Server Environment Preparation
Last updated
Last updated
Currently, the client can deploy the TSS Node on an off-the-shelf server, a server that supports Intel® Software Guard Extensions (Intel® SGX), or Apple MacBook.
Intel® Software Guard Extensions (SGX) offers hardware-based memory encryption that isolates specific application code and data in memory. SGX allows client-level code to allocate private regions of memory, called enclaves, which are designed to be protected from processes running at higher privilege levels. It offers a granular level of control and protection against many known and active threats.
For more information on SGX, please .
A SGX-ready server can provide an encrypted environment for the TSS Node, and the application can run in an isolated environment to further ensure data security.
Currently, the SGX environment can be configured on the following servers:
Azure Confidential Computing (Virtual Machine)
Alibaba Cloud Elastic Compute Service
SGX-ready physical server (on premise)
If you choose to use a SGX-ready server to deploy the TSS Node, please head to the “” section.
An off-the-shelf server refers to any server that meets the minimum configuration requirements of the TSS Node (e.g. Elastic Compute, a physical server operated by the client).
An off-the-shelf server can deploy the TSS Node, but it does not provide the unique security properties of a SGX-ready server.
If you choose to use an off-the-shelf server to deploy the TSS Node, please head to the “” section.
Please prepare a brand-new Apple MacBook, upgrade the system to the , and complete the required security configurations.
If you choose to use an Apple MacBook to deploy the TSS Node, please head to the "" section under "."