Today, Google is releasing an open source framework for the development of “confidential computing” cloud applications—a software development kit that will allow developers to build secure applications that run across multiple cloud architectures even in shared (and not necessarily trusted) environments. The framework, called Asylo, is currently experimental but could eventually make it possible for developers to address some of the most basic concerns about running applications in any multi-tenant environment.
Container systems like Docker and Kubernetes are designed largely to allow untrusted applications to run without exposing the underlying operating system to badness. Asylo (Greek for “safe place”) aims to solve the opposite problem—allowing absolutely trusted applications to run “Trusted Execution Environments” (TEEs), which are specialized execution environments that act as enclaves and protect applications from attacks on the underlying platform they run on.
"The threats people are concerned about are things like rootkits or bootkits, things that hit the lower rings of the operating system stack," said Rob Sadowski, Google's Trust and Security marketing lead, in an interview with Ars. "And also, when you get into cloud or any shared infrastructure—virtualization on premises or in the cloud—you could have administrators or third parties who have access at these layers. So there's always this tension where you have people asking, 'How do I make sure I'm the only person who has access to any of this stuff?'"
Most major cloud services already offer measures such as logging and access controls to help monitor and lock down application environments. Some applications require even more assurance of their security—such as encryption key management, financial applications, and other tasks that enterprises might not feel at ease putting even into their own internal virtualization environments for security reasons. But as the need to ramp up some of these applications increases—for example, to manage encryption keys for thousands of Internet of Things devices—the imperative to find a way to scale them up in the cloud has grown as well.
Where did we get TEE?
The TEE concept was originally defined 10 years ago by the Open Mobile Terminal Platform, an organization of mobile network operators and mobile device vendors as part of a hardened mobile environment for mobile commerce and accessing protected pay-per-view mobile videos. But the TEE concept is now being applied to building hardened, "enclave-ized" applications atop technologies such as ARM's TrustZone security extension and Intel's Trusted Execution Technology (TXT) and Software Guard Extensions (SGX).
The problem has been that these capabilities have not been abstracted out in a way that makes it accessible for most developers to build enclaved applications of their own. While there have been some demonstrations of the use of TEE-type applications for tasks like cryptography—Wolf SSL ran a demonstration of a cloud-based cryptographic system based on SGX at the 2016 Intel Developer Forum—building such applications has required very highly specialized knowledge and tools, linked specifically to a particular hardware platform. And many of the proofs of concept for such enclaved applications have run only on workstation hardware.
That's a tools gap that the Asylo framework is aimed at closing. The SDK, available in version 0.2 for C++ developers, abstracts out multiple hardware and software back-ends for applications so they can be easily recompiled for any of them without a source code change. There's also a Docker image provided via Google Container Registry that includes all the dependencies needed to run the container on any environment that supports TEE.
"Asylo applications do not need to be aware of the intricacies of specific TEE implementations," wrote Google Cloud Senior Product Manager Nelly Porter and other members of the Google Cloud team in a blog post published today. "[Y]ou can port your apps across different enclave backends with no code changes. Your apps can run on your laptop, a workstation under your desk, a virtual machine in an on-premises server, or an instance in the cloud."
The current Asylo implementation provides enclaves through the use of a software back-end. "We are exploring future backends based on AMD Secure Encryption Virtualization (SEV) technology, Intel® Software Guard Extensions (Intel® SGX), and other industry-leading hardware technologies that could support the same rebuild-and-run portability," the Asylo team wrote in its blog post. And in a future release of Asylo, existing applications will be able to be run in an enclave by simply copying their source code into an Asylo container and recompiling them for the target platform. Support for other container environments, such as Kubernetes, is also expected, Porter told Ars.