This year has, for me, been pretty much all about the Enarx project. I’ve had other work that I’ve been doing, including meeting with customers, participating in work with IBM (who acquired the company I work for, Red Hat, in July), looking at Kubernetes security, interacting with partners and a variety of other important pieces, but it’s been Enarx that has defined 2019 for me from a work point of view.
We started off the year with a belief that we could do something, and a challenge from our internal leadership to prove that it was possible. We did that with a demo on AMD’s SEV chipset at Red Hat Summit in Boston, MA in May, and an announcement of the project on this blog. We followed up with a demo on Intel’s SGX chipset at Open Source Summit Europe in Lyon in October. I thought I would mention some of the most important components for the development (in the broadest sense) of Enarx this year.
Enarx is not mine: far from it. I’m proud to be counted one of the co-founders of the project with Nathaniel McCallum, but we wouldn’t be where we are without a broader team, and as an open source project, it belongs to everyone who contributes and to everyone who uses it. You’ll find many of the members on the contributors page, but not everybody is up there yet, and there have been some very important people whose contribution has been advice, support and sponsorship of the project both within Red Hat and outside it. I don’t have permission to mention everybody’s name, so I’m going to play it safe and mention none of them. You know who you are, and we really appreciate your time.
Use cases – and partners
One of the most important things that we’ve done this year is to work out how people might want to use Enarx “in the wild”, as it were, and to perform some fairly detailed analysis and write-ups. Not enough of these are externally available yet, which is down to me, but the fact that we had done the work was vital in finding partners who are actually interested in using Enarx for real. I can’t talk about any of these in public yet, but we have some really interesting use cases from a number of multi-national organisations of whom you will definitely have heard, as well as some smaller start-ups about whom you may well be hearing more in the future. Having this kind of interest was vital to get buy-in to the project and showed that Enarx wasn’t just a flight of fancy by a bunch of enthusiastic engineers.
The most significant event in the project’s year was the announcement of the Confidential Computing Consortium at the Linux Foundation’s Open Source Summit this year. We at Red Hat realised that Enarx was a great match for this new group, and was very pleased to be a premier member at the official launch in October. At time of writing, there are 21 members, and it’s becoming clear that this the consortium has identified an area of concern and interest for the wider industry: this is another great endorsement of the aims and principles of Enarx.
Joining the Consortium hasn’t been the only activity in which we’ve been involved this year. We’ve spoken at conferences, had articles published (on Alice, Eve and Bob, on now + Next and on Opensource.com), spoken to press, recorded webcasts and more. Most important (arguably), we have hex stickers (if you’re interested, get in touch!).
Last, but not least, we’ve gone external. From being an internal project (though we always had our code as open source), we’ve taken a number of measures to try to encourage and simplify involvement by non-Red Hat contributors – see 7 tips for kicking off an open source project for a little more information.
Architecture and code
What else? Oh, there’s code, and an increasingly mature set of architectures for the various components. We absolutely plan to make all of this externally visible, and the fact that we haven’t yet is that we’re just running to stand still at the moment: there’s just so much to do. Our focus is on getting code out there for people to use and contribute to themselves and, without giving anything away, we have some pretty big plans for demos and more in 2020.
There’s one other thing that’s been important, of course, and that’s the fact that I’m writing a book for Wiley on trust, but I actually see that as very much related to Enarx. Fundamentally, although the technology is cool, and we think that the Enarx project meets an existing need, both Nathaniel and I believe that there’s a real opportunity for it to change how people manage trust for workloads in the cloud, in IoT, at the Edge and wherever else sensitive data and algorithms need to be executed.
This blog is supposed to be about security, and I’m strongly of the opinion that trust is a very important part of that. Enarx fits into that, so don’t be surprised to see more posts around trust and about Enarx over the coming year. Please keep an eye out here and at https://enarx.io for the latest information.