Google’s project Asylo creates ‘enclaved’ cloud apps

There’s application components and there’s containerisation and there’s all forms of compartmentalisation designed to separate out ‘discrete’ functions of application design in order to align with the abstracted world of cloud computing and web architecture where we can manage resources in and data in a more granular form that at any time in the past – and then, there’s enclaved apps.

What is an enclaved app?

This term has arisen in line with Google’s release of an open source framework and Software Development Kit (SDK) for building applications that can run across a variety of cloud architectures in a secure form.

Google calls it Asylo.

You might think Asylo means asylum – and you’d be correct – asylo is actually Greek for ‘safe place’.

Google has so named this technology because it seeks to create a secure space for applications ‘to run in a secure enclave’ inside multi-tenant cloud environments.

Currently an experimental Google project, the Asylo framework teams says that Asylo makes it easy to build ‘enclave applications’ targeting a variety of emerging trusted execution environments from existing code.

Asylo applications can be ported between enclave technologies without source-code changes.

According to the Asylo team, “The ability to write trustworthy, portable applications that can execute securely in a variety of environments is important to the integrity and mobility of sensitive applications. The open source Asylo framework can significantly advance the state-of-the-art in application security through the transparency, scrutiny, and collaboration afforded by open development.”

Google says that coming soon is functionality with Asylo to allow developers to run existing applications in an enclave by just copying an app into an Asylo container, specifying the backend, initiating a rebuild… and then run.