Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Create your first AWS Nitro Enclaves application

Avatar for Richard Fan Richard Fan
December 13, 2023

Create your first AWS Nitro Enclaves application

AWS re:Invent 2022 Dev Chat
COM204 Create your first AWS Nitro Enclaves application

Avatar for Richard Fan

Richard Fan

December 13, 2023
Tweet

More Decks by Richard Fan

Other Decks in Technology

Transcript

  1. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Create your first AWS Nitro Enclaves application C O M 2 0 4 Richard Fan Security Engineer ExpressVPN
  2. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Agenda What is AWS Nitro Enclaves? How does Nitro Enclaves work? How do you build a Nitro Enclaves application? Demo Use cases
  3. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. What is AWS Nitro Enclaves? • Isolated, highly constrained virtual machine • No administrator access • No persistent storage • No external networking • Communication over a secure local channel
  4. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Why Nitro Enclaves? • Prevent unauthorized access • Protect data in use • Ensure application integrity
  5. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. How does Nitro Enclaves work?
  6. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Enclave image file (EIF) • Defines the enclave runtime environment • Built from Docker image • Contains operating system, libraries, applications
  7. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Vsock socket • Local communication channel • Between Amazon EC2 instance and enclave • The only channel between enclave and outside world
  8. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Attestation document • Generated and signed by Nitro Secure Module (NSM) • Contains information about the enclave • Used to verify the enclave’s identity
  9. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Why do we need an attestation document? • We have a very secure Nitro Enclave application • We have a very secure database • How do we know the data is going to the real enclave application? Unauthorized user’s app
  10. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Why do we need an attestation document? • Send request with attestation document • Validate the attestation document (and its attributes) • Application cannot forge it Unauthorized user’s app
  11. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Building a Nitro Enclaves application
  12. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Create Amazon EC2 instance • Nitro-based instances with >=4 vCPUs Except Burstable (T2, T3, etc.), Arm (for example A1), Bare Metal • Enable Nitro Enclaves when creating instance • Graviton-based instances with >=2 vCPUs
  13. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Nitro Enclaves CLI • Command line tool to manage enclave’s lifecycle • Create, manage, terminate enclaves • Debug your enclave application
  14. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Nitro Enclaves CLI Building EIF from Docker image docker build -t demo-app:latest . nitro-cli build-enclave --docker-uri demo-app:latest \ --output-file demo.eif Starting enclave nitro-cli run-enclave --eif-path hello.eif \ --cpu-count 2 --memory 3072 --debug-mode
  15. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Nitro Enclaves CLI Debugging application (read only) nitro-cli console --enclave-id ${ENCLAVE_ID}
  16. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Network proxy • Relay vsock traffic to IP traffic • Allow enclave to connect with outside network
  17. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Network proxy • Additional proxy inside enclave • Relay IP traffic to vsock • Compatible with most libraries that support TCP/HTTP connection • Higher latency
  18. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Using an attestation document
  19. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Attestation document • Generated and signed by NSM • CBOR-encoded and COSE-signed (just like JSON and JWT) • Use nsm-lib to make request from application (written in Rust)
  20. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Attestation document • Contains the unique PCRs of the enclave • Use X.509 certificate to validate root of trust • Optional fields for custom use cases: public key, user data, nonce
  21. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Demo
  22. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Demo https://github.com/richardfan1126/nitro-enclave-python-demo
  23. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Use cases • Process sensitive data (for example, PII, healthcare, financial data) • Protect proprietary algorithm • Source code auditing • Integration with Amazon EKS “A Framework for Building Secure, Scalable, Networked Enclaves,” https://arxiv.org/pdf/2206.04123.pdf
  24. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Takeaways • Nitro Enclaves protects the data, not your application • Nitro Enclaves is not a datastore • Validate request with attestation document
  25. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Thank you! Richard Fan @richardfan1126 richardfan1126 richardfan1126 Please complete the session survey