incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mingshen Sun <mingshen....@gmail.com>
Subject Re: [DISCUSS] Incubation Proposal of MesaTEE
Date Sat, 03 Aug 2019 22:22:16 GMT
Yes, this project can be used for securing general computations.
You can simply use the `mesatee_core` library to write an SGX encalve.
In addition, MesaTEE provides others features like function as a service.
That’s why we call it a universal securing computing framework.

Best,
Mingshen Sun

On 2019/08/03 15:27:41, Matt Sicker <b...@gmail.com> wrote: 
> Would this project be useful in securing general computations? You mention> 
> big data and AI a lot, though I’m wondering if this is also usable for> 
> things like, say, general multi tenant applications?> 
> 
> On Sat, Aug 3, 2019 at 03:27, Mingshen Sun <ms...@cse.cuhk.edu.hk> wrote:> 
> 
> > Hi,> 
> >> 
> > This is Mingshen Sun from Baidu X-Lab. Recently, we have open-sourced> 
> > a universal secure computing framework called MesaTEE (> 
> > https://mesatee.org/).> 
> > The MesaTEE project enables general computing service for> 
> > security-critical scenarios,> 
> > which attracts many attentions from academia and industry.> 
> >> 
> > To better build up the whole ecosystem, we decide to donate the MesaTEE> 
> > project to> 
> > Apache Foundation. Therefore, we’d like to propose our project to go> 
> > through> 
> > the incubation process.> 
> >> 
> > Attached is our incubation proposal for open discussion. Thank you so much.>

> >> 
> > Best,> 
> > Mingshen Sun> 
> > Baidu X-Lab> 
> >> 
> >> 
> > Here is the proposal details:> 
> >> 
> > ======> 
> >> 
> > MesaTEE Apache Incubation Proposal> 
> >> 
> > = Abstract => 
> >> 
> > MesaTEE is a framework for universal secure computing.> 
> >> 
> > = Proposal => 
> >> 
> > MesaTEE is the next-gen solution to enable general computing service for> 
> > security-critical scenarios. It will allow even the most sensitive data to> 
> > be> 
> > securely processed to enable offshore businesses without leakage.> 
> >> 
> > The solution combines the advanced Hybrid Memory Safety (HMS) model and the>

> > power of the Trusted Computing technologies (e.g., TPM) as well as the> 
> > Confidential Computing technologies (e.g., Intel SGX).> 
> >> 
> >   * Code base:> 
> >     * https://github.com/mesalock-linux/mesatee> 
> >     * https://github.com/baidu/rust-sgx-sdk> 
> >   * Website: https://mesatee.org> 
> >   * Documentation: https://mesatee.org/doc/mesatee_sdk/> 
> >> 
> > = Background => 
> >> 
> > The emerging technologies of big data analytics, machine learning,> 
> > cloud/edge> 
> > computing, and blockchain are significantly boosting our productivity, but> 
> > at> 
> > the same time they are bringing new confidentiality and integrity> 
> > concerns. On> 
> > public cloud and blockchain, sensitive data like health and financial> 
> > records> 
> > may be consumed at runtime by untrusted computing processes running on> 
> > compromised platforms; during in-house data exchange, confidential> 
> > information> 
> > may cross different clearance boundaries and possibly fall into the wrong> 
> > hands;> 
> > also not to mention the privacy issue arises in offshore data supply> 
> > chains.> 
> >> 
> > Although the consequences of data breaching have been extensively> 
> > elaborated, we> 
> > should also note that proprietary computing algorithms themselves, such as> 
> > AI> 
> > models, also need to be well protected. Once leaked, attackers can steal> 
> > the> 
> > intellectual properties, or launch whitebox attacks and easily exploit the> 
> > weaknesses of the models.> 
> >> 
> > Facing all these risky scenarios, we are in desperate need of a trusted and>

> > secure mechanism, enabling us to protect both private data and proprietary> 
> > computing models during a migratable execution in potentially unsafe> 
> > environments, yet preserving functionalities, performance, compatibility,> 
> > and> 
> > flexibility. MesaTEE is targeting to be, as we call it, the full "Universal>

> > Secure Computing" stack, so it can help users resolve these runtime> 
> > security> 
> > risks.> 
> >> 
> > MesaTEE aims to promote the development of universal secure computing> 
> > ecosystem> 
> > through open source and openness, to provide basic support for trust> 
> > protection> 
> > for the productivity revolution brought by big data and AI, to completely> 
> > solve> 
> > the data exchange or multi-party computing between departments/companies,> 
> > to> 
> > enable privacy-crucial services such as financial and medical care using> 
> > blockchain/cloud services, and to convoy businesses that are closely> 
> > related to> 
> > life and safety such as autonomous driving. MesaTEE has been working> 
> > closely> 
> > with mainstream cloud computing/blockchain/chip vendors and> 
> > universities/research institutions to promote hardware TEE, software memory>

