More and more developers and companies host their applications and data in the cloud for many usability reasons. Do you?
More than ever before, your digital assets are at risk of malicious attacks with no protection if attacks get through security.
Even without attacks, how far can you place your trust in the integrity of any 3rd party to respect your intelectual property?
MADANA Core provides you with the capability to secure applications and data during runtime. Our solution provides secure enclaves to protect data, communication, algorithms and IP, thereby increasing the IT system’s robustness against malicious attacks.
Our secure enclaves allow applications to run securely at the hardware level, directed by the CPU itself. All data is encrypted in memory and decrypted only when used inside the CPU. The data remains fully protected, even if the operating system (OS), hypervisor or root user is compromised. With the provision of secure enclaves, data can – for the first time – be protected across its entire life cycle: at rest, in motion and in use.
The protection of data and applications in use has proven challenging. Only in this pure form can information be processed. Leaving data or applications without protection during runtime exposes them to significant risks, as malware can attack the contents of memory at this stage. MADANA Core protects your digital asssets when they are at their most vulnerable.
MADANA Core runs Alpine Linux OS within its enclaves with full networking support via the Linux network stack. This feature allows users a unique new way of working with enclaves compared to other solutions. It enables a much wider field of application as it supports the broad usage of existing software and also supports the conversion of existing docker images.
With MADANA Core you can create environments that include everything your applications need in order to be run. You can easily add custom files or add alpine software packages without the need for any modification or recompilation. MADANA Core inherits integrity protection and encryption for these environments which are stored as non-propreitary disk image and can be exchanged with other users via a distributed filesystem..
All the currently applied technologies regarding (cloud) application security are software solutions. MADANA Core’s solution is based on hardware components provided by Intel Software Guard Extensions (SGX). Using hardware-based technology as a cyber security solution comes with a significant advantage over software-based solutions: It is secure by design.
MADANA is part of the Open Trusted Cloud (OTC) program at OVHcloud. We agree that it is essential to provide alternative cloud-based Software-as-a-Service (SaaS) and Platform-as-a-Service solutions (PaaS), that guarantee compliance with European regulations and reflect the values of an open and free world. MADANA Core will be made available as a SaaS and PaaS solution to be hosted in the OVHcloud marketplace in 2021.
MADANA Core allows existing unmodified Linux binaries to be run inside of Intel SGX enclaves while providing the necessary system support for complex applications and for programming language runtimes. All of these applications can be run in SGX enclaves without the need for modifications or reliance on the untrusted host OS.
Whether you need a few Secure Enclaves or an unlimited amount. Whether you need a little processing power or serious computational power - we can meet any needs. Do you want to build environments and sell them on our marketplace - go ahead! We will make various free memberships and licenses avilable for free for our top environment creators.
MADANA Core enables the creation of an isolated environment where, even if the operating system is compromised, the data is protected. Rather than relying on software alone to manage access to resources on these devices, our solution provides security as part of a hardware platform. This is what we call a Trusted Execution Environment (TEE) - using Intel SGX hardware.
The development and rapid change of regulatory requirements for data privacy and for the securitization of gathered sensitive and especially personal data represents a significant challenge. This is particularly true in Europe with the GDPR legislation. MADANA Core Trusted Execution Environments ensure security by design, thereby ensuring regulatory compliance.
MADANA Core will be made available as a cloud-hosted Platform-as-a-Service (PaaS) offering. MADANA Core as PaaS is a framework for developers to create fully customized secure and trusted applications with limited management responsibilities in the cloud.
This delivery option allows the user a simple and cost-effective development and deployment with an easy migration on a highly available and readily scalable way. Lots of features for a small amount of management and monitoring resources are offered through this provision.
Customer who prefer not to make use of our hosted solution are able to purchase a license of MADANA Core to be run on-premise. This solution will be launched following the market entry of the SaaS and PaaS solutions.
The on-premise installation of MADANA Core comes with an obligatory setup-fee with various variations of dedicated support specific to the customer’s needs.
With our web based graphical user interface we provide easy access to convert untrusted applications into trusted applications. The GUI provides the visual representation of all commands that are available while still providing an intuitive and easy-to-user interface with immediate visual feedback. The graphical interface enables access to confidential computing, regardless of experience or knowledge in the topic allowing to secure applications in everyday use.
Backend service for easy integration into existing workflows and structures. The API and resources use a data model that is supported by a set of client-side libraries that are made available on the github page. The API provides a WADL document available that describes all resources that are available. All resources are implemented in reference to the OpenAPI Specification (OAS) which defines a standard, language-agnostic interface to RESTful APIs which allows both humans and computers to discover and understand the capabilities of the service without access to source code, documentation, or through network traffic inspection which allows the consumer to understand and interact with the remote service with a minimal amount of implementation logic. You may also enjoy the interactive interface provided for this API by Swagger.