In order to enforce confidentiality, we want to run the PSM server in a Trusted Execution Environment (TEE). The scope of this task is:
- to decouple the TLS layer from the API and the Storage layer from the rest of the app
- so upon receiving a request the flow is:
Host (TLS redirection) -> Enclave (TLS termination + API + business logic) -> Host (storage)
- We will initially use AWS nitro enclaves for this first integration
- We will manage TLS keys inside the enclave, so the host cannot read any inbound or outbound traffic.
- We will also keep an encryption key in the enclave, and encrypt/decrypt payloads from storage, so the host cannot read the payloads to be persisted.
In order to enforce confidentiality, we want to run the PSM server in a Trusted Execution Environment (TEE). The scope of this task is:
Host (TLS redirection) -> Enclave (TLS termination + API + business logic) -> Host (storage)