Veracruz is a framework for designing and deploying privacy-preserving computations amongst a group of mutually mistrusting individuals. Veracruz uses strong isolation technologies, such as AWS Nitro Enclaves, Arm CCA Realms, and the high-assurance seL4 hypervisor, to provide a safe, neutral ground, within which a sandboxed WebAssembly program executes.
Recent enhancements to Veracruz have made it possible to support larger, more complex privacy-preserving computations: we have adopted the WebAssembly System Interface (WASI) as our programming model, which can be used by executing WebAssembly programs to query and modify an efficient in-memory filesystem, for example.
In this talk, I will first introduce Veracruz before finally focusing on a real-world use-case for Veracruz, in privacy-preserving video object detection, developed as part of a collaboration between the Veracruz team and IOTEX, a manufacturer of IoT cameras.