These sources provide an extensive overview of **AWS Nitro Enclaves**, an isolated compute environment designed to protect highly sensitive data within Amazon EC2 instances. The AWS material emphasizes that the underlying **AWS Nitro System** is a foundational security innovation that ensures no Amazon employee can access customer workloads or data, fulfilling the core principle of secure AI infrastructure by isolating data from the cloud operator. A key technical article, written by security researchers, meticulously analyzes the **attack surface of Nitro Enclaves**, offering developers actionable guidance on mitigating risks related to virtual sockets, randomness, memory management, and side-channel attacks. Finally, practical examples showcase how Nitro Enclaves, often integrated with **AWS Key Management Service (AWS KMS)** for encryption and cryptographic attestation, can be used to securely deploy **Large Language Model (LLM) inference** applications that handle sensitive information like PII and PHI.

Sources:

https://aws.amazon.com/blogs/machine-learning/a-secure-approach-to-generative-ai-with-aws/

https://aws.amazon.com/blogs/machine-learning/large-language-model-inference-over-confidential-data-using-aws-nitro-enclaves/

https://aws.amazon.com/ec2/nitro/

https://blog.trailofbits.com/2024/09/24/notes-on-aws-nitro-enclaves-attack-surface/