Cloud Computing|Security

Google Announces Asylo Framework for Confidential Computing

In a recent post on the Google Cloud Platform Blog, Google announced Asylo, the firm’s newest open-source framework (and SDK), for securing and protecting applications and data that are contained within a trusted execution environment or TSE.

 

 

Sponsored Content

Devolutions Remote Desktop Manager

Devolutions RDM centralizes all remote connections on a single platform that is securely shared between users and across the entire team. With support for hundreds of integrated technologies — including multiple protocols and VPNs — along with built-in enterprise-grade password management tools, global and granular-level access controls, and robust mobile apps to complement desktop clients.

With the Asylo framework, developers can reduce the risk of attacks on the back-end hardware and software layers that applications run on. This is done by enabling developers to create trusted execution environments (or “enclaves”), which prevent unauthorized access to the data and processes that are running within them. Asylo also helps to increase security by providing checks for code integrity and by offering the ability to encrypt communications that contain private or otherwise sensitive information.

Asylo’s aim is to make it easy to implement these security features by making trusted execution environments more widely available, whether it be for local environments or those based in the cloud. Previously, securing applications and data in a similar manner could have required specialized hardware and also hiring someone with expertise in configuring and managing the secure environment (as TSEs are traditionally found within a processor itself).

Google designed Asylo with portability in mind so that developers can easily create applications without worrying about the specific environment or back-end the trusted execution environments are built on. Asylo can be deployed on a wide array of hardware options. And because Asylo is an open-source framework, users can begin using it for free and can even explore or modify the underlying codebase should they wish to do so.

For those interested in implementing Google’s new Asylo framework, it is available as a Docker image within the Google Container Registry. This image includes everything that is required to get a container up and running so that developers can take advantage of the features that Asylo has to offer.

While there are many options available for securing and protecting applications and data, many of them can be quite complex and require large amounts of effort to configure and manage. Not only that, but existing options may not be able to be deployed on a wide variety of both local and cloud-based environments – something that Google’s Asylo was designed for. And given that Asylo is an open-source framework, it’s likely that it will continue to be updated to work with an even wider array of hardware as time goes on. Another benefit of being open-source is that developers can try using Asylo for free if they want to get a feel for what it’s like to configure and work with the framework.

Keeping applications and data secure can be a stressful and time-consuming task, especially in today’s data-driven world with many applications running in the cloud. Services and frameworks like Google’s Asylo can help developers and admins sleep a bit easier knowing that the applications, data, and even communications are secure and contained within a trusted execution environment.

Related Topics:

BECOME A PETRI MEMBER:

Don't have a login but want to join the conversation? Sign up for a Petri Account

Register
Comments (0)

Leave a Reply

The World’s Most Comprehensive Teams to Teams Migration Checklist

Whether you have just started thinking about migration or have already begun to move, our Microsoft Teams Migration Checklist can help guide you through the different phases for a Teams migration to another tenant.

This detailed six-step guide will walk you through key decision points while also providing more prescriptive best practice recommendations where appropriate.

Discover key insights for the following phases of a Teams migration: 

  • Discovery
  • Pilot
  • Planning
  • Communication
  • Execution
  • Validation

Sponsored by: