| (window.webpackJsonp=window.webpackJsonp||[]).push([[36],{359:function(e,n,t){"use strict";t.r(n);var a=t(11),o=Object(a.a)({},(function(){var e=this.$createElement,n=this._self._c||e;return n("ContentSlotsDistributor",{attrs:{"slot-key":this.$parent.slotKey}},[n("div",{staticClass:"language- extra-class"},[n("pre",{pre:!0,attrs:{class:"language-text"}},[n("code",[this._v("MesaTEE Apache Incubation Proposal\n\n= Abstract =\n\nMesaTEE is a framework for universal secure computing.\n\n= Proposal =\n\nMesaTEE is the next-gen solution to enable general computing service for\nsecurity-critical scenarios. It will allow even the most sensitive data to\nbe securely processed to enable offshore businesses without leakage.\n\nThe solution combines the advanced Hybrid Memory Safety (HMS) model and the\npower of the Trusted Computing technologies (e.g., TPM) as well as the\nConfidential Computing technologies (e.g., Intel SGX).\n\n * Code base:\n * https://github.com/mesalock-linux/mesatee\n * https://github.com/baidu/rust-sgx-sdk\n * Website: https://mesatee.org\n * Documentation: https://mesatee.org/doc/mesatee_sdk/\n\n= Background =\n\nThe emerging technologies of big data analytics, machine learning, cloud/edge\ncomputing, and blockchain are significantly boosting our productivity, but at\nthe same time they are bringing new confidentiality and integrity concerns. On\npublic cloud and blockchain, sensitive data like health and financial records\nmay be consumed at runtime by untrusted computing processes running on\ncompromised platforms; during in-house data exchange, confidential information\nmay cross different clearance boundaries and possibly fall into the wrong hands;\nalso not to mention the privacy issue arises in offshore data supply chains.\n\nAlthough the consequences of data breaching have been extensively elaborated, we\nshould also note that proprietary computing algorithms themselves, such as AI\nmodels, also need to be well protected. Once leaked, attackers can steal the\nintellectual properties, or launch whitebox attacks and easily exploit the\nweaknesses of the models.\n\nFacing all these risky scenarios, we are in desperate need of a trusted and\nsecure mechanism, enabling us to protect both private data and proprietary\ncomputing models during a migratable execution in potentially unsafe\nenvironments, yet preserving functionalities, performance, compatibility, and\nflexibility. MesaTEE is targeting to be, as we call it, the full \"Universal\nSecure Computing\" stack, so it can help users resolve these runtime security\nrisks.\n\nMesaTEE aims to promote the development of universal secure computing ecosystem\nthrough open source and openness, to provide basic support for trust protection\nfor the productivity revolution brought by big data and AI, to completely solve\nthe data exchange or multi-party computing between departments/companies, to\nenable privacy-crucial services such as financial and medical care using\nblockchain/cloud services, and to convoy businesses that are closely related to\nlife and safety such as autonomous driving. MesaTEE has been working closely\nwith mainstream cloud computing/blockchain/chip vendors and\nuniversities/research institutions to promote hardware TEE, software memory\nsafety, and versatile computing services to create an internationally protected\nand flexible secure computing framework. MesaTEE’s open-source release will\ngreatly accelerate the development of the next generation of big data business\napplications, and it is also of great importance to promoting AI in all business\nareas.\n\n= Rationale =\n\nMesaTEE stack redefines future AI and big data analytics by providing a trusted\nand secure offshore computing environment. The confidentiality and privacy of\ndata and models can be well protected with MesaTEE, even if data and model\noriginate from different parties with no mutual trust. Moreover, the computing\nplatform itself is not necessarily trusted either. The Trusted Computing Base\n(TCB) can thus be largely reduced to MesaTEE framework alone. A detailed\ndescription of target use-cases can be found at\nhttps://github.com/mesalock-linux/mesatee/blob/master/docs/case_study.md.