March 15, 2023

Confidential Computing and Secure Enclaves with AWS's Arvind Raghu

How to Subscribe
Share In

For years engineers have relied on encryption at rest and transit to help protect sensitive data. However, historically data needs to be decrypted to actually use it, which risks the potential exposure of the underlying data. Confidential computing is a computing paradigm that aims to protect data in use, not just data in transit or at rest. The goal of confidential computing is to provide a secure computing environment where sensitive data can be processed without the risk of exposure or compromise.

AWS Nitro Enclaves is a service provided by Amazon Web Services (AWS) that enables customers to create isolated compute environments within their Amazon Elastic Compute Cloud (EC2) instances. In a Nitro Enclave, the application code and data are encrypted and processed inside the enclave, ensuring that they are protected from both the hypervisor and the host operating system. This makes Nitro Enclaves ideal for workloads that require a high level of security, such as confidential computing, secure machine learning, and blockchain-based applications.

Arvind Raghu, Principal Specialist in EC2 and Confidential Computing at AWS, joins the show to explain confidential computing, AWS Nitro Enclaves, and the use cases this technology unlocks.

Topics:

  • What is confidential computing?
  • What’s the motivation behind the investment in this technology?
  • What are some of the problems this approach to privacy and security solves that were previously a potential vulnerability for companies?
  • How does a hardware-based trusted execution environment prevent a bad actor from executing unauthorized code? How is the memory space protected?
  • Can you explain how Nitro Enclaves enhance the security of confidential computing on AWS?
  • What’s the process for using Nitro Enclaves versus a standard EC2 instance
  • How do I go about using Nitro Enclave for performing an operation on sensitive data? What does the programming process look like to do that?
  • What are some use cases that you’ve seen that you are particularly excited about?
  • How can Nitro Enclaves be used to protect sensitive data in specific use cases, such as financial services or healthcare?
  • Are there any limitations or trade-offs to consider when using Nitro Enclaves for confidential computing?
  • What innovations or business directions do you think secure enclaves will enable in the future?
  • What’s next for Nitro Enclaves? Anything you can share?
  • Where do you see the area of confidential computing going in the next 5-10 years?

Resources:

Other Podcast

September 11, 2024

Pseudo-anonymization of Data with Jack Godau

In this episode, Sean sat down with Jack Godau to dive deep into the world of pseudoanonymization. Jack shared how pseudoanonymization differs from anonymization, explaining its value for maintaining data utility while complying with stringent regulations like GDPR.

August 28, 2024

The Evolution of Certificate Management with Anchor Security's Ben Burkert

In this episode we explore how certificates and TLS function, the inherent difficulties in managing internal TLS certificates, and why nearly every engineer has a horror story related to it.

August 14, 2024

What is a Data Lakehouse with Upsolver's Ori Rafael

In this episode, we sit down with Ori Rafael, CEO and Co-founder of Upsolver, to explore the rise of the lakehouse architecture and its significance in modern data management.