Confidential Computing Deployment with AWS Nitro

The TSM can be deployed in AWS Nitro enclaves for an increased protection of sensitive key shares. The principle of AWS Nitro is that any OCI container image can be executed within Nitro enclaves secure environment almost without modifications. The administrator (root) of the AWS EC2 VM instance to which the Nitro enclave is linked, nor even the kernel of this instance can read into the enclave’s memory. Nitro operates a minimal user space and kernel by AWS without any shell or console access which, upon launch, will execute the TSM. You can learn more about AWS Nitro enclaves from AWS documentation page.

Cryptographic attestation in AWS Nitro, is a security mechanism designed to verify the integrity and authenticity of the software stack running within a Nitro enclave and related hardware as well as establish a secure channel to inject secrets during Nitro enclave bootstrap. For each component of the boot process AWS Nitro system generates a set of measurements which include hashes and platform configuration registers (PCRs) that are unique to the enclave instance. Those measurements get signed by Nitro hypervisor and can be used as additional policies for AWS KMS. You can read more about AWS cryptographic attestation for Nitro through AWS documentation.

TSM supports running inside AWS Nitro with cryptographic attestation allowing secure sensitive key material injection and configuration provisioning.

Please contact us in case you would like to know more about this feature.