\n\nWe believe that Apache way of open source community empowers MesaTEE to attract\na diverse set of contributors who can bring new ideas into the project.\n\n= Initial Goals =\n\n * Move the existing codebase, website, documentation, and mailing lists to an\n Apache-hosted infrastructure.\n * Integrate with the Apache development process.\n * Ensure all dependencies are compliant with Apache License version 2.0.\n * Incrementally develop and release per Apache guidelines.\n\n= Current Status =\n\nThe MesaTEE project (and its sub-project Rust SGX SDK) has been designed and\ndeveloped at Baidu since 2017, and was open sourced under the Apache License,\nVersion 2.0 in 2019. The source code is currently hosted at github.com\n(https://github.com/mesalock-linux/mesatee and\nhttps://github.com/baidu/rust-sgx-sdk), which will seed the Apache git\nrepository.\n\n== Meritocracy ==\n\nWe are fully committed to open, transparent, and meritocratic interactions with\nour community. In fact, one of the primary motivations for us to enter the\nincubation process is to be able to rely on Apache best practices that can\nensure meritocracy. This will eventually help incorporate the best ideas back\ninto the project and enable contributors to continue investing their time in the\nproject. We already have some guidelines to help external contributors:\n\n * https://github.com/mesalock-linux/mesatee/blob/master/docs/rust_guideline.md\n * https://github.com/mesalock-linux/mesatee/blob/master/docs/how_to_add_your_function.md\n * https://github.com/mesalock-linux/mesatee/blob/master/CODE_OF_CONDUCT.md\n\n== Community ==\n\nThe MesaTEE community is fairly young. Since our sub-project (Rust SGX SDK) was\nopen sourced in 2017, we received many contributions from various companies and\nindividual researchers (https://github.com/baidu/rust-sgx-sdk/pulls). Our\nprimary goal during the incubation would be to grow the community and groom our\nexisting active contributors for committers.\n\n== Core Developers ==\n\nCurrent core developers work at Baidu. We are confident that incubation will\nhelp us grow a diverse community in an open and collaborative way.\n\n== Alignment ==\n\nMesaTEE is designed as a framework for universal secure computing. This is\ncomplementary to the Apache's projects, providing a trusted and secure computing\nframework.\n\nOur sincere hope is that being a part of the Apache foundation would enable us\nto drive the future of the project in alignment with the other Apache projects\nfor the benefit of thousands of organizations that already leverage these\nprojects.\n\n= Known Risks =\n\n== Orphaned Products ==\n\nThe risk of abandonment of MesaTEE is low. MesaTEE has been incubated at Baidu\nfor over two years. Baidu is committed to the further development of the project\nand will keep investing resources towards the Apache processes and community\nbuilding, during the incubation period.\n\n== Inexperience with Open Source ==\n\nEven though the initial committers are new to the Apache world, some have\nconsiderable open source experience - Yu Ding, Yiming Jing, Mingshen Sun. We\nhave been successfully managing the current open source community, answering\nquestions, and taking feedback already. Moreover, we hope to obtain guidance and\nmentorship from current ASF members to help us succeed in the incubation.\n\n== Length of Incubation ==\n\nWe expect the project to be in incubation for 2 years or less.\n\n== Homogenous Developers ==\n\nCurrently, the lead developers for MesaTEE are from Baidu. However, we have an\nactive set of early contributors/collaborators from Alibaba and other companies,\nwhich we hope will increase the diversity going forward. Once again, a primary\nmotivation for the incubation is to facilitate this in the Apache way.