Confidential Code

For developers using BioLib Encrypted Cloud, one benefit is that the application source code and databases will not be sent to the end-users' machine. BioLib Encrypted Cloud utilizes modern encryption technologies to make applications available in a way that protects both the end-users' data and the developers' code. You can find general information about BioLib Encrypted Cloud here.

As a developer, to specify that your code should only be executed in BioLib Encrypted Cloud, include the client_side_include tag in your config.yml. Under client_side_include, specify which modules of your application are allowed to run on the client's computer. All other modules will be executed in BioLib Encrypted Cloud.

Example

Say you have an application that makes inference with a TensorFlow model that you wish to keep secret. It includes the following modules:

  1. main
  2. tensorflow

If you wish to allow the main module to run on the client's computer, specify this under the client_side_include:

biolib_version: 1
modules:
    main:
        path: src/__main__.py
        executor: 'bl-python3:*'
    tensorflow:
        path: build/model.pb
        executor: 'bl-tensorflow:*'
client_side_include:
    - src/__main__.py # <-- This file will run on the client's computer
                      #     all other files will not be sent to the client
arguments: 
    ...

Currently, only TensorFlow frozen graph (.pb) and Open Neural Network Exchange (.onnx) files are supported in BioLib Encrypted Cloud.