nvflare.app_opt.confidential_computing.cc_manager module

class CCManager(cc_issuers_conf: list[dict[str, str]], cc_verifier_ids: list[str], verify_frequency: int = 600, cc_enabled_sites: list[str] = [], get_site_request_timeout: float = 10.0, get_token_request_timeout: float = 10.0)[source]

Bases: FLComponent

Manage all confidential computing related tasks.

This manager does the following tasks:

  1. Obtains and attaches its own CC tokens.

  2. Validates CC tokens received from other sites.

  3. Prevents system startup if CC validation fails.

  4. Periodically re-validates all CC tokens and shuts down the system if validation fails (e.g., due to expired or invalid tokens).

Note

arguments example:
“cc_issuers_conf”: [
{

“issuer_id”: “mock_authorizer”, “token_expiration”: 100

}

], “cc_verifier_ids”: [

“mock_authorizer”

], “verify_frequency”: 120, “cc_enabled_sites”: [

“server1”, “site-1”, “site-2”

]

Parameters:

  • cc_issuers_conf – configuration of the CC token issuers. Each item in the list is a dict that contains the CC token issuer component ID, and the token expiration time in seconds.

  • cc_verifier_ids – CC token verifiers component IDs

  • verify_frequency – CC tokens verification frequency

  • cc_enabled_sites – list of sites that are enabled for CC

  • get_site_request_timeout – timeout value for get site request

  • get_token_request_timeout – timeout value for get token request

handle_event(event_type: str, fl_ctx: FLContext)[source]

Handles events.

Parameters:

  • event_type (str) – event type fired by workflow.

  • fl_ctx (FLContext) – FLContext information.