NashTech Insights

Table of Contents
Confidential Computing

On the internet, you can hear the trending slogan “Zero Trust, Zero Knowledge.” But no one can live alone, and they must collaborate to develop. In other words, they must share their values but keep their secret knowledge. So, cloud providers support them in deploying their services to “confidential computing.”

What is confidential computing?

Confidential computing is a cloud computing technology that isolates sensitive data in a protected CPU enclave during processing. The enclave will store data and the techniques used to process it. To access this enclave, we need to have an authorized programming code. They are invisible and unknowable to anyone, including the cloud provider.

Two distinct security and privacy dimensions in confidential computing

AWS uses specialized hardware and associated firmware to protect customer code and data during processing from outside access. Generally, we group highly sensitive data and code into another part to manage access and privilege.

Confidential computing has two distinct security and privacy dimensions:

  • Dimension 1: (important dimension) Protect your code and data from Cloud Operator.
    That means Cloud Operator (such as AWS Operator, Azure Operator, GCP Operator, etc.) can’t access your code and data. These cloud providers can help us to manage cloud resources and support us in resolving Cloud issues, but they can’t help us to check our data or code.
  • Dimension 2: Protect your code and data from yourself
    • Divide workloads into more-trusted and less-trusted components.
    • Design a system that allows parties that do not, or cannot, fully trust one another to build systems that work in close cooperation while maintaining the confidentially of each party’s code and data.

So, confidential computing can help us to protect data. But what kind of data they can help us to protect? And how can they protect them? Go to the next section to get some details about that.

The states of data protection

States of data protection.

To protect data, we need to consider the states of data. As you see in the picture above, we have three states of data to consider:

  • Data at rest: These data are inaccessible and stored in cloud storage. Cloud storage includes block storage, object storage, databases, archives, IoT devices, and other storage mediums.
  • Data in transit: Any data sent from one system to another that includes communication between resources within your workload as well as communication between other services and your end users
  • Data in use: Data in use is currently being updated, processed, accessed, and read by a system. 

After recognizing the states of data, we will follow the wellarchitect of AWS to protect your data. Generally, you should secure your data in the following ways:

  • Use multi-factor authentication (MFA) with each account.
  • Use SSL/TLS to communicate with AWS resources. We require TLS 1.2 and recommend TLS 1.3.
  • Set up API and user activity logging with AWS CloudTrail.
  • Use AWS encryption solutions, along with all default security controls within AWS services.
  • Use advanced managed security services such as Amazon Macie, which assists in discovering and securing sensitive data that is stored in Amazon S3.
  • If you require FIPS 140-2 validated cryptographic modules when accessing AWS through a command line interface or an API, use a FIPS endpoint. For more information about the available FIPS endpoints, see Federal Information Processing Standard (FIPS) 140-2.

Now, we will follow the blog to see AWS’s Confidential Computing Capabilities to know how AWS provides security services.

Confidential Computing Capabilities

Confidential Computing Capabilities

As you see in the picture, AWS will use the AWS Nitro System to protect the first dimension. Besides that, AWS provides AWS Nitro Enclaves and NitroTPM to protect the second dimension.

  • AWS Nitro System: the foundation of virtualization in modern EC2 instances
  • AWS Nitro Enclaves: provides a hardened, highly isolated compute environment to protect further and securely process highly sensitive data.
  • Nitro TPM: Allows cryptographic attestation of the health and integrity of Nitro instances via the TPM 2.0 standard.

Confidential computing – Dimension 1 Protection

AWS Nitro System

The Nitro System, the underlying for all modern Amazon EC2 instances, provides additional confidentiality and privacy for the applications. For ten years (from 2012 to 2021), AWS reinvented the EC2 virtualization stack by moving more and more virtualization functions to dedicated hardware and firmware, and the Nitro System is a result of this continuous and sustained innovation.

Confidential Computing: Classical virtualization vs AWS Nitro System

At the first level of protection, the AWS Nitro System can help customer protection from the cloud operator and cloud system software.

