> Co-authored-by: Hui, Sammy <sammy.hui@intel.com> Co-authored-by: RodgerZhu <yunge.zhu@intel.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: Qiyuan Gong <qiyuan.gong@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> Co-authored-by: root <root@icx004-S2600WC.sh.intel.com> Co-authored-by: hhr293 <17888821684@163.com> Co-authored-by: root <root@ocsbesrhlrepo01.amr.corp.intel.com> Co-authored-by: Huang, Xiaojun <xiaojun.huang@intel.com> Co-authored-by: Liang,Ma <liang3.ma@intel.com> Co-authored-by: pengyuabc <109656991+pengyuabc@users.noreply.github.com> Co-authored-by: pengyuabc <pengyux.ji@intel.com> Co-authored-by: ubuntu <ubuntu@localhost.localdomain> Co-authored-by: YangLiang <liang3.yang@intel.com> Co-authored-by: 0400h <git@0400h.cn> Co-authored-by: Hans Wang <hanboa@users.noreply.github.com> Co-authored-by: root <RodgerZhu> Co-authored-by: JinkaiYang <jinkai.yang@intel.com> Co-authored-by: Stewart Blacklock <stewart.f.blacklock@intel.com> Co-authored-by: Robert Dower <robert.dower@intel.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: imlk <me@imlk.top> Co-authored-by: Elliot Jones <elliotx.jones@intel.com> Co-authored-by: gopadas <74206306+gopadas@users.noreply.github.com>

Commit:6630d36
Author:Zhu Yunge
Committer:GitHub

Add HFL with CoCo (#235) * Update for TDX (#231) * Add Bazel compiling system and TDX support for gRPC-RA-TLS * Add TDX docker support for tdx-encrypted-vfs * Add hfl-tdx-coco solution Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Remove some useless files && update tdx-dev docker * Update evfs commit --------- Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Remove some useless files and fix evfs commit (#233) --------- Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> Co-authored-by: 0400H <jianlinx.bu@intel.com>

Commit:d8bd963
Author:Zhu Yunge
Committer:GitHub

secure logistic regression inference based on HE and SGX (#151) (#159) * inital commit Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> * first commit of lr_sgx_he solution Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * infer client and infer server communicate via grpc Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * add dockerfile and build scripts Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * update dockerfile and build scripts Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Create README.md * Update README.md * update license wording in each file Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * update the license date of gflags.cmake Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * add the doc of lr_infer_he_sgx Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Co-authored-by: Xiaojun Huang <xiaojun.huang@intel.com>

Commit:ee01566
Author:Xiaojun Huang
Committer:GitHub

secure logistic regression inference based on HE and SGX (#151) * inital commit Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> * first commit of lr_sgx_he solution Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * infer client and infer server communicate via grpc Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * add dockerfile and build scripts Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * update dockerfile and build scripts Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Create README.md * Update README.md * update license wording in each file Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * update the license date of gflags.cmake Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * add the doc of lr_infer_he_sgx Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Co-authored-by: Zhu Yunge <yunge.zhu@intel.com>

Commit:fc4e2b7
Author:Zhu Yunge

Merge branch 'branch-dev/psi' into main Signed-off-by: Zhu Yunge <yunge.zhu@intel.com>

Commit:00ffd41
Author:Bu Jianlin
Committer:Zhu Yunge

TEE dev image: upgrade base image to ubuntu:20.04 && upgrade gramine version to v1.2 Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com>

Commit:21b6e2a
Author:Huang, Xiaojun
Committer:Zhu Yunge

initial commit of phe_homo_lr Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com>

Commit:c8fa51d
Author:root
Committer:Zhu Yunge

Add psi with Intel SGX solution

Commit:4edfb3b
Author:Huang, Xiaojun

initial commit of phe_homo_lr Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com>

Commit:9d5445c
Author:Bu Jianlin

TEE dev image: upgrade base image to ubuntu:20.04 && upgrade gramine version to v1.2 Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com>

Commit:0725b41
Author:RodgerZhu

Merge branch 'branch-dev/asps' into main

Commit:3925e96
Author:Zhu Yunge
Committer:GitHub

Merge branch 'main' into branch-dev/asps

Commit:b120787
Author:Bu Jianlin
Committer:Zhu Yunge

Fix attestation example of grpc-ra-tls Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com>

Commit:cb6a081
Author:Bu Jianlin
Committer:Zhu Yunge

Add Occlum backend support for gRPC-RA-TLS

Commit:2e26eee
Author:Bu Jianlin
Committer:Zhu Yunge

Fix attestation example of grpc-ra-tls Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com>

Commit:d8f4067
Author:Bu Jianlin

Add Occlum backend support for gRPC-RA-TLS

Commit:3a7d2ee
Author:Huang, Xiaojun
Committer:Huang, Xiaojun

add asps solution Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com>

Commit:c99ac10
Author:Huang, Xiaojun

add asps solution Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com>

Commit:7cbf374
Author:Bu Jianlin
Committer:RodgerZhu

Add solution grpc-ra-tls

Commit:f8d34dc
Author:Bu Jianlin
Committer:RodgerZhu

Add solution grpc-ra-tls