Publikation
An Analysis of AWS Nitro Enclaves for Database Workloads
Adrian Lutsch; Christian Franck; Muhammad El-Hindi; Zsolt István; Carsten Binnig
In: Proceedings of the 21st International Workshop on Data Management on New Hardware, DaMoN 2025, Berlin, Germany, June 22-27, 2025. International Workshop on Data Management on New Hardware (DaMoN), Pages 5:1-5:8, ACM, 2025.
Zusammenfassung
Cloud databases have become prevalent, as evidenced by the rapid
growth of systems such as BigQuery, Snowflake, and Databricks.
Concurrently, there has been a significant increase in the require-
ments for secure data processing when outsourcing databases to
the cloud. For this, Trusted Execution Environments (TEEs) have
emerged as a key technology in the cloud, which is witnessed by
the fact that all cloud providers offer TEEs in their service portfolios.
However, Amazon Web Services’ (AWS) approach to TEEs based
on Nitro Enclaves fundamentally differs from that of other cloud
providers like Microsoft and Google or standard technologies such
as Intel SGX. In this paper, we thus set out the goal to understand
the implications of using AWS Nitro Enclaves for cloud databases.
Although Nitro Enclaves initially appear to be a promising platform
for pure TEE performance, they come with significant limitations
regarding communication with the Nitro Enclave. Our benchmark
results provide insight into the performance and practical chal-
lenges of deploying database workloads in AWS Nitro Enclaves,
offering valuable guidance for practitioners and researchers.