What is IBM Cloud Data Shield?
IBM Cloud™ Data Shield enables users to run containerized applications in a secure enclave on an IBM Cloud Kubernetes Service host, providing data-in-use protection. IBM Cloud Data Shield supports user-level code to allocate private regions of memory, called enclaves, that are protected from processes running at higher privilege levels. It extends Intel Software Guard Extensions (SGX) language support from C and C++ to Python and Java™, while also providing preconverted SGX applications for MySQL, NGINX and Vault. Powered by the Fortanix Runtime Encryption platform and Intel SGX technology, these tools enable organizations with sensitive data to leverage cloud computing with more confidence.
IBM Cloud Data Shield benefits
Facilitates a cloud model
IBM Cloud Data Shield helps enable organizations with sensitive data to deploy and benefit from cloud computing.
Secures containerized apps
IBM Cloud Data Shield can run containerized applications in secure enclaves on the IBM Cloud Kubernetes Service.
Increases visibility
IBM Cloud Data Shield offers better visibility into node security attributes.
Supports DevOps
IBM Cloud Data Shield easily integrates with DevOps pipelines.
Delivers scalability and high availability
IBM Cloud Data Shield uses the IBM Cloud Kubernetes Service to bring scalability and high availability to SGX workloads.
How to use IBM Cloud Data Shield
Additional Intel SGX offerings on IBM Cloud
Footnote
Intel is a registered trademark of Intel Corporation or its subsidiaries in the United States and other countries.