> > safety, and versatile computing services to create an internationally> 
> > protected> 
> > and flexible secure computing framework. MesaTEE’s open-source release will>

> > greatly accelerate the development of the next generation of big data> 
> > business> 
> > applications, and it is also of great importance to promoting AI ​​in all>

> > business> 
> > areas.> 
> >> 
> > = Rationale => 
> >> 
> > MesaTEE stack redefines future AI and big data analytics by providing a> 
> > trusted> 
> > and secure offshore computing environment. The confidentiality and privacy> 
> > of> 
> > data and models can be well protected with MesaTEE, even if data and model> 
> > originate from different parties with no mutual trust. Moreover, the> 
> > computing> 
> > platform itself is not necessarily trusted either. The Trusted Computing> 
> > Base> 
> > (TCB) can thus be largely reduced to MesaTEE framework alone. A detailed> 
> > description of target use-cases can be found at> 
> > https://github.com/mesalock-linux/mesatee/blob/master/docs/case_study.md.> 
> >> 
> > We believe that Apache way of open source community empowers MesaTEE to> 
> > attract> 
> > a diverse set of contributors who can bring new ideas into the project.> 
> >> 
> > = Initial Goals => 
> >> 
> >   * Move the existing codebase, website, documentation, and mailing lists> 
> > to an> 
> >     Apache-hosted infrastructure.> 
> >   * Integrate with the Apache development process.> 
> >   * Ensure all dependencies are compliant with Apache License version 2.0.> 
> >   * Incrementally develop and release per Apache guidelines.> 
> >> 
> > = Current Status => 
> >> 
> > The MesaTEE project (and its sub-project Rust SGX SDK) has been designed> 
> > and> 
> > developed at Baidu since 2017, and was open sourced under the Apache> 
> > License,> 
> > Version 2.0 in 2019. The source code is currently hosted at github.com> 
> > (https://github.com/mesalock-linux/mesatee and> 
> > https://github.com/baidu/rust-sgx-sdk), which will seed the Apache git> 
> > repository.> 
> >> 
> > == Meritocracy ==> 
> >> 
> > We are fully committed to open, transparent, and meritocratic interactions> 
> > with> 
> > our community. In fact, one of the primary motivations for us to enter the> 
> > incubation process is to be able to rely on Apache best practices that can> 
> > ensure meritocracy. This will eventually help incorporate the best ideas> 
> > back> 
> > into the project and enable contributors to continue investing their time> 
> > in the> 
> > project. We already have some guidelines to help external contributors:> 
> >> 
> >   *> 
> > https://github.com/mesalock-linux/mesatee/blob/master/docs/rust_guideline.md>

> >   *> 
> > https://github.com/mesalock-linux/mesatee/blob/master/docs/how_to_add_your_function.md>

> >   *> 
> > https://github.com/mesalock-linux/mesatee/blob/master/CODE_OF_CONDUCT.md> 
> >> 
> > == Community ==> 
> >> 
> > The MesaTEE community is fairly young. Since our sub-project (Rust SGX> 
> > SDK) was> 
> > open sourced in 2017, we received many contributions from various> 
> > companies and> 
> > individual researchers (https://github.com/baidu/rust-sgx-sdk/pulls). Our> 
> > primary goal during the incubation would be to grow the community and> 
> > groom our> 
> > existing active contributors for committers.> 
> >> 
> > == Core Developers ==> 
> >> 
> > Current core developers work at Baidu. We are confident that incubation> 
> > will> 
> > help us grow a diverse community in an open and collaborative way.> 
> >> 
> > == Alignment ==> 
> >> 
> > MesaTEE is designed as a framework for universal secure computing. This is> 
> > complementary to the Apache's projects, providing a trusted and secure> 
> > computing> 
> > framework.> 
> >> 
> > Our sincere hope is that being a part of the Apache foundation would> 
> > enable us> 
> > to drive the future of the project in alignment with the other Apache> 
> > projects> 
> > for the benefit of thousands of organizations that already leverage these> 
> > projects.> 
> >> 
> > = Known Risks => 
> >> 
> > == Orphaned Products ==> 
> >> 
> > The risk of abandonment of MesaTEE is low. MesaTEE has been incubated at> 
> > Baidu> 
> > for over two years. Baidu is committed to the further development of the> 
> > project> 
> > and will keep investing resources towards the Apache processes and> 
> > community> 
> > building, during the incubation period.> 
> >> 
> > == Inexperience with Open Source ==> 
> >> 
> > Even though the initial committers are new to the Apache world, some have> 
> > considerable open source experience - Yu Ding, Yiming Jing, Mingshen Sun.> 
> > We> 
> > have been successfully managing the current open source community,> 
> > answering> 
> > questions, and taking feedback already. Moreover, we hope to obtain> 
> > guidance and> 
> > mentorship from current ASF members to help us succeed in the incubation.> 
> >> 
> > == Length of Incubation ==> 
> >> 
> > We expect the project to be in incubation for 2 years or less.> 
> >> 
> > == Homogenous Developers ==> 
> >> 
> > Currently, the lead developers for MesaTEE are from Baidu. However, we> 
> > have an> 
> > active set of early contributors/collaborators from Alibaba and other> 
> > companies,> 
> > which we hope will increase the diversity going forward. Once again, a> 
> > primary> 
> > motivation for the incubation is to facilitate this in the Apache way.> 
> >> 
> > == Reliance on Salaried Developers ==> 
> >> 
> > Both the current committers and early contributors have several years of> 
> > core> 
> > expertise around designing trusted computing systems. Current committers> 
> > are> 
> > very passionate about the project and have already invested hundreds of> 
> > hours> 
> > towards helping and building the community. Thus, even with employer> 
> > changes, we> 
> > expect they will be able to actively engage in the project either because> 
> > they> 
> > will be working in similar areas even with newer employers or out of> 
> > belief in> 
> > the project.> 
> >> 
> > == Relationships with Other Apache Products ==> 
> >> 
> > To the best of our knowledge, there are no directly competing projects with>

