In this proof of concept we securely provision FEDn client and combiner tokens with Gramine. The docker-compose.yalm file simulates a scenario in which the reducer runs in a trusted environment while the combiner and clients run on an untrusted environment with Intel SGX support. A provisioning server (sever.c) makes use of EPID-based remote attestation to verify the authenticity of the provinioned enclave and passes the token using an encrypted connection.
First you need to set up EPID credentials in the .env file as it follows.
RA_TLS_EPID_API_KEY=<your-primary-key>
RA_CLIENT_SPID=<your-spid>To get these credentials you need to create an account at: https://api.portal.trustedservices.intel.com/EPID-attestation.
Once you are done you can spin up the PoC by running:
docker-compose up -dTo check that evrything has worked as expected you can upload the dummy compute package and seed model that we provide under resources/.
# Upload package
curl -k -X POST \
-F file=@resources/package.tar.gz \
-F helper="keras" \
https://localhost:8090/context
# Upload seed
curl -k -X POST \
-F seed=@resources/seed.npz \
https://localhost:8090/modelsNow navigate to https://localhost:8090 and verify that combiner and clients have connected successfully.
- The the PoC is not setup to run the compute package in the enclave.
- All the services run on
localhostwith the Docker containers attaching straight to the host network.