https://store-images.s-microsoft.com/image/apps.36564.f7f2a16e-d9b0-4c3f-926d-61c8f126567d.88ddcfee-59bf-4ef7-b821-61edfeab598b.6cd293af-2854-4931-8569-aa9e7a78bcf7

SCONE platform for Azure confidential computing

Scontain UG

SCONE platform for Azure confidential computing

Scontain UG

SCONE supports modern confidential cloud-native applications and multi-party confidential computing

Scontain has developed these solutions to enable applications of its customers to run inside Azure confidential computing using its platform called SCONE. SCONE together with Azure confidential computing leverage Intel® Software Guard Extensions (SGX)-enabled CPUs to provide solutions to protect your application including code and data not only at rest and during transmission but also during computation.

In Azure confidential computing, SCONE supports the development and operations of modern confidential cloud-native applications and multi-party confidential computing. It enables service providers and software developers to transform their applications into confidential applications running inside TEE hardware enclaves (e.g., Intel SGX) without requiring source code changes. The platform supports all common programming languages (e.g., C/C++, Rust, Python, Java/Scala, Javascript, etc) and has excellent performance. SCONE has improved security since it attests not only the program code but also the encrypted filesystem as well as the platform. This supports interpreted languages like Python and in turn, enables confidential machine learning applications with all modern machine learning frameworks (e.g., Tensorflow, PyTorch, and OpenVino). The objective of Azure confidential computing is to protect data, code, and secrets against powerful adversaries like insiders or intruders with root/privileged access. This can be used to protect personally identifiable information such that all privacy legislation can be satisfied: data is always encrypted, i.e., in use, at rest and during transmission and the encryption keys are always protected. Compared to other platforms, the attestation framework of SCONE is extensible in the sense that it can be integrated with external attestors (i.e., entities that can attest the integrity of the code or the platform) as well as with external verifiers like an external HSM. The SCONE attestation framework requires interaction with Intel only during initial deployment to ensure that the CPUs are genuine Intel CPUs with up-to-date microcode.  SCONE also supports to deploy your distributed applications using Docker or Kubernetes.

SCONE has been deployed in production for various sectors of data analytics. In the health domain, Scontain has been working on the German Electronic Patient Record service (EPA), the secure processing and sharing of confidential records as well as confidential federated machine learning. In the blockchain domain, Scontain has established a partnership with iExec to enable secure execution for blockchain-based applications.


https://store-images.s-microsoft.com/image/apps.22674.f7f2a16e-d9b0-4c3f-926d-61c8f126567d.88ddcfee-59bf-4ef7-b821-61edfeab598b.1dd3d9b9-3791-4e63-b0e2-7a551f93f6d4
https://store-images.s-microsoft.com/image/apps.22674.f7f2a16e-d9b0-4c3f-926d-61c8f126567d.88ddcfee-59bf-4ef7-b821-61edfeab598b.1dd3d9b9-3791-4e63-b0e2-7a551f93f6d4