Alibaba Cloud Elastic Compute Service (ECS) protects your workloads with multiple levels of security protection, from hardware root of trust to confidential computing. While encryption at rest and in transit are well-established, protecting data during active processing -- data in use -- remains a critical challenge. ECS addresses this with hardware-level memory encryption, trusted computing, and confidential computing capabilities. Default features require no extra configuration. Confidential VMs based on Intel TDX require no code changes, while SGX enclaves require integration with the SGX SDK.
Security capabilities at a glance
| Security capability | Description | What it protects | Enabled by default | User action |
|---|---|---|---|---|
| Hardware Root of Trust | Ali-PRoT (Platform Root-of-Trust) chip | Hardware and firmware integrity | Yes | None |
| Memory Encryption | Default memory encryption | Data in memory against physical attacks | Yes | None |
| Trusted Computing | vTPM-based trusted boot | Boot integrity during instance startup | No | Select a supported instance family |
| Confidential Computing | Confidential VMs (Intel TDX) | Runtime data including CPU registers and memory | No | Select a supported instance family and enable TDX |
| Confidential Computing | Enclaves (Intel SGX, virtualization enclaves) | Trusted isolation for sensitive operations | No | Select a supported instance family |
Security architecture overview
Hardware Root of Trust -- Ali-PRoT
Alibaba Cloud deploys the self-developed Ali-PRoT (Platform Root-of-Trust) hardware security chip on ECS hosts. This chip provides out-of-the-box hardware and firmware security without extra configuration. Its core capabilities include the following:
Proactive firmware measurement: Before the host starts, Ali-PRoT verifies the integrity of firmware such as BIOS (Basic Input/Output System) and BMC (Baseboard Management Controller). Unlike traditional passive recording methods, Ali-PRoT proactively detects and blocks potential threats before the firmware executes. Only verified servers are allowed to start, which ensures host security at the source.
Runtime tamper-proofing: While the host is running, Ali-PRoT continuously monitors firmware reads and writes. It blocks unauthorized access and modifications in real time to keep the business environment trusted.
Hardware identity authentication: Ali-PRoT uses the unique hardware identity provided by the chip, together with the cloud platform's security control system, to authenticate physical servers. This prevents unauthorized devices from accessing the cloud platform and enhances overall platform security.
Default memory encryption
Memory encryption protects memory data against physical attacks and improves data security in the cloud. You can benefit from this protection without modifying your operating system or applications. The g8i, general-purpose instance family, c8i, compute-optimized instance family, and other instance families support memory encryption by default.
Trusted computing
Trusted instances use the virtual Trusted Platform Module (vTPM) at the hypervisor layer as a Root of Trust. This enables trusted boot for ECS servers and verifies core components during instance startup to ensure that they have not been tampered with.
Confidential computing
Confidential computing uses CPU hardware encryption and isolation to provide a trusted execution environment (TEE). TEE protects data from unauthorized modification. You can also use remote attestation to verify that the cloud platform and instances are in the expected secure state.
ECS offers two approaches to confidential computing:
Enclave-based security
Alibaba Cloud provides confidential computing capabilities based on Intel Software Guard Extensions (Intel SGX) 2.0 and Alibaba Cloud virtualization enclaves. This significantly reduces the Trusted Computing Base (TCB), which minimizes the potential attack surface and lets you build a more secure and trusted confidential environment. For more information, see Build an SGX confidential computing environment and Build an enclave confidential computing environment.
Confidential VM security
Confidential VMs let you run sensitive workloads in the cloud with encrypted computing. This requires no code changes to your applications and helps protect your sensitive data. Alibaba Cloud provides Confidential VM capabilities based on Intel Trust Domain Extensions (Intel TDX). For more information, see Build a TDX confidential computing environment.