Problem:
3rd Party MCP servers for knowledge bases like Qloo cause data leaks, the maintainers of these servers and the cloud providers have access to what insights the User is querying
Solution:
A Confidential MCP Server with Intel SGX.
It provides Qloo insights to LLMs through Model Context Protocol (MCP) while maintaining Privacy and Confidentiality on the MCP server. This high level of Privacy and Confidentiality makes the insights safe even from the Cloud Provider, Azure, in our case. Hence, when any 3rd-party software vendor provides MCP servers that connect with the user’s Qloo Insight API subscription, the insight data would be fully secure between Qloo and the User’s (MCP) client, solving the data leak and security threat traditional MCP servers can cause.
Even Qloo can run its MCP servers on the Confidential Enclaves implemented here to provide far superior security to their users and to protect its data insight calls even from the Cloud Providers.
Here are more details on Intel SGX and its chip-level encryption and enclave (black box) creation in Gramine Docs
Tech Stack:
- We use Python for the Server with Starlette and Uvicorn for the MCP server.
- Next.js, Lucide-React and Vercel AI SDK for the UI Application that acts as the MCP client and LLM Chat.
- Intel SGX for Confidential Enclaves.
- Gramine for creating SGX-compatible Docker images of MCP servers.
- Azure for Server deployments and SGX setup.
Qloo API Functionality Implemented (All served to Gemini and other LLMs as MCP Tools):
- Get Insights: Fetch insights for a specific entity type by applying relevant filters
- Get Audience Types: Fetch all audience types available.
- Get Audience By Type: Fetch audiences by a specific parent type.
Log in or sign up for Devpost to join the conversation.