Skip to content

Verifiable Confidential Computing

Cosmian Enclave and Cosmian VM are solutions to compute over data

  • that keeps data encrypted at all times, even when in use
  • and that can be remotely verified at any time, i.e., that a correct non-tampered application is currently running in encrypted memory.

In other words, these solutions ensure that you know what processes your data, and that the data is always encrypted.

Both of these solutions

  • have low performance overhead compared to processing in clear text,
  • do not require modifications to existing software,
  • provide real-time remote verifiability of the hardware environment and the running software
  • can run either on the cloud or on-premise.
  • are remotely administered and verified using simple CLI tools provided by Cosmian
  • do not require external key management while in use

Security Models and Use Cases

The two solutions protect applications and data against malicious infrastructure providers (cloud administrators, third-party premises administrators, etc…) that can have physical access to the machine.

  • Cosmian Enclave (formerly MSE) is a solution that provides additional protection against the system administrator of the machine, i.e. someone with operating system level access. Cosmian Enclave is a sealed secured environment best-suited for scenarios where the provider of the application code - or its parameters such as a neural network - wants to protect its intellectual property from the system administrator. This is typically the case of collaborative confidential computing scenarios where the code provider wants to deploy its code (or its parameters) on a system administered by a third party, such as the data provider.
  • Cosmian VM provides additional flexibility and performance and is appropriate for scenarios where the running code does not have to be protected against the system administrator. This is typically the migration of an on-premise application to the cloud, or the security upgrade of an on-premise application to allow it to process data with increased confidentiality.
Solution Infra. Admins (physical access) Sys. Admins (OS access) Use Cases
Cosmian Enclave No access to data or code No access to data or code Collaborative confidential computing, code protection
Cosmian VM No access to data or code Access Move to cloud, security upgrade of on-premise apps

Note: it is possible to “seal” a Cosmian VM by shutting down all operating system level access to the VM (such as the SSH daemon)

Cosmian Enclave

Please check the dedicated documentation at Cosmian Enclave

Cosmian VM

Please check the dedicated documentation at Cosmian VM

Summary Comparison of Cosmian Enclave and Cosmian VM

Feature Cosmian Enclave Cosmian VM
Memory encryption Yes Yes
Remote verifiability Yes Yes
Remote code deployment Yes (Python ASGI) No
Offline encrypted code deployment Yes No
Protection against Infra. Admins + Sys. Admins Infra. Admins
Required hardware Intel SGX Intel TDX or AMD-SEV-SNP
Cloud providers availability Azure, OVH AWS, Azure, GCP, OVH
Applications type Python, Singularity containers Any application
Code modification None None
Performance overhead ~+20% ~+10%
Re-usability of OS images No Yes
Attack Surface Small Large


These solutions will soon be available as IaaS on all the major cloud providers.

© Copyright 2018-2024 Cosmian. All rights reserved.