Gramine (formerly known as Graphene) is a lightweight library OS, designed to run applications in an isolated environment with benefits comparable to running a complete OS in a virtual machine — including guest customization, ease of porting to different OSes, and process migration.
In untrusted cloud and edge deployments, there is a strong desire to shield the whole application from the rest of the infrastructure. Gramine supports this “lift and shift” paradigm for bringing unmodified applications into Confidential Computing with Intel® SGX. Gramine can protect applications from a malicious system stack with minimal porting effort.
Today, the Gramine project, with the direction determined by a diverse group of contributors, from universities, small and large companies, as well as individuals, is proud to join the Linux Foundation as an official Confidential Computing Consortium project. The Confidential Computing Consortium focuses on open source licensed projects securing data in use and accelerating the adoption of confidential computing through open collaboration aligns perfectly with the goals of the Gramine project.
The Confidential Computing Consortium brings together hardware vendors, cloud providers, and software developers to accelerate the adoption of Trusted Execution Environment (TEE) technologies and standards. The consortium supports open source projects that advance the use of hardware-based TEEs. For more information, please visit: https://confidentialcomputing.io