Confidential Computing allows teams to run their services in highly constrained compute environments, known as Secure Enclaves. While Confidential Computing can take many forms, they typically share two common features — attestation, and restricted I/O. These two features are powerful building blocks in creating trustable, and secure services.
Attestation is a way for the integrity of a service running in a Secure Enclave to be validated at runtime. This offers teams a guarantee that they are talking to a known version of their service.
In practice, attestation is typically a two step process. Before a service is deployed to a Secure Enclave, it is ‘measured’ and signed. Measuring the service involves computing checksums over the bundle that will be deployed, and the signature allows teams to lock down deployments to trusted sources (i.e. environments that can sign the bundle using a known private key).
Then, when a client interacts with the service, they can request the Attestation Document/Evidence and validate that it contains the expected checksums, and is signed by a known key pair.
Allowing clients to verify the integrity of services that process sensitive data, can massively improve the security of a system by preventing sensitive data from being leaked to unknown/untrusted deployments.
Enclaves are the easiest way to deploy any Docker application as an AWS Nitro Enclave — so you can leverage the attestation, privacy and security guarantees of Confidential Computing. To get started with Enclaves, check out the Hello World guide below.