> > MesaTEE that offer all of the feature set - memory safety, secure> 
> > computing,> 
> > multi-party computation, etc. However, some projects share similar goals,> 
> > e.g.,> 
> > OpenWhisk which provides a serverless cloud platform. We are committed to> 
> > open> 
> > collaboration with such Apache projects and incorporating changes to> 
> > MesaTEE or> 
> > contributing patches to other projects, with the goal of making it easier> 
> > for> 
> > the community at large, to adopt these open source technologies.> 
> >> 
> > == Excessive Fascination with the Apache Brand ==> 
> >> 
> > The Apache Brand is very respected. We are very honored to have the> 
> > opportunity> 
> > to join ASF, with the understanding that its brand policies shall be> 
> > respected.> 
> > And we hope Apache can help us build the ecosystem around MesaTEE and> 
> > attract> 
> > more developers.> 
> >> 
> > = Documentation => 
> >> 
> >   * Detailed documentation: https://github.com/mesalock-linux/mesatee> 
> >   * MesaTEE SDK API documentation: https://mesatee.org/doc/mesatee_sdk/> 
> >> 
> > = Initial Source => 
> >> 
> > The codebase is currently hosted on Github:> 
> >> 
> >   * https://github.com/mesalock-linux/mesatee> 
> >   * https://github.com/baidu/rust-sgx-sdk> 
> >> 
> > During incubation, the codebase will be migrated to an Apache> 
> > infrastructure.> 
> > The source code of MesaTEE is under Apache version 2.0 License, while Rust> 
> > SGX> 
> > SDK is under BSD 3-Clauses License.> 
> >> 
> > = Source and Intellectual Property Submission Plan => 
> >> 
> > We will work with the committers to get ICLAs signed. We will provide a> 
> > Software> 
> > Grant Agreement from an authorized signer per> 
> > https://www.apache.org/licenses/software-grant-template.pdf> 
> >> 
> > = External Dependencies => 
> >> 
> > MesaTEE directly depends on these third-party Rust crates:> 
> >> 
> >   * adler32, 1.0.3, BSD-3-Clause> 
> >   * aho-corasick, 0.7.4, Unlicense/MIT> 
> >   * array_tool, 1.0.3, MIT> 
> >   * assert_matches, 1.3.0, MIT/Apache-2.0> 
> >   * autocfg, 0.1.4, Apache-2.0/MIT> 
> >   * base64, 0.10.1, MIT/Apache-2.0> 
> >   * bincode, 1.1.4, MIT> 
> >   * bit-vec, 0.6.1, MIT/Apache-2.0> 
> >   * bitflags, 1.1.0, MIT/Apache-2.0> 
> >   * byteorder, 1.3.2, MIT/Unlicense> 
> >   * bytes, 0.5.0, MIT> 
> >   * cc, 1.0.37, MIT/Apache-2.0> 
> >   * cfg-if, 0.1.9, MIT/Apache-2.0> 
> >   * chrono, 0.4.7, MIT/Apache-2.0> 
> >   * color_quant, 1.0.1, MIT> 
> >   * crc32fast, 1.2.0, MIT> 
> >   * ctor, 0.1.9, Apache-2.0> 
> >   * deflate, 0.7.20, MIT/Apache-2.0> 
> >   * either, 1.5.2, MIT/Apache-2.0> 
> >   * env_logger, 0.6.2, MIT/Apache-2.0> 
> >   * erased-serde, 0.3.9, MIT> 
> >   * fnv, 1.0.6, Apache-2.0> 
