nvflare.app_opt.confidential_computing.cc_manager module

class CCManager(cc_issuers_conf: List[Dict[str, str]], cc_verifier_ids: List[str], verify_frequency: int = 600, critical_level=2, cc_enabled_sites: List[str] = [])[source]

Bases: FLComponent

Manage all confidential computing related tasks.

This manager does the following tasks:
  1. obtaining its own CC token

  2. preparing the token to the server

  3. keeping clients’ tokens in server

  4. validating all tokens in the entire NVFlare system

  5. not allowing the system to start if failed to get CC token

  6. shutdown the running jobs if CC tokens expired

# TODO: should we separate the server and client side into two components?

Parameters:
  • cc_issuers_conf – configuration of the CC token issuers. each contains the CC token issuer component ID, and the token expiration time

  • cc_verifier_ids – CC token verifiers component IDs

  • verify_frequency – CC tokens verification frequency

  • critical_level – critical level for shutting down the system or jobs

  • cc_enabled_sites – list of sites that are enabled for CC

handle_event(event_type: str, fl_ctx: FLContext)[source]

Handles events.

Parameters:
  • event_type (str) – event type fired by workflow.

  • fl_ctx (FLContext) – FLContext information.