  • Protection from cloud operators: At AWS, they design systems to ensure workload confidentiality between customers and between customers and AWS. Nitro System doesn’t allow operator access. There’s no mechanism for any system or person to log in to EC2 servers (the underlying host infrastructure), read the memory of EC2 instances, or access any data stored on instance storage and encrypted EBS volumes.
  • Protection from AWS system software: The unique design of Nitro System utilizes low-level, hardware-based memory isolation to eliminate direct access to customer memory, as well as to eliminate the need for a hypervisor on bare metal instances
    • For virtualized EC2 instances: The Nitro Hypervisor works with the underlying hardware visualization systems to create virtual machines. These virtual machines are isolated from each other and from the hypervisor itself. Besides that, Network, storage, GPU, and accelerator access use SR-IOV (Single Root I/O Virtualization) technology, which allows instances to interact directly with hardware devices using a pass-through connection securely created by the hypervisor. Other EC2 features, such as instance snapshots and hibernation, are all facilitated by dedicated agents that employ end-to-end memory encryption that is inaccessible to AWS operators.
      EC2 Virtual Machine host
    • For bare metal EC2 instances: There’s no hypervisor running on the EC2 server, and customers get dedicated and exclusive access to all of the underlying main system boards. When customers want to take advantage of low-level hardware features – such as performance counters and Intel® VT – that aren’t always available or fully supported in virtualized environments, they can consider using bare metal instances. Also, if they want to run applications intended to run directly on the hardware or licensed and supported for use in non-virtualized environments. Bare metal instances feature the same storage, networking, and other EC2 capabilities as virtualized instances because the Nitro System implements all of the system functions generally provided by the virtualization layer in an isolated and independent manner using dedicated hardware and purpose-built system firmware.
      Bare Metal EC2 instances

Confidential computing – Dimension 2 Protection

Nitro TPM

In computing, Trusted Platform Module (TPM) technology provides hardware-based, security-related functions. A TPM chip is a secure crypto-processor designed to carry out cryptographic operations. 

There are three key advantages of using TPM technology. 

  • First, you can generate, store, and control access to encryption keys outside the operating system. 
  • Second, you can use a TPM module to perform platform device authentication by using the TPM’s unique RSA key, which is burned into it. 
  • And third, it may help to ensure platform integrity by taking and storing security measurements.
Confidential Computing: AWS NitroTPM

AWS Nitro System provides a virtual device Nitro Trusted Platform Module (NitroTPM) that conforms to the TPM 2.0 specification. We can use it to securely store artifacts (such as passwords, certificates, or encryption keys) to authenticate the instance. Furthermore, NitroTPM can generate and use keys for cryptographic functions (such as hashing, signing, encryption, and decryption).

NitroTPM provide measured boot.

NitroTPM provides measured boot, a process where the bootloader and operating system create cryptographic hashes of every boot binary and combine them with the previous values in NitroTPM internal Platform Configuration Registers (PCRs). With measured boot, you can obtain signed PCR values from NitroTPM and use them to prove to remote entities the integrity of the instance’s boot software. This is known as remote attestation.

With NitroTPM, keys, and secrets can be tagged with a specific PCR value so that they can never be accessed if the value of the PCR, and thus the instance integrity, changes. This special form of conditional access is referred to as sealing and unsealing. Operating system technologies, like BitLocker, can use NitroTPM to seal a drive decryption key so that the drive can only be decrypted when the operating system has booted correctly and is in a known good state.

Besides that, NitroTPM needs to run with UEFI Secure Boot, which helps customers secure software from threats that persist across reboots.

UEFI Secure Boot with NitroTPM

AWS Nitro Enclave

AWS Nitro Enclaves is an Amazon EC2 feature that allows you to create isolated execution environments, called enclaves, from Amazon EC2 instances. Enclaves are separate, hardened, and highly-constrained virtual machines. They provide only secure local socket connectivity with their parent instance. They have no persistent storage, interactive access, or external networking. Users cannot SSH into an enclave, and the processes, applications, or users (root or admin) of the parent instance cannot access the data and applications inside the enclave.

Nitro Enclave and Parent EC2 instance

So, we can use Nitro Enclave in many use cases:

  • Secure sensitive data, such as personally identifiable information (PII), and your data processing applications.
  • Support an attestation feature, which allows you to verify an enclave’s identity and ensure that only authorized code runs inside it.

Nitro Enclave integrates with the AWS Key Management Service (KMS), which provides built-in support for attestation and enables you to prepare and protect sensitive data for processing inside enclaves. Besides that, Nitro Enclave can also integrate with other Key Management Services.

Nitro Enclave uses the same Nitro Hypervisor technology that provides CPU and memory isolation for Amazon EC2 instances to isolate the vCPUs and memory for an enclave from a parent instance.

Nitro Enclave uses the same Nitro Hypervisor.


When you use a cloud service, consider security and how the cloud provider supports you. Therefore, protecting your sensitive data from cloud operators and yourself is the key to confidential computing. Generally, when you start an EC2 in AWS, this cloud provider ensures you always reach the first dimension protection. Based on your needs, you can enable NitroTPM and Nitro Enclave to get more of the second dimension protection.

For the Next Blog, you can consider focus.


Trần Minh

Trần Minh

I'm a solution architect at NashTech. I live and work with the quote, "Nothing is impossible; Just how to do that!". When facing problems, we can solve them by building them all from scratch or finding existing solutions and making them one. Technically, we don't have right or wrong in the choice. Instead, we choose which solutions or approaches based on input factors. Solving problems and finding reasonable solutions to reach business requirements is my favorite.

Leave a Comment

Your email address will not be published. Required fields are marked *

Suggested Article