Google has announced the availability of Asylo. It is a new open-source framework and SDK designed to protect the integrity of applications and data in a confidential computing environment. It includes features and services for encrypting sensitive communications that assists in protecting data and applications.
“The Asylo framework allows developers to easily build or move applications to portable enclaves, so they can be deployed on a variety of software and hardware backends,” the Google Cloud team wrote in a post. “With Asylo, we supply a Docker image via Google Container Registry that includes all the dependencies you need to run your container anywhere.”
The framework is meant for developing applications that run in trusted execution environments (TEEs). It makes TEEs accessible to the community, across a range of hardware both on-premises and in the cloud. According to the company, this helps defend attacks targeting underlying layers, which include the operating system, hypervisor, drivers, and firmware. In addition, it helps reduce the risk of being compromised by an unauthorized third-party or insider, Google explained.
According to Google Aslyo’s benefits include ease of use, portability and deployment flexibility, and open source. Google explained users will not need to learn a new programming model or rewrite your app, they can easily create apps and take advantage of the security measures of TEEs, and with an open-source framework, it allows users to take advantage of confidential computing technology.
“With Asylo, we can create the next generation of confidential computing applications together with the community,” the team wrote. “In version 0.2, Asylo will offer the capabilities and tools to help you develop portable enclaves. Coming soon, Asylo will also allow you to run your entire application in an enclave —just copy your app into the Asylo container, specify the backend, rebuild, and run.”