Protect your data with EdgelessDB

Get started in seconds

Use the following to run EdgelessDB on an SGX-enabled cloud VM, for example in Azure.

docker run -p3306:3306 -p8080:8080 --privileged -v /dev/sgx:/dev/sgx -t

Or use the following to run EdgelessDB on any machine in simulation mode.

docker run -p3306:3306 -p8080:8080 -e OE_SIMULATION=1 -t

Why developers love EdgelessDB

EdgelessDB enables exciting new apps

Compared to existing solutions

Most secure database solutions today only encrypt data for storage, and at most use a hardware security module (HSM) to store the corresponding cryptographic keys. Such an approach can only protect data at rest. Once the data is decrypted for processing, the confidentiality of sensitive data is no longer guaranteed.

EdgelessDB is the logical next step in hardware-rooted security: the fusion of relational databases and HSMs to protect your keys and your data both at rest and at runtime.

The following table summarizes the security differences between EdgelessDB and normal databases.

Normal DBNormal DB + HSMEdgelessDB
Data Encryption on diskincludedincludedincluded
Runtime protection for keysincludedincludedincluded
Runtime protection for dataincludedincludedincluded
Runtime protection for codeincludedincludedincluded
No extra hardwarenot includednot supportednot included
Verifiability & manifestnot includedsupportednot included

Get started with EdgelessDB on Azure Marketplace

Deploy your confidential database via the Azure Marketplace in just a few steps. Learn more in our Quickstart Guide.