Open Source Summit + ELC North America 2020

Today, most data is encrypted at rest and in transit; but very little data is encrypted while in use, leaving it vulnerable to malicious actors. To address this gap, Microsoft contributed the Open Enclave SDK (OE-SDK) to the Confidential Computing Consortium in 2019 and is working across the industry to develop new standards for encrypting data-in-use.

The OE-SDK enables trusted applications to run in hardware-isolated enclaves even on an untrusted machine, providing an interface to allow developers to write an application once and run it across different Trusted Execution Environments (TEEs), e.g. Intel SGX or ARM TrustZone.

This talk will cover the architecture of the OE-SDK, introduce the audience to the basics of writing an enclave application, provide a project update, and show developers how they can get involved with the OE-SDK community.

If you attended the OE-SDK BoF last year, this talk will go deeper on how to write different types of OE-SDK apps. We will also discuss our journey to supporting a second platform (TrustZone) and the challenges in supporting different paradigms under one SDK. Finally, we will give an update on the last year of work in the SDK.