Linux Foundation: MADANA Membership and Linux Usage

Unlocking the power of open source!

MADANA
The MADANA Blog
2 min readNov 19, 2020

--

What is the Linux Foundation?

The Linux Foundation supports the creation of sustainable open source ecosystems by providing financial and intellectual resources, infrastructure, services, events, and training. MADANA is proud to be part of this inspirational foundation as a Silver Member (See Members), together with many industry leaders in Tech, Security and Development.

Using Alpine Linux

Alpine Linux is an independent, non-commercial, general purpose Linux distribution designed for power users who appreciate security, simplicity and resource efficiency. Alpine Linux was designed to be lightweight, secure and simple: which fits perfectly with MADANA. Using Alpine Linux allows MADANA to run Linux binaries within our Enclaves. Instead of running only an application or function within an enclave, MADANA’s solution runs the Alpine Linux OS in-enclave allowing our users a whole new way of working with enclaves compared to other solutions.

Linux Kernel Library & SGX

Porting an application to run within an SGX enclave by default is not a simple matter. This is because Intel originally imagined that the enclave would only run small parts of an application within this trusted zone. Running complete, unmodified, complex applications inside an enclave is not possible due to the lack of many features modern day operating systems provide.

The Linux kernel library (LKL) enables projects to use code from the Linux kernel. This is very beneficial when running Intel SGX enclaves, providing all the necessary tools to run unmodified application code, such as filesystem support and access to the full networking stack. Very much as if you were running code inside a Virtual Machine. MADANA CORE uses a fork of the Linux Kernel Library to handle Enclave management, hence providing this repository of high-quality, extensively reviewed and tested code as the base of any application running inside an enclave.

Providing the complete spectrum of modern day OS functions within the enclave not only enables us to run unmodified applications within SGX, but also increases the security of the enclave. By not passing down API calls to the possibly malicious host OS — or even running most parts of the application on the host OS — the attack surface is significantly reduced. Compared to other products that provide support for Intel SGX we are very confident that MADANA CORE is among the most sophisticated enclave solutions to be found.

Check out our Github Fork of the SGX-LKL Library OS for running Linux applications inside of Intel SGX enclaves: Github

--

--

MADANA
The MADANA Blog

Leading the way in Confidential Computing for secure & trusted applications.