New from Google: A secure-focused open-source framework
Google has released Asylo: an open-source framework that uses enclaves for maximum security. Aslyo makes it easy to ensure confidentiality and comes full of exciting features.
Security ought to be one of the most important key focuses for a developer, arguably the most important, especially while working with the cloud. Last year we discussed that learning institutions are not keeping their students up to date with security concerns and developers often feel lost on the job. How can you stay ahead of the curve and keep up with high security demands?
What does Asylo bring to the table?
Google has released an open-source framework called Asylo that uses enclaves for maximum security. With Asylo, developers will have another tool in their belt to ensure top-notch security without having to rewrite their apps. It’s no coincidence that the name Asylo sounds like asylum; the purpose of Google’s new framework is to provide utmost security while developing enclave applications.
Asylo utilizes new technology known as enclaves to provide confidentiality when it matters most. A trusted execution environment, also known as a TEE, guarantees secure code and data, however TEEs were previously seen as difficult to access by developers and required tools that most people do not have access to. Google’s Asylo allows for all the features of TEEs to be accessible and easy, bringing better security to developers the simple way. There’s another bonus: it does not require any source code modifications to run across different backends. Todd Moore, the Senior Vice President of Data Protection at international data security company Gemalto said: “With the Asylo toolset, Gemalto sees accelerated use of secure enclaves for high security assurance applications in cloud and container environments. Asylo makes it easy to attach container-based applications to securely isolate computations.”
The Asylo about page sums up the main features:
- The ability to execute trusted workloads in an untrusted environment, inheriting the confidentiality and integrity guarantees from the security backend, i.e., the underlying enclave technology.
- Ready-to-use containers, an open source API, libraries, and tools so you can develop and run applications that use one or more enclaves.
- A choice of security backends.
- Portability of your application’s source code across security backends.
Asylo promises to become a developer fave with its flexibility and user-focused experience. Check out the Asylo GitHub page to keep up to date on recent developments and join the community via the Asylo mailing list. The quickstart guide is also available to walk you through step by step so you can begin instantly.
What do you think? Will you be adding Google’s new product to your list of security “must-haves”?