\n\n== Reliance on Salaried Developers ==\n\nBoth the current committers and early contributors have several years of core\nexpertise around designing trusted computing systems. Current committers are\nvery passionate about the project and have already invested hundreds of hours\ntowards helping and building the community. Thus, even with employer changes, we\nexpect they will be able to actively engage in the project either because they\nwill be working in similar areas even with newer employers or out of belief in\nthe project.\n\n== Relationships with Other Apache Products ==\n\nTo the best of our knowledge, there are no directly competing projects with\nMesaTEE that offer all of the feature set - memory safety, secure computing,\nmulti-party computation, etc. However, some projects share similar goals, e.g.,\nOpenWhisk which provides a serverless cloud platform. We are committed to open\ncollaboration with such Apache projects and incorporating changes to MesaTEE or\ncontributing patches to other projects, with the goal of making it easier for\nthe community at large, to adopt these open source technologies.\n\n== Excessive Fascination with the Apache Brand ==\n\nThe Apache Brand is very respected. We are very honored to have the opportunity\nto join ASF, with the understanding that its brand policies shall be respected.\nAnd we hope Apache can help us build the ecosystem around MesaTEE and attract\nmore developers.\n\n= Documentation =\n\n * Detailed documentation: https://github.com/mesalock-linux/mesatee\n * MesaTEE SDK API documentation: https://mesatee.org/doc/mesatee_sdk/\n\n= Initial Source =\n\nThe codebase is currently hosted on Github:\n\n * https://github.com/mesalock-linux/mesatee\n * https://github.com/baidu/rust-sgx-sdk\n\nDuring incubation, the codebase will be migrated to an Apache infrastructure.\nThe source code of MesaTEE is under Apache version 2.0 License, while Rust SGX\nSDK is under BSD 3-Clauses License.\n\n= Source and Intellectual Property Submission Plan =\n\nWe will work with the committers to get ICLAs signed. We will provide a Software\nGrant Agreement from an authorized signer per\nhttps://www.apache.org/licenses/software-grant-template.pdf\n\n= External Dependencies =\n\nMesaTEE directly depends on these third-party Rust crates:\n\n * adler32, 1.0.3, BSD-3-Clause\n * aho-corasick, 0.7.4, Unlicense/MIT\n * array_tool, 1.0.3, MIT\n * assert_matches, 1.3.0, MIT/Apache-2.0\n * autocfg, 0.1.4, Apache-2.0/MIT\n * base64, 0.10.1, MIT/Apache-2.0\n * bincode, 1.1.4, MIT\n * bit-vec, 0.6.1, MIT/Apache-2.0\n * bitflags, 1.1.0, MIT/Apache-2.0\n * byteorder, 1.3.2, MIT/Unlicense\n * bytes, 0.5.0, MIT\n * cc, 1.0.37, MIT/Apache-2.0\n * cfg-if, 0.1.9, MIT/Apache-2.0\n * chrono, 0.4.7, MIT/Apache-2.0\n * color_quant, 1.0.1, MIT\n * crc32fast, 1.2.0, MIT\n * ctor, 0.1.9, Apache-2.0\n * deflate, 0.7.20, MIT/Apache-2.0\n * either, 1.5.2, MIT/Apache-2.0\n * env_logger, 0.6.2, MIT/Apache-2.0\n * erased-serde, 0.3.9, MIT\n * fnv, 1.0.6, Apache-2.0\n * getrandom, 0.1.6, MIT\n * ghost, 0.1.0, MIT/Apache-2.0\n * gif, 0.10.2, MIT/Apache-2.0\n * gzip-header, 0.3.0, MIT/Apache-2.0\n * half, 1.3.0, MIT/Apache-2.0\n * hashbrown, 0.3.1, Apache-2.0/MIT\n * heapsize, 0.4.2, MIT/Apache-2.0\n * hex, 0.3.2, MIT\n * http, 0.1.17, MIT/Apache-2.0\n * httparse, 1.3.4, MIT/Apache-2.0\n * humantime, 1.2.0, MIT/Apache-2.0\n * image, 0.21.0, MIT\n * inflate, 0.4.5, MIT\n * inventory, 0.1.3, MIT\n * inventory-impl, 0.1.3, MIT\n * iovec, 0.2.0, MIT/Apache-2.0\n * itertools, 0.8.0, MIT/Apache-2.0\n * itoa, 0.4.4, MIT\n * jpeg-decoder, 0.1.15, MIT\n * lazy_static, 1.3.0, MIT/Apache-2.0\n * libc, 0.2.59, MIT\n * linked-hash-map, 0.5.2, MIT/Apache-2.0\n * log, 0.4.7, MIT\n * lzw, 0.10.0, MIT/Apache-2.0\n * matrixmultiply, 0.2.2, MIT/Apache-2.0\n * md5, 0.6.1, Apache-2.0/MIT\n * memchr, 2.2.1, Unlicense/MIT\n * memory_units, 0.3.0, MPL-2.0\n * net2, 0.2.33, MIT/Apache-2.0\n * num, 0.2.0, MIT/Apache-2.0\n * num-bigint, 0.2.2, MIT/Apache-2.0\n * num-complex, 0.2.3, MIT/Apache-2.0\n * num-integer, 0.1.41, MIT/Apache-2.0\n * num-iter, 0.1.39, MIT/Apache-2.0\n * num-rational, 0.2.2, MIT/Apache-2.0\n * num-traits, 0.2.8, MIT/Apache-2.0\n * parity-wasm, 0.31.3, MIT/Apache-2.0\n * png, 0.14.1, MIT/Apache-2.0\n * proc-macro2, 0.4.30, MIT/Apache-2.0\n * profiler_builtins, 0.1.0, profiler_builtins\n * quick-error, 1.2.2, MIT/Apache-2.0\n * quote, 0.3.15, MIT\n * quote, 0.6.13, MIT\n * rand, 0.6.5, MIT/Apache-2.0\n * rand_core, 0.4.0, MIT/Apache-2.0\n * rand_hc, 0.1.0, MIT/Apache-2.0\n * rand_pcg, 0.1.2, MIT/Apache-2.0\n * rawpointer, 0.1.0, MIT/Apache-2.0\n * regex, 1.1.9, MIT/Apache-2.0\n * regex-syntax, 0.6.8, MIT/Apache-2.0\n * ring, 0.14.6, ISC-style\n * rulinalg, 0.4.2, MIT\n * rustls, 0.15.2, Apache-2.0/ISC/MIT\n * rusty-machine, 0.5.4, MIT\n * ryu, 1.0.0, Apache-2.0\n * sct, 0.5.0, Apache-2.0/ISC/MIT\n * serde, 1.0.94, MIT\n * serde_cbor, 0.10.0, MIT/Apache-2.0\n * serde_derive, 1.0.94, MIT\n * serde_json, 1.0.40, MIT\n * sha1, 0.6.0, BSD-3-Clause\n * sha2, 0.8.0, sha2\n * spin, 0.5.0, MIT\n * syn, 0.11.11, MIT\n * syn, 0.15.39, MIT\n * synom, 0.11.3, MIT/Apache-2.0\n * termcolor, 1.0.5, Unlicense\n * thread_local, 0.3.6, Apache-2.0/MIT\n * tiff, 0.3.1, MIT\n * toml, 0.5.1, MIT/Apache-2.0\n * typetag, 0.1.3, MIT\n * typetag-impl, 0.1.3, MIT\n * ucd-util, 0.1.3, MIT/Apache-2.0\n * unicode-xid, 0.0.4, MIT/Apache-2.0\n * unicode-xid, 0.1.0, MIT/Apache-2.0\n * utf8-ranges, 1.0.3, Unlicense/MIT\n * uuid, 0.7.4, Apache-2.0\n * wabt, 0.6.0, Apache-2.0\n * wasmi, 0.5.0, MIT/Apache-2.0\n * wasmi-validation, 0.1.0, MIT/Apache-2.0\n * webpki, 0.19.1, ISC-style\n * webpki-roots, 0.16.0, MPL-2.0\n * winapi, 0.3.7, MIT/Apache-2.0\n * winapi-i686-pc-windows-gnu, 0.4.0, MIT/Apache-2.0\n * winapi-util, 0.1.2, Unlicense/MIT\n * winapi-x86_64-pc-windows-gnu, 0.4.0, MIT/Apache-2.0\n * wincolor, 1.0.1, Unlicense/MIT\n * yasna, 0.3.1, MIT/Apache-2.0\n\nNote that this is not an exhaustive dependency list and only direct\ndependencies\nof MesaTEE's trusted libs are included.\n\n== Cryptography ==\n\nMesaTEE uses following cryptographic libraries:\n\n * ring (https://github.com/briansmith/ring): a Rust crypto library based on\nBoringSSL\n * rustls: a Rust TLS library\n * sgx_tcrypto in Intel SGX SDK (https://software.intel.com/en-us/sgx/sdk)\n\n= Required Resources =\n\n== Mailing lists ==\n\n * private@mesatee.incubator.apache.org (with moderated subscriptions)\n * dev@mesatee.incubator.apache.org\n * commits@mesatee.incubator.apache.org\n * user@mesatee.incubator.apache.org\n\n== Git Repositories ==\n\nUpon entering incubation, we want to transfer the existing repos from\nhttps://github.com/mesalock-linux/mesatee and\nhttps://github.com/baidu/rust-sgx-sdk to Apache organization in GitHub like:\n\n * https://github.com/apache/incubator-mesatee\n * https://github.com/apache/incubator-mesatee-rust-sgx-sdk\n\n== Issue Tracking ==\n\nMesaTEE currently uses GitHub to track issues. Would like to continue doing\nso.\n\n== Continuous Integration Service ==\n\nMesaTEE currently uses self-hosted continuous integration (CI) service which can\nhelp developers to automatically test commits. The CI service involves several\nnodes which support Intel SGX. We would like to continue doing so.\n\n= Initial Committers =\n\nThe list is sorted alphabetically:\n\n * Mingshen Sun <mssun at mesatee.org>\n * Pei Wang <wangpei at mesatee.org>\n * Rundong Zhou <rundongzhou at mesatee.org>\n * Tao Wei <lenx at mesatee.org>\n * Tongxin Li <litongxin at mesatee.org>\n * Yiming Jing <jingyiming at mesatee.org>\n * Yu Ding <d at mesatee.org>\n * Yulong Zhang <ylzhang at mesatee.org>\n * Zhaofeng Chen <zf at mesatee.org>\n\n= Sponsors =\n\n== Champion ==\n\n * Zhijie Shen <zjshen@apache.org>\n\n== Nominated Mentors ==\n\n * Jianyong Dai <daijy@apache.org>\n * Luciano Resende <lresende@apache.org>\n * Matt Sicker\n * Furkan Kamaci\n\n== Sponsoring Entity ==\n\nThe Incubator PMC\n")])])])])}),[],!1,null,null,null);n.default=o.exports}}]); |