KCAL System Architecture

KCAL and PPC platforms operate within the confidential virtual machines (cVMs) of virtCCA. The PPC platforms use the cryptographic operator APIs provided by KCAL. The PPC platforms are responsible for establishing secure channels between cVMs.

1. The compute node on each platform delivers the computing task through the following steps:
   1. Configure the global network context and apply the context to KCAL.
   2. Use the KCAL SDK to negotiate a key seed with a party based on network information for subsequent operator execution.
2. Upon successful configuration, the compute node calls an operator. Operator calling requires the task scheduling module to allocate computing tasks. Any communication involved relies on the network communication module of the platform.
3. KCAL executes the operator and returns the calculation output.