VirTEE is an Open Community dedicated to building FLOSS components to enable the construction of Virtualization-based TEEs (Trusted Execution Environments) using technologies such as AMD SEV (and SNP), Intel TDX and Armv9 Realms.
- Chat: #virtee on Matrix
sev: Rust library exposing APIs for the AMD SEV platform
sevctl: Administrative utility for AMD SEV
kbs-types: Rust (de)serializable types for KBS
reference-kbs: A reference implementation of the KBS attestation protocol
oci2cw: Utility to transform OCI images into Confidential Workloads
Do you have a project that you would see listed here? Propose a change to this page!
What is a TEE?
According to the CCC (Confidential Computing Consortium), a TEE is as an environment that provides a level of assurance of the following three properties:
- Data confidentiality: Unauthorized entities cannot view data while it is in use within the TEE.
- Data integrity: Unauthorized entities cannot add, remove, or alter data while it is in use within the TEE.
- Code integrity: Unauthorized entities cannot add, remove, or alter code executing in the TEE.
For more information, check this whitepaper published by the CCC.
What is a Virtualization-based TEE?
It’s a TEE that’s constructed using Hardware-assisted Virtualization, combined with other technologies (AMD SEV, Intel TDX or Armv9 Realms) that enable the guest owner to verify the integrity and confidentiality of the Virtual Machine.