# Trusted Compute Overview

Trusted Compute (TC) is an advanced security framework that combines software-defined security extensions with underlying hardware security capabilities to create isolated execution environments for edge computing workloads. This technology provides a hardware root of trust that ensures sensitive applications and data remain protected from external threats, unauthorized access, and potential system compromises.

## What is Trusted Compute?

Trusted Compute leverages Intel platform security features to create hardware-assisted virtual machines where applications can execute in complete isolation from other workloads. This isolation extends beyond traditional containerization by providing:

- **Hardware-backed Security**: Utilizes Intel platform security features like Intel VT-x (Virtualization Technology) and TPM (Trusted Platform Module)
- **Memory Encryption**: Provides runtime protection for sensitive algorithms and detection models by safeguarding against cold boot attacks and physical threats to the memory subsystem
- **Secure Boot Process**: Ensures only authenticated and verified code executes within the trusted environment
- **Full Disk Encryption (FDE) Process**: Prevents unauthorized access to disk data, particularly in scenarios involving device theft, loss, or physical compromise

## Key Benefits

### Enhanced Security
- **Workload Isolation**: Applications run in completely isolated environments, preventing cross-contamination
- **Data Protection**: Sensitive runtime data remains protected from other workloads
- **Runtime Security**: Guards against runtime attacks, malware, and unauthorized modifications

### Edge Computing Optimization
- **Reduced Attack Surface**: Minimizes exposure points for potential security breaches
- **Local Processing**: Enables secure processing of sensitive data at the edge without cloud dependencies
- **Performance**: Maintains high performance while providing security through hardware acceleration

## Use Cases

Trusted Compute is particularly valuable for:

- **AI/ML Model Protection**: Securing proprietary algorithms and training data
- **Video Analytics**: Processing sensitive surveillance or traffic data securely
- **Autonomous AI Agents**: Protecting decision-making processes and sensitive operational data in self-governing AI systems

## Reference Implementation

This documentation includes a practical example demonstrating Trusted Compute implementation:

- **[Smart Intersection Deployment](./trusted_compute_si.md)**: A comprehensive guide showing how to deploy video analytics applications using Trusted Compute technology, including step-by-step instructions for isolating AI models and processing pipelines in a secure execution environment.

- **[Smart Intersection Deployment](./trusted_compute_si_agent.md)**: A comprehensive guide showing how to deploy Agentic AI applications using Trusted Compute technology, including step-by-step instructions for isolating AI & VLM models and processing pipelines in a secure execution environment.