As expected, only good things came from Microsoft joining the Linux Foundation. Together with the consortium of other companies that use Linux extensively, such as Intel and IBM; Microsoft has helped bring support for trusted execution environment to the Linux OS under the umbrella of “Confidential Computing”.
The Confidential Computing push would allow applications to execute in protected environments in the operating system, such that data and code would be protected, even if the OS itself was compromised. Readers will, of course, be familiar with the similarities between this and the various DRM schemes that Microsoft attempted to build into Windows.
As part of the effort, Microsoft is contributing the Open Enclave SDK that can be used by developers to build apps that will run in the trusted execution environment. Using the SDK, each application will consist of two components- one untrusted part that will run in the untrusted OS, and a trusted part, that’s protected inside the enclave.
These trusted computing initiatives, of course, very much rely on hardware support; and Intel will be contributing their software guard extension chip feature, that will enforce the security of the Open Enclave code.
Open-source company Red Hat is contributing its Enrax framework, which is similar to Microsoft’s Open Enclave but is targeted more at public cloud services.
As Microsoft continues to embrace and extend the Linux operating system to make it more suitable for their cloud computing needs, it seems the only thing at risk of being extinguished is Linux’s long, irrelevant reputation as a “toy operating system”.
Read more about the trusted execution environment initiative at Microsoft here.