Feature Highlights

Trusted Execution

Powered by Intel SGX, integrity and confidentiality are guaranteed for data and operations in the cloud

Remote Attestable Security

Users are allowed to remotely attest and measure the environment, ensuring that the remote execution is exactly what they expect

Hybrid Memory Safety

Eliminating memory vulnerabilities like buffer overflows, use-after-free, etc.

Non-bypassable Security

Formal verification upon program control flow, ensuring that critical checkpoints are non-bypassble

Function as a Service (FaaS)

Supporting WASM/Python based FaaS executions in SGX TEE, significantly increasing the system’s flexibility and compatibility

End-to-end Encryption

Mutual authentication allowing users to establish trusted and encrypted end-to-end channels between clients and cloud, or across cloud instances

Case Study: Privacy Preserving Computation

Existing solutions cannot ensure the integrity and confidentiality of code and data in the cloud. MesaTEE leverages the hardware assisted Trusted Execution Environment (TEE) provided by Intel® SGX to reduce privacy risks to users’ operations and data in the cloud. It also allows users to remotely attest and measure the environment, ensuring that the remote execution is exactly what they expect. More importantly, MesaTEE is equipped with Hybrid Memory Safety and Non-bypassable Security, making it able to withstand most exploits. MesaTEE enables security sensitive services like banking, autonomous driving and healthcare to securely process their data on public platforms like public cloud and blockchain.

Career