Create your first AWS Nitro Enclaves application

Transcript

1. © 2022, Amazon Web Services, Inc. or its affiliates. All

   rights reserved.

2. © 2022, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Create your first AWS Nitro Enclaves application C O M 2 0 4 Richard Fan Security Engineer ExpressVPN

3. © 2022, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Agenda What is AWS Nitro Enclaves? How does Nitro Enclaves work? How do you build a Nitro Enclaves application? Demo Use cases

4. © 2022, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. What is AWS Nitro Enclaves? • Isolated, highly constrained virtual machine • No administrator access • No persistent storage • No external networking • Communication over a secure local channel

5. © 2022, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Why Nitro Enclaves? • Prevent unauthorized access • Protect data in use • Ensure application integrity

6. © 2022, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. How does Nitro Enclaves work?

7. © 2022, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Enclave image file (EIF) • Defines the enclave runtime environment • Built from Docker image • Contains operating system, libraries, applications

8. © 2022, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Vsock socket • Local communication channel • Between Amazon EC2 instance and enclave • The only channel between enclave and outside world

9. © 2022, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Attestation document • Generated and signed by Nitro Secure Module (NSM) • Contains information about the enclave • Used to verify the enclave’s identity

10. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Why do we need an attestation document? • We have a very secure Nitro Enclave application • We have a very secure database • How do we know the data is going to the real enclave application? Unauthorized user’s app

11. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Why do we need an attestation document? • Send request with attestation document • Validate the attestation document (and its attributes) • Application cannot forge it Unauthorized user’s app

12. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Building a Nitro Enclaves application

13. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Create Amazon EC2 instance • Nitro-based instances with >=4 vCPUs Except Burstable (T2, T3, etc.), Arm (for example A1), Bare Metal • Enable Nitro Enclaves when creating instance • Graviton-based instances with >=2 vCPUs

14. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Nitro Enclaves CLI • Command line tool to manage enclave’s lifecycle • Create, manage, terminate enclaves • Debug your enclave application

15. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Nitro Enclaves CLI Building EIF from Docker image docker build -t demo-app:latest . nitro-cli build-enclave --docker-uri demo-app:latest \ --output-file demo.eif Starting enclave nitro-cli run-enclave --eif-path hello.eif \ --cpu-count 2 --memory 3072 --debug-mode

16. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Nitro Enclaves CLI Debugging application (read only) nitro-cli console --enclave-id ${ENCLAVE_ID}

17. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Network proxy • Relay vsock traffic to IP traffic • Allow enclave to connect with outside network

18. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Network proxy • Additional proxy inside enclave • Relay IP traffic to vsock • Compatible with most libraries that support TCP/HTTP connection • Higher latency

19. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Using an attestation document

20. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Attestation document • Generated and signed by NSM • CBOR-encoded and COSE-signed (just like JSON and JWT) • Use nsm-lib to make request from application (written in Rust)

21. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Attestation document • Contains the unique PCRs of the enclave • Use X.509 certificate to validate root of trust • Optional fields for custom use cases: public key, user data, nonce

22. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Demo

23. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Demo https://github.com/richardfan1126/nitro-enclave-python-demo

24. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Use cases • Process sensitive data (for example, PII, healthcare, financial data) • Protect proprietary algorithm • Source code auditing • Integration with Amazon EKS “A Framework for Building Secure, Scalable, Networked Enclaves,” https://arxiv.org/pdf/2206.04123.pdf

25. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Takeaways • Nitro Enclaves protects the data, not your application • Nitro Enclaves is not a datastore • Validate request with attestation document

26. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Thank you! Richard Fan @richardfan1126 richardfan1126 richardfan1126 Please complete the session survey