Listen to this article now
As more sophisticated threat actors emerge and news of significant data breaches are pretty much a weekly occurrence, cybersecurity has become a boardroom level conversation, not just an IT one. That’s why we’re seeing increased interested in Confidential Computing across the enterprise, a compute strategy that allows data to be processed in memory without exposing it to the rest of the system by way of the utilization of a Trusted Execution Environment (TEE). The AWS TEE solution, AWS Nitro Enclaves, is something I was recently briefed on and wanted to cover here.
Before I dive into AWS Nitro Enclaves, some backstory is appropriate. In our recently-published report The Rise of Confidential Computing — Trust: The New Battlefield in the Age of Digital Transformation, my colleague Shelly Kramer and I discussed the benefits of Confidential Computing including ensuring data protection while data is being used and allowing the development of technology deployment options to protect against insider threats.
In today’s business climate when data breaches can cost millions in lost revenue and downtime, negatively impact careers, consumer trust, and brand reputation in significant ways, Confidential Computing is aimed to address a significant challenge that requires immediate attention. Cloud vendors are stepping up to meet this need with various solutions. Different vendors are taking slightly different approaches to address the need to provide trusted execution environments, and we believe that AWS Nitro Enclaves is taking a noteworthy approach that would benefit from further assessment and consideration of any cloud adopter.
AWS Nitro Enclaves: What is an Enclave?
AWS Nitro Enclaves is an EC2 feature that allows the user to create isolated environments that are strongly protected from other parts of the environment through the use of the hardware features of the physical cloud infrastructure. This allows a user to create or obtain enclave-based applications that they trust to operate on sensitive data or embody valuable intellectual property, without having to trust the security of their operating system, privileged administrators, or adversaries that gain access to their compute infrastructure. These enclaves provide no persistent storage, external networking, or human based access; they can only communicate through a trusted channel to the instance that created the enclave.
AWS Nitro Enclaves uses a secure virtual socket (VSOCK) interface, which is commonly available Open Source technology present in the Linux kernel since 2016, as the only communication channel between the “trusted” software running within the enclave and the “normal” or “untrusted” software running in the EC2 instance. The end result is a feature that encourages the adoption of compartmentalization and isolation patterns that protect data, and also meaningfully reduce the success of surface level attacks.
The best part? AWS Nitro Enclaves are processor agnostic and work with most Intel and AMD-based Amazon EC2 instance types allowing for the most flexibility for end users.
How is AWS Nitro Enclaves the Company’s Answer to Trusted Execution Environments? And What About Confidential Computing?
AWS has not adopted the term “Confidential Computing” in its marketing of AWS Nitro Enclaves. Presently, there are inconsistent definitions between industry analysts, consortia, and customers who are eager to improve their security posture. For some time now, IT departments have been tasked with securing data at rest and in transit through encryption, but there have not been widely available options for protecting data in memory. This has raised questions and concerns from management and regulators.
Some cloud providers have taken a marketing position that Confidential Computing enables you to trust a cloud vendor less by delegating responsibility to a trusted hardware manufacturer. AWS has always taken a strong position with clear messaging to their customers: AWS is responsible for the security ‘of’ the cloud infrastructure, while customers are responsible for security running ‘in’ the cloud.
The security and confidentiality of a customer’s compute workloads running on the latest generation EC2 instances is provided by a combination of technological and operational safeguards that AWS built into the AWS Nitro system — a unique combination of AWS-designed hardware and firmware. A component of that system is the Nitro Hypervisor, which is a firmware-based hypervisor that is responsible for using processor hardware features to strongly isolate physical system resources in creating EC2 instances and AWS Nitro Enclaves. The Nitro Hypervisor is unlike commercial-off-the-shelf or commodity open source virtualization solutions. It is purpose-built to meet the security and operational needs of AWS and its customers which include the most demanding and sensitive workloads running today.
Architecturally, some newer hardware-based technological safeguards for server processors such as AMD SEV-ES, AMD SEV-SNP, Intel® TDX, or Arm Confidential Compute Architecture (CCA) could be incorporated in the implementation of AWS Nitro Enclaves without meaningfully changing the user experience, or affecting enclave application compatibility. This provides a path for AWS to continue to raising the bar with the hardware features it uses for isolation and confidentiality.
Some customers may have requirements that steer them toward the direct adoption of vendor-specific hardware-based trusted execution environments such as Intel® SGX, rather than a TEE that supports multiple hardware vendors like AWS Nitro Enclaves. In those cases, a cloud provider will need to provide access to the proprietary hardware feature. Customers should keep in mind that this may reduce available capacity, or introduce additional implementation complexity.
Real Life Applications of AWS Nitro Enclaves
AWS Nitro Enclaves can be utilized by any number of industries that may need to keep sensitive data safe, from financial services to defense and life sciences. AWS Nitro Enclaves help protect against any number of complex threats, from internal to external, by creating extremely controlled, limited, restricted user environments.
Some benefits of using AWS Nitro Enclaves include:
- Flexibility: AWS Nitro Enclaves offer control over both memory and processing power allocated to an enclave environment, and users can vary both CPU core and memory as needed. AWS Nitro Enclaves can be used across EC2 instances supported by many different CPU vendors and it’s also compatible with all programming languages and frameworks.
- Cost savings: AWS Nitro Enclaves is basically free. AWS bills only standard charges for an organization’s initial EC2 instance and other AWS services.
- Security: Obviously, securing any type of sensitive information is key here, and AWS Nitro Enclaves do this with an attestation process that requires a signed attestation document that can verify an enclave’s identity and ensure only authorized code is running it.
Why AWS Nitro Enclaves Make Sense
As we covered in our report, Confidential Computing is still in the nascent stages. All of the big cloud players are working to develop the most secure technology to protect data in any state that it exists. User preference and specific business need will always determine which is best for an organization.
We believe that the multi-year investments AWS has made in the hardware-based technology at the heart of the Nitro System is evidence of a larger trend: that Big Tech is increasingly addressing data security in novel and important ways. With AWS Nitro Enclaves, the result of these investments is placed directly into the hands of customers to isolate and protect sensitive data and processing in the cloud. Overall, we are bullish on the increased focus and commitment from the industry to address data security in all states. We expect big things ahead in the Confidential Computing and Trusted Execution Environment space, and AWS—as always—should be expected to compete diligently through its comprehensive offerings.
Futurum Research provides industry research and analysis. These columns are for educational purposes only and should not be considered in any way investment advice.