TEE

TEE is short for trusted execution environment. The term is commonly used to refer to the shielded execution environments that are created by confidential-computing-enabled compute hardware. Normally, a TEE runs and protects a single workload like a function, an application, or a container. In the case of Intel SGX, TEE is synonymous with enclave. In the case of AMD SEV, Arm CCA, and Intel TDX, TEE is synonymous with confidential VM (CVM).

Note that the term TEE predates confidential computing and is also used to refer to older technologies and approaches like Arm TrustZone. To avoid confusion, we prefer to use the term Confidential Computing Environment (CCE) to refer to enclaves and CVMs.