Achieve software supply chain security using AWS Nitro Enclaves and GitHub Actions

Transcript

1. © 2024, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Achieve software supply chain security using AWS Nitro Enclaves and GitHub Actions Richard Fan AWS Security Hero

2. © 2024, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. What is Supply Chain Security Introduction to SLSA SLSA on GitHub Actions How AWS Nitro Enclaves fit in Demo Agenda

3. © 2024, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. What is Supply Chain Security

4. © 2024, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Supply chain attacks

5. © 2024, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Why supply chain security is difficult • Modern software is complex • Lack of standard • Limited visibility

6. © 2024, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Where does the software come from? Source Developers Build Package Consumers Dependencies

7. © 2024, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. How can things go wrong?

8. © 2024, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. How can things go wrong? Source Developers Build Package Consumers Dependencies Unauthorized code change Compromised repository Build from compromised source code Compromised build process Using compromised dependency Modified package Compromised package store Downloading compromised package

9. © 2024, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Introduction to SLSA

10. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. What is SLSA Supply-chain Levels for Software Artifacts Framework for software integrity Build trust between software producer and consumer Different levels of security assurance

11. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Don’t just sign, Attest! Signing Attestation From trusted source Explicit meaning Detail about the artifact Implicit meaning Limited information From trusted source

12. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. SLSA Provenance

13. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. SLSA Security Level L1 Provenance exist Prevent trivial mistakes L2 Authentic provenance Prevent minor attacks L3 Unforgeable provenance Prevent advanced attacks

14. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Achieving SLSA L3 on GitHub Actions

15. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. What is GitHub Actions CI/CD platform Workflow defined within code repo Run on GitHub- / self-hosted runner

16. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. GitHub Actions workflow name: Build and sign EIF on: [push] permissions: contents: read packages: write id-token: write attestations: write jobs: build_and_sign_artifact: runs-on: ubuntu-latest steps: # ... Build and push artifact - name: GitHub attest uses: actions/[email protected] GitHub-hosted hardened runner + Runner’s identity Generate and sign provenance Unforgeable provenance =

17. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. GitHub Actions workflow

18. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. SLSA provenance SLSA provenance Built by GitHub Actions Source code version Software output

19. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Where does the software come from? Source Developers Build Package Consumers Dependencies SLSA

20. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. The story is not over yet

21. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. The software need to run somewhere Package Server End-users Deployment Downloading compromised package Compromised deployment process Unauthorized deployment Unauthorized access Accessing compromised API endpoint

22. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. AWS Nitro Enclaves Isolated virtual machine Run on EC2 instances No admin access No persistent storage No external networking

23. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Attestation document Can be obtained within the enclave only Signed by Nitro Secure Module (NSM) Contains information about the enclave Prove the enclave’s identity

24. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Attestation document 1. Present attestation document to client 2. Client validates enclave fingerprint (PCRs) 3. Client uses the public key to encrypt data 4. Client sends encrypted data to enclave

25. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. The full story

26. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Where does the software come from? Source Build Package Fingerprint (PCRs) Enclave Image File (EIF) Attest Enclave End-users Attestation document Verify with attested artifact Verify source code and build process

27. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Demo

28. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Demo - How high (or low) is my salary? This is a difficult question I want to know how much you earn But I don’t want you to know how much I earn

29. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Demo - How high is my salary enclave app Only tell you where is your salary ranked Source code is open Build process is open Run on AWS Nitro Enclave Proved by attestation document Data encrypted between you and the enclave

30. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Wrap up • Software supply chain security: § Source code to artifact → SLSA § Artifact to end-user → AWS Nitro Enclaves • GitHub Actions can help you achieve SLSA L3 build • Don’t just sign, Attest!

31. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. What we didn’t cover • Source code security → Code scanning § Amazon CodeGuru Security § GitHub CodeQL • Security of dependencies → SBOM, dependency scanning § Amazon Inspector SBOM Generator § Amazon ECR image scanning § GitHub Dependabot

32. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Useful links Blog post series AWS Nitro Enclaves Demo app GitHub Action - AWS Nitro Enclaves EIF Build Action

33. © 2024, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Thank you! © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Richard Fan [email protected] richardfan1126