Exploration on Confidential Computing for Big Data & AI

Intel® Software Guard Extensions (Intel® SGX) provides a hardware-protected environment for confidential computing. But, migrating applications into Intel SGX is not easy. It requires engineering effort and a good understanding about security and Intel SGX.

A memory-safe, multiprocess Intel SGX and LibOS solution named Occlum addresses this issue. This project empowers everyone to run applications in Intel SGX without change. Combining Occlum with several security technologies extends this single-node solution to provide a trusted cluster environment (TCE). The environment runs an unmodified big data analysis with machine learning and deep learning programs securely on a private or public cloud.


Dr. Qiyuan Gong, AI framework engineer, joined Intel in 2017 after finishing his PhD at Southeast University where he focused on data anonymization and privacy. He is a key contributor to the open source big data and AI project for BigDL, Analytics Zoo, and Smart Storage Management. Qiuan works on privacy-preserving machine learning, federated learning, and BigDL cluster serving.

Chunyang Hui is a software engineer at Ant Group and works on Occlum, a memory-safe, multiprocess library operating system for Intel SGX. Before joining Ant Group, Chunyang was a cloud engineer at Intel focusing on I/O acceleration. His main interest is system security.