diff --git a/BUILD.md b/BUILD.md index d835436..385c157 100644 --- a/BUILD.md +++ b/BUILD.md @@ -8,7 +8,7 @@ https://creativecommons.org/licenses/by/4.0/ - Branch **no-cas-fs-unprotected** represents the code of workers (1) without SCONE (2) SCONE Sim Mode (3) SCONE Unsecure Hw Mode - Branch **private-cas-fs-protected** represents the code of workers in SCONE Secure Hw Mode with private CAS in the cluster. -_CAS image is not available in SCONE free tier, hence the user must upgrade to Standard or Business edition if private CAS is desired in the cluster._ +_**Note:** CAS image is not available in SCONE free tier, hence the user must upgrade to Standard or Business edition if private CAS is desired in the cluster._ ## Install and Access SCONE @@ -22,7 +22,7 @@ _CAS image is not available in SCONE free tier, hence the user must upgrade to S ``` - After successful login you can access the SCONE images required for Hyperledger Avalon and test the workflows. -## RUN in Hardware Mode with File System and Network Shields enabled by SCONE CAS (Secure) +## RUN in Hardware Mode with File System and Network Shields enabled by Public SCONE CAS (Secure) - To run the in Secure Hardware Mode, get the latest code from master branch: diff --git a/README.md b/README.md index 0fe6e26..fea5839 100644 --- a/README.md +++ b/README.md @@ -62,7 +62,7 @@ For demo of the applications running with SCONE workers, see - Branch **no-cas-fs-unprotected** represents the code of workers (1) without SCONE (2) SCONE Sim Mode (3) SCONE Unsecure Hw Mode - Branch **private-cas-fs-protected** represents the code of workers in SCONE Secure Hw Mode with private CAS in the cluster. -_CAS image is not available in SCONE free tier, hence the user must upgrade to Standard or Business edition if private CAS is desired in the cluster._ +_**Note:** CAS image is not available in SCONE free tier, hence the user must upgrade to Standard or Business edition if private CAS is desired in the cluster._ To build Hyperledger Avalon with SCONE, follow instructions in the [build document](BUILD.md). diff --git a/avalon-scone/README.md b/avalon-scone/README.md index dc20e3b..8cf57ff 100644 --- a/avalon-scone/README.md +++ b/avalon-scone/README.md @@ -50,7 +50,9 @@ This example demonstrates a hospital app running inside SCONE based trusted exec This app has a redis data store and python backend. We use SCONE curated redis and python containers and run both inside trusted enclaves and then integrate this app with our trusted workers so that it can be used with Avalon ecosystem and also with blockchains. -## Building and Running the worker in SCONE Hardware Mode with File System and Network Shields enabled by SCONE CAS (Secure) +_**Note:** External apps like **Openvino** and **Hospital app** are only available in 'private-cas-fs-protected' branch as they need private CAS inside the cluster to complete their workflow_ + +## Building and Running the worker in SCONE Hardware Mode with File System and Network Shields enabled by public SCONE CAS (Secure) - Before building and running application for SCONE HW Mode, we need to install Intel SGX driver and SCONE. @@ -96,28 +98,7 @@ This app has a redis data store and python backend. We use SCONE curated redis a `./generic_client_scone.py --uri "http://avalon-listener:1947" -w "scone-worker-1" --workload_id "secure-transaction" --in_data "100 100 50 50" -o` - This input format is (sender_balance, receiver_balance, transfer_amount, discount) If everything goes fine, then you should see the updated balances of sender and receiver. - - 6. Send work order request with *"scone-openvino"* workload id to SCONE worker *"scone-worker-1"* - - `./generic_client_scone.py --uri "http://avalon-listener:1947" -w "scone-worker-1" --workload_id "scone-openvino" --in_data "car1.jpg" -o` - - This input 'car1.jpg' is name of one of the hardcoded input images provided in openvino container. If everything goes fine, then you should see the message asking you to check output in openvino application output folder. - - 7. Send work order request with *"scone-hospital-app"* workload id to SCONE worker *"scone-worker-1"* - - `./generic_client_scone.py --uri "http://avalon-listener:1947" -w "scone-worker-1" --workload_id "scone-hospital-app" --in_data "method=add_patient&id=patient_1&fname=Jane&lname=Doe&address='123 Main Street'&city=Richmond&state=Washington&ssn=123-223-2345&email=nr@aaa.com&dob=01/01/2010&contactphone=123-234-3456&drugallergies='Sulpha, Penicillin, Tree Nut'&preexistingconditions='diabetes, hypertension, asthma'&dateadmitted=01/05/2010&insurancedetails='Primera Blue Cross'" -o` - - This input is patient object in query parameters format along with method name 'add_patient'. If everything goes fine, then you should see added patient data echoed back. - - `./generic_client_scone.py --uri "http://avalon-listener:1947" -w "scone-worker-1" --workload_id "scone-hospital-app" --in_data "method=get_patient&id=patient_1" -o` - - This input is patient id along with method name 'get_patient'. If everything goes fine, then you should see added patient data echoed back. - - `./generic_client_scone.py --uri "http://avalon-listener:1947" -w "scone-worker-1" --workload_id "scone-hospital-app" --in_data "method=get_patient_score&id=patient_1" -o` - - This input is patient id along with method name 'get_patient_score'. If everything goes fine, then you should see the patients health score as per hospital records. - + The input format is (sender_balance, receiver_balance, transfer_amount, discount) If everything goes fine, then you should see the updated balances of sender and receiver. ## Adding a new Python Workload diff --git a/examples/scone_apps/README.md b/examples/scone_apps/README.md index dc20e3b..8cf57ff 100644 --- a/examples/scone_apps/README.md +++ b/examples/scone_apps/README.md @@ -50,7 +50,9 @@ This example demonstrates a hospital app running inside SCONE based trusted exec This app has a redis data store and python backend. We use SCONE curated redis and python containers and run both inside trusted enclaves and then integrate this app with our trusted workers so that it can be used with Avalon ecosystem and also with blockchains. -## Building and Running the worker in SCONE Hardware Mode with File System and Network Shields enabled by SCONE CAS (Secure) +_**Note:** External apps like **Openvino** and **Hospital app** are only available in 'private-cas-fs-protected' branch as they need private CAS inside the cluster to complete their workflow_ + +## Building and Running the worker in SCONE Hardware Mode with File System and Network Shields enabled by public SCONE CAS (Secure) - Before building and running application for SCONE HW Mode, we need to install Intel SGX driver and SCONE. @@ -96,28 +98,7 @@ This app has a redis data store and python backend. We use SCONE curated redis a `./generic_client_scone.py --uri "http://avalon-listener:1947" -w "scone-worker-1" --workload_id "secure-transaction" --in_data "100 100 50 50" -o` - This input format is (sender_balance, receiver_balance, transfer_amount, discount) If everything goes fine, then you should see the updated balances of sender and receiver. - - 6. Send work order request with *"scone-openvino"* workload id to SCONE worker *"scone-worker-1"* - - `./generic_client_scone.py --uri "http://avalon-listener:1947" -w "scone-worker-1" --workload_id "scone-openvino" --in_data "car1.jpg" -o` - - This input 'car1.jpg' is name of one of the hardcoded input images provided in openvino container. If everything goes fine, then you should see the message asking you to check output in openvino application output folder. - - 7. Send work order request with *"scone-hospital-app"* workload id to SCONE worker *"scone-worker-1"* - - `./generic_client_scone.py --uri "http://avalon-listener:1947" -w "scone-worker-1" --workload_id "scone-hospital-app" --in_data "method=add_patient&id=patient_1&fname=Jane&lname=Doe&address='123 Main Street'&city=Richmond&state=Washington&ssn=123-223-2345&email=nr@aaa.com&dob=01/01/2010&contactphone=123-234-3456&drugallergies='Sulpha, Penicillin, Tree Nut'&preexistingconditions='diabetes, hypertension, asthma'&dateadmitted=01/05/2010&insurancedetails='Primera Blue Cross'" -o` - - This input is patient object in query parameters format along with method name 'add_patient'. If everything goes fine, then you should see added patient data echoed back. - - `./generic_client_scone.py --uri "http://avalon-listener:1947" -w "scone-worker-1" --workload_id "scone-hospital-app" --in_data "method=get_patient&id=patient_1" -o` - - This input is patient id along with method name 'get_patient'. If everything goes fine, then you should see added patient data echoed back. - - `./generic_client_scone.py --uri "http://avalon-listener:1947" -w "scone-worker-1" --workload_id "scone-hospital-app" --in_data "method=get_patient_score&id=patient_1" -o` - - This input is patient id along with method name 'get_patient_score'. If everything goes fine, then you should see the patients health score as per hospital records. - + The input format is (sender_balance, receiver_balance, transfer_amount, discount) If everything goes fine, then you should see the updated balances of sender and receiver. ## Adding a new Python Workload diff --git a/scone-demo.sh b/scone-demo.sh index 973304e..860fb04 100755 --- a/scone-demo.sh +++ b/scone-demo.sh @@ -24,7 +24,7 @@ if [ "$1" == "start" ]; then echo "Determining SGX Device" - echo "Starting Scone CAS and LAS containers" + echo "Starting Scone LAS container" docker-compose -f docker-compose-scone-baseline.yaml up -d sleep 5 @@ -53,7 +53,7 @@ if [ "$1" == "stop" ]; then docker-compose -f docker-compose-scone-avalon.yaml down -v - echo "Stopping Scone CAS and LAS containers" + echo "Stopping Scone LAS container" docker-compose -f docker-compose-scone-baseline.yaml down -v