> >   * getrandom, 0.1.6, MIT> 
> >   * ghost, 0.1.0, MIT/Apache-2.0> 
> >   * gif, 0.10.2, MIT/Apache-2.0> 
> >   * gzip-header, 0.3.0, MIT/Apache-2.0> 
> >   * half, 1.3.0, MIT/Apache-2.0> 
> >   * hashbrown, 0.3.1, Apache-2.0/MIT> 
> >   * heapsize, 0.4.2, MIT/Apache-2.0> 
> >   * hex, 0.3.2, MIT> 
> >   * http, 0.1.17, MIT/Apache-2.0> 
> >   * httparse, 1.3.4, MIT/Apache-2.0> 
> >   * humantime, 1.2.0, MIT/Apache-2.0> 
> >   * image, 0.21.0, MIT> 
> >   * inflate, 0.4.5, MIT> 
> >   * inventory, 0.1.3, MIT> 
> >   * inventory-impl, 0.1.3, MIT> 
> >   * iovec, 0.2.0, MIT/Apache-2.0> 
> >   * itertools, 0.8.0, MIT/Apache-2.0> 
> >   * itoa, 0.4.4, MIT> 
> >   * jpeg-decoder, 0.1.15, MIT> 
> >   * lazy_static, 1.3.0, MIT/Apache-2.0> 
> >   * libc, 0.2.59, MIT> 
> >   * linked-hash-map, 0.5.2, MIT/Apache-2.0> 
> >   * log, 0.4.7, MIT> 
> >   * lzw, 0.10.0, MIT/Apache-2.0> 
> >   * matrixmultiply, 0.2.2, MIT/Apache-2.0> 
> >   * md5, 0.6.1, Apache-2.0/MIT> 
> >   * memchr, 2.2.1, Unlicense/MIT> 
> >   * memory_units, 0.3.0, MPL-2.0> 
> >   * net2, 0.2.33, MIT/Apache-2.0> 
> >   * num, 0.2.0, MIT/Apache-2.0> 
> >   * num-bigint, 0.2.2, MIT/Apache-2.0> 
> >   * num-complex, 0.2.3, MIT/Apache-2.0> 
> >   * num-integer, 0.1.41, MIT/Apache-2.0> 
> >   * num-iter, 0.1.39, MIT/Apache-2.0> 
> >   * num-rational, 0.2.2, MIT/Apache-2.0> 
> >   * num-traits, 0.2.8, MIT/Apache-2.0> 
> >   * parity-wasm, 0.31.3, MIT/Apache-2.0> 
> >   * png, 0.14.1, MIT/Apache-2.0> 
> >   * proc-macro2, 0.4.30, MIT/Apache-2.0> 
> >   * profiler_builtins, 0.1.0, profiler_builtins> 
> >   * quick-error, 1.2.2, MIT/Apache-2.0> 
> >   * quote, 0.3.15, MIT> 
> >   * quote, 0.6.13, MIT> 
> >   * rand, 0.6.5, MIT/Apache-2.0> 
> >   * rand_core, 0.4.0, MIT/Apache-2.0> 
> >   * rand_hc, 0.1.0, MIT/Apache-2.0> 
> >   * rand_pcg, 0.1.2, MIT/Apache-2.0> 
> >   * rawpointer, 0.1.0, MIT/Apache-2.0> 
> >   * regex, 1.1.9, MIT/Apache-2.0> 
> >   * regex-syntax, 0.6.8, MIT/Apache-2.0> 
> >   * ring, 0.14.6, ISC-style> 
> >   * rulinalg, 0.4.2, MIT> 
> >   * rustls, 0.15.2, Apache-2.0/ISC/MIT> 
> >   * rusty-machine, 0.5.4, MIT> 
> >   * ryu, 1.0.0, Apache-2.0> 
> >   * sct, 0.5.0, Apache-2.0/ISC/MIT> 
> >   * serde, 1.0.94, MIT> 
> >   * serde_cbor, 0.10.0, MIT/Apache-2.0> 
> >   * serde_derive, 1.0.94, MIT> 
> >   * serde_json, 1.0.40, MIT> 
> >   * sha1, 0.6.0, BSD-3-Clause> 
> >   * sha2, 0.8.0, sha2> 
> >   * spin, 0.5.0, MIT> 
> >   * syn, 0.11.11, MIT> 
> >   * syn, 0.15.39, MIT> 
> >   * synom, 0.11.3, MIT/Apache-2.0> 
> >   * termcolor, 1.0.5, Unlicense> 
> >   * thread_local, 0.3.6, Apache-2.0/MIT> 
> >   * tiff, 0.3.
[message truncated...]
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org


Mime
View raw message