Development and Operations of SCONE-based Services
During the lifetime of an application, one has to deal with various development and operational issues:
- How to transform native applications into confidential applications?
- How to monitor a confidential application with Grafana or Kubernetes Dashboard?
- How to start an application via a dashboard?
- How to mitigate vulnerabilities of SGX?
- How to address individual security advisories?
- How to deal with firmware updates?
- How to deal with application updates?
- How to sign a SCONE application for production?
- How to deal with SCONE runtime updates?
- How clients can attest services?
- How does SCONE protect the confidentiality and integrity of files stored in SCONE Volumes?
- How does Scone limit the usage of an encryption key?
- How does Scone terminate TLS connections inside of enclaves?
- How does SCONE support mutual attestation and verification of services with the help of TLS?
- How does SCONE help to manage certificates?
- How to deal with SCONE CAS updates? (see enterprise CAS documentation)
- How to deal with application crash failures? (see enterprise CAS documentation)
In this chapter, we explain how to address these issues. In case you have a maintenance contract with us, we will help you to address these issues.
We also created a tutorial course that address several operations aspects. Please have a look and maybe, some of the questions you might have, are already addressed there. We also provide a reference solution for each of the assignments.
If you have additional issues that should be addressed, please let us know by email.