Occlum | BestHub

AntTech

Dec 11, 2022 · Information Security

Occlum v1.0: Open‑Source Trusted Execution Environment OS with Major Performance Gains and Spark Big Data Integration

Occlum v1.0, the open‑source trusted execution environment operating system released by Ant Group, delivers up to five‑fold performance improvements, supports over 150 Linux syscalls, introduces async I/O, dynamic memory management, and a Spark‑BigDL big‑data analysis solution, while outlining future GPU and TDX extensions.

OcclumPerformanceRust

0 likes · 11 min read

Occlum v1.0: Open‑Source Trusted Execution Environment OS with Major Performance Gains and Spark Big Data Integration

AntTech

Apr 9, 2021 · Information Security

Next‑Generation Intel SGX on Ice Lake: Performance Evaluation and Optimization with Occlum

This article reviews the Ice Lake‑based next‑generation Intel SGX, compares its security and performance improvements over previous generations, presents detailed benchmark results on memory access, dynamic memory management and enclave switching, and describes software optimizations implemented in the Occlum runtime to mitigate remaining overheads.

Ice LakeIntel SGXNext‑Gen Occlum

0 likes · 8 min read

Next‑Generation Intel SGX on Ice Lake: Performance Evaluation and Optimization with Occlum

AntTech

Jan 7, 2021 · Information Security

SOFAEnclave Confidential Computing Stack: Occlum, HyperEnclave, and KubeTEE Overview

This article introduces the SOFAEnclave confidential computing solution, detailing its three components—Occlum, HyperEnclave, and KubeTEE—explaining how they address practical challenges of enclave development, integration with cloud‑native environments, and secure large‑scale Kubernetes deployments.

EnclaveHyperEnclaveKubeTEE

0 likes · 9 min read

SOFAEnclave Confidential Computing Stack: Occlum, HyperEnclave, and KubeTEE Overview

AntTech

Aug 21, 2020 · Information Security

Zero‑Barrier Confidential Computing: Getting Started with Occlum LibOS and a Technical Deep Dive

This article introduces confidential computing with Intel SGX, explains why SGX development is difficult, and demonstrates how Ant Group's open‑source TEE OS Occlum dramatically lowers the barrier by using three simple commands to build, package, and run a Hello World program inside an enclave.

OcclumRustSGX

0 likes · 8 min read

Zero‑Barrier Confidential Computing: Getting Started with Occlum LibOS and a Technical Deep Dive

AntTech

Apr 17, 2020 · Information Security

From Rust Advocate to Confidential Computing Pioneer: Tian Hongliang’s Journey at Ant Group

The article chronicles Tian Hongliang’s evolution from a Rust‑loving coder who excelled in Ant Group’s internal coding competition to a leading researcher in confidential computing, detailing his work on Intel SGX, the open‑source Occlum project, and the team’s recruitment drive for security engineers.

Ant GroupEnclaveOcclum

0 likes · 11 min read

From Rust Advocate to Confidential Computing Pioneer: Tian Hongliang’s Journey at Ant Group

AntTech

Sep 30, 2019 · Information Security

Confidential Computing and SOFAEnclave: Ant Financial’s Innovations in Secure Cloud‑Native Middleware

The article explains how Ant Financial leverages confidential computing technologies such as Intel SGX, the Occlum LibOS, and the KubeTEE cloud‑native cluster to build the SOFAEnclave middleware, addressing security, usability, and scalability challenges for financial‑grade data protection and multi‑party AI workloads.

Cloud NativeData SecurityKubeTEE

0 likes · 16 min read

Confidential Computing and SOFAEnclave: Ant Financial’s Innovations in Secure Cloud‑Native Middleware