AWS Encryption and Data Sovereignty - Hardware-Level Isolation from KMS to Nitro Enclaves
We explain hardware-level encryption and data sovereignty assurance through AWS KMS, CloudHSM, and Nitro Enclaves, and compare design differences with other cloud providers.
The Layered Architecture of Encryption as a Design Principle
AWS's encryption strategy is designed as a layered architecture that you can choose from based on your use case and requirements. The most accessible layer is server-side encryption with AWS managed keys, where default encryption is enabled on major services like S3, EBS, and RDS. Users don't need to think about encryption - stored data is automatically encrypted with AES-256. The next layer is KMS (Key Management Service) customer managed keys, where you can manage key rotation policies, usage audit logs, and access control through IAM policies yourself. For even stricter requirements, CloudHSM provides key management on dedicated hardware with FIPS 140-2 Level 3 certification. The top layer is Nitro Enclaves, which isolates even data in use at the hardware level. This layered architecture allows you to choose the optimal encryption level based on your regulatory requirements and security policies.
KMS Design and Envelope Encryption
AWS KMS employs a technique called envelope encryption. Data itself is encrypted with a data key (DEK), and that data key is encrypted with a master key (CMK) - a double-layered structure. There's a clear reason for this design. If you directly encrypt large amounts of data with the master key, the risk of master key exposure increases, and re-encrypting all data becomes necessary when rotating the key. With envelope encryption, only the data key needs to be re-encrypted during master key rotation - re-encrypting the data itself is unnecessary. KMS master keys are generated and stored within HSMs (Hardware Security Modules) and never leave the HSM in plaintext. All key usage is recorded in CloudTrail, enabling complete tracking of who used which key and when. With multi-region keys, you can maintain encryption during cross-region data replication while decrypting with local keys in each region.
Dedicated Hardware Key Management with CloudHSM
CloudHSM is a service that provides dedicated HSM appliances with FIPS 140-2 Level 3 certification within your VPC. The biggest difference from KMS is that complete ownership of the keys belongs to the customer. With KMS, master key management is shared with AWS, but with CloudHSM, even AWS operators cannot access the keys. Only the customer holds the HSM administrator credentials, and AWS is responsible only for the physical hardware operation. This separation is essential when financial regulations or government agency requirements demand a state where the cloud provider cannot access the keys. CloudHSM clusters can span multiple AZs with automatic key synchronization between HSMs, achieving a highly available configuration that eliminates single points of failure. It supports industry-standard APIs like PKCS#11, JCE, and CNG, making migration from existing on-premises HSMs relatively straightforward. CloudHSM can also be used for key management in Oracle TDE and Microsoft SQL Server transparent data encryption.
Nitro Enclaves - Hardware Isolation for Data in Use
Traditional encryption protects data at rest and in transit, but data in use exists in a decrypted state in memory, making it difficult to protect. Nitro Enclaves is AWS's unique solution to this challenge. Nitro Enclaves creates an isolated virtual machine within an EC2 instance, providing independent CPU and memory space that is inaccessible even from the parent instance. Memory within the Enclave is encrypted, and there are no debug ports or shell access. Even the root user of the parent instance cannot access data inside the Enclave. This isolation is enforced at the hardware level by the Nitro Hypervisor. By combining KMS with Nitro Enclaves, you can build an architecture where encrypted keys are decrypted only within the Enclave and sensitive data processing is completed entirely within the Enclave. This is suited for use cases requiring data-in-use protection, such as medical data analysis, financial transaction processing, and personal information matching.
Data Sovereignty and Comparison with Other Clouds
Data sovereignty refers to the principle that data should be managed according to the laws of the country where it physically resides. AWS provides a comprehensive data sovereignty solution by combining geographic data control through region selection, customer-managed encryption keys through KMS and CloudHSM, and data-in-use protection through Nitro Enclaves. Azure offers confidential VMs based on AMD SEV-SNP under its Confidential Computing initiative, leading in data-in-use protection. Azure's confidential VMs take the approach of encrypting the entire VM at the hardware level, with the strength that no application modifications are required. On the other hand, Nitro Enclaves takes a design that isolates only part of the application into the Enclave, offering the flexibility to minimize the scope of protection. GCP provides Confidential VMs and Confidential GKE Nodes, and its Cloud HSM service equivalent to AWS CloudHSM has obtained FIPS 140-2 Level 3 certification. To deepen your practical knowledge of encryption and data sovereignty, related books (Amazon) can also be helpful.
Summary
AWS's encryption strategy provides a layered architecture ranging from automatic encryption with managed keys, to KMS customer managed keys, to CloudHSM dedicated hardware, to Nitro Enclaves data-in-use protection - all selectable based on requirements. Efficient key management through envelope encryption, complete audit trails of key usage through CloudTrail, and hardware-level isolation through the Nitro Hypervisor form the technical foundation for ensuring data sovereignty. While Azure's Confidential Computing leads with whole-VM encryption, AWS differentiates with Nitro Enclaves' flexible isolation and CloudHSM's complete key ownership. Applying encryption at every stage of data storage, transit, and processing, while retaining key management authority within your organization, is the path to achieving data sovereignty in the cloud era.