Skip to content

Commit

Permalink
[DOC] 1.Deploying the API
Browse files Browse the repository at this point in the history
  • Loading branch information
MassiliaB committed Aug 23, 2024
1 parent e87a6ee commit 4ba6f5b
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion docs/docs/getting-started/how-we-protect-your-data.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,12 @@ At the end of this process, users will know that when using our Python SDK, **th

### 1. Deploying the API in an enclave

<!-- [TEXT TODO] -->
To deploy our AI API, we developed a custom solution using virtual Trusted Platform Modules (TPMs). The API is deployed in an **enclave** that ensures confidentiality by using a container with strict isolation policies, along with a custom minimal OS loaded into RAM to mitigate attacks on the disk.

The custom OS generates measurements of itself and update the Platform Configuration Registers (PCRs). It uses these measurements to generate an attestion report, which serves as cryptographic proof that the enclave and its code are as expected. Upon deployment, a secure TLS-terminating reverse proxy using Caddy is created to handle the generation of the TLS certificate required for a TLS tunnel.

The client connects to this reverse proxy, verifies the attestation report, and then accesses the AI container that serves the AI API.

We provide more details about **enclaves** in our [concepts guide](../concepts/enclaves.md).

### 2. Proving privacy controls are applied
Expand Down

0 comments on commit 4ba6f5b

Please sign in to comment.