0 views collected around this technical thread.
This article explains the concept of zero‑copy in Linux, compares the four main system calls—sendfile, mmap, splice and tee—describes their APIs, internal mechanisms, performance characteristics, typical use‑cases and provides practical code examples for high‑performance network programming.
The Asterinas open‑source confidential computing stack, released by leading Chinese research institutions and Ant Group, combines HyperEnclave, Occlum, and TrustFlow to provide a secure, nationally‑trusted TEE foundation for cloud, AI, and data‑intensive workloads, addressing the shortcomings of existing commercial TEEs and enabling trustworthy data flow across diverse industries.
The second Confidential Computing Forum at CNCC2024, held on October 26 in Hangzhou, gathers leading experts to discuss TEE‑based secure computing, present cutting‑edge research on confidentiality, side‑channel attacks, collaborative trust, and cryptographic applications, and outlines future directions for data security in the digital economy.
Under the guidance of the People’s Bank of China, the Beijing FinTech Industry Alliance has published the 'Financial Industry Privacy Computing Interconnection Platform Technical Specification', a standard co‑authored by China UnionPay, major banks, universities, tech firms and telecom operators, with Ant Group playing a key role.
The IEEE 2952-2023 standard, jointly released by Ant Group and multiple partners, defines a comprehensive technical framework for secure computing using Trusted Execution Environments, covering isolation, confidentiality, compatibility, performance, availability, and security, and outlines reference implementations, cluster management, and remote attestation mechanisms.
At the 2023 World AI Conference summit, Ant Group unveiled its YinYu Open‑Source Framework 1.0 and the HyperEnclave financial‑grade TEE, detailing their technical features, industry‑wide standards contributions, and how they aim to boost the usability, security, and interoperability of privacy computing for AI applications.
The report details a collaborative effort led by UnionPay and Ant Group to create a unified remote attestation framework that enables interoperability among diverse TEE solutions, demonstrating successful integration of five major TEE platforms and highlighting the significance for secure data flow in the financial sector.
The article explains Android’s multi‑layered file‑based encryption system, describing how FDE, FBE and metadata encryption work together, and detailing the end‑to‑end key‑management flow that spans the HAL, VOLD, Linux kernel, fscrypt, the Trusted Execution Environment and hardware crypto engines to generate, derive, and program per‑file encryption keys.
TrustZone implements a hardware‑level privacy shield for smartphones by partitioning CPU, bus, memory, peripherals and interrupts into a Secure World and a Normal World, using ARMv8 exception levels and extensions such as SCR, TZPC, TZASC, GIC and MMU to isolate user data from non‑secure software.
This article presents a comprehensive overview of TEE interoperability, describing the background of trusted execution environments, their remote attestation processes, a unified remote attestation framework, and the overall strategy for achieving cross‑TEE compatibility, including open‑source implementations and future directions.
This article introduces and compares major privacy computing technologies—including MPC, federated learning, TEE, and proxy MPC—evaluating them across security, development cost, operational cost, accuracy, performance, participant scale, control, hardware cost, and trust, and then outlines Ant Group’s privacy computing framework, applications, and standards work.
The article examines OP‑TEE 3.18’s SFS secure storage, detailing its GP API, kernel file‑system module, REE daemon interactions, file format with header, hash‑tree nodes, key hierarchy (SSK, TSK, FEK), and encryption using AES‑GCM, and highlights the single‑point‑of‑failure risk of the dirf.db directory.
This article presents an end‑to‑end privacy‑preserving machine‑learning solution for AI and big‑data workloads built on Intel SGX, the open‑source TEE OS Occlum, and BigDL PPML, detailing its architecture, key features, deployment steps, and real‑world applications.
The article explains how ARM TrustZone creates a Secure World Trusted Execution Environment, details the REE‑to‑TEE interaction via Secure Monitor Calls, outlines AArch32/AArch64 register conventions, fast versus yielding SMCs, service registration, and the low‑level boot and handling flow of the Secure Monitor.
This article introduces the concept of federated learning, outlines its industry opportunities and challenges, explains the evolution of data‑sharing technologies, details core techniques such as MPC, TEE, and differential privacy, and presents the architecture and capabilities of the Dianshi federated learning platform.
This article explains how privacy computing technologies such as federated learning, multi‑party computation, and trusted execution environments, combined with blockchain, address data sharing challenges in the digital economy by protecting privacy, ensuring compliance, and enabling secure, trusted collaboration across enterprises and government agencies.
This article presents a technical overview of the security challenges in multi‑party big‑data collaboration and explains how Trusted Execution Environments (TEE) and blockchain can be combined to protect data privacy, ensure computation integrity, and enable traceable data usage in distributed systems.
The article explains how confidential computing, built on trusted execution environments like Intel SGX, addresses data‑in‑use security, outlines the technical hurdles developers face, and showcases Ant Group's open‑source SOFAEnclave components—Occlum, HyperEnclave, and KubeTEE—highlighting Rust’s pivotal contribution.
The article explains how Trusted Execution Environments (TEE), built on ARM TrustZone, provide a secure world separate from the Rich Execution Environment, detailing its architecture, GP API interactions, and how fingerprint enrollment and authentication are performed within TEE to protect sensitive biometric data.
Ant Group has led the IEEE to approve the world’s first standard for secure computing based on Trusted Execution Environments (TEE), outlining framework, functions, and security requirements, and aims to protect data privacy and sensitive code across cloud, blockchain, AI, and other emerging applications.