Docker is the most popular container platform which is used a lot. That’s why it is a good choice for SCONE’s implementation. There is the possibility in the future to be compatible not only with Docker but with open container platform also (rkt (CoreOS)). SCONE mechanism produce secure containers which is composed of a single Linux process that is secured by an enclave, but from the other side is indiscernible from a Docker container (for example based on the shared central operating system kernel for the implementation of system calls).
For the creation of secure containers and for secure connection with those containers need the build of tasks of secure images, and client-side extensions. In order to be able this buiding is necessary the modifications of the combination of secure containers with Docker. The SCONE mechanism does not necessitate any changes to the Docker Engine or its API, but it based on a cover around the original Docker client. Also, for creation of configuration files and launch containers in an untrusted environment, a secure SCONE client is used. Concluding, SCONE maintains a typical Docker workflow (for example, a programmer publishes an image with their application, and a user can customize the image by adding extra layers.)