SecureVault & environment variable protection - A PoConcept

Hardware security module application testing on AMD EPYC server Processor - Test

Inspiration

My Inspiration for this project primarily stems from a deep-seated concern for security, which I believe is crucial in today's hardware and software landscape. In my experience with hosting applications, I have frequently observed a variety of attacks on both my server and computer, which igniting my interest in this field. Also, I was in search of a meaningful project to dedicate myself to, and this hackathon presented the perfect opportunity to combine my interests with a significant and relevant challenge.

What it does

My project is designed to enhance the security of both financial and non-financial applications, whether they are hosted on-premises or in the cloud. It focuses on safeguarding sensitive data, which is crucial for personal and confidential computing tasks. By leveraging the capabilities of Epyc processors and Hardware Security Modules (HSM), this project aims to bolster confidence among developers and clients in using these technologies. This will facilitate a more secure infrastructure for running various applications.

How we built it

I have created the app by utilizing FastAPI and a PostgreSQL database, leveraging Epyc processor for their secure encrypted virtualization and secure nested paging capabilities for vm's. The core idea of the application is to encrypt incoming data for safe storage, like in vault(i.e aws s3/database) and decrypt it when necessary. The app is safeguarded against external attacks on it's sensitive files such as password and key provided by the third party by encrypting them using ASP derived key. This approach can be widely used in various applications, both financial and non-financial, to ensure confidentiality and security.

Challenges we ran into

We encountered difficulties in the areas of design and planning, and we struggled to implement our ideas effectively, mainly due to the challenge of obtaining accurate information, especially since many aspects were proprietary.

Accomplishments that we're proud of

My thoughts and designs for the hackathon project were realized, and it unfolded just as I had envisioned.

What we learned

I have gained knowledge about contemporary computing, where processors are becoming more intelligent through the integration of SoC (System on a Chip) technology and firmware closely tied to the processor. This is undoubtedly reshaping the landscape of modern computing, particularly in light of the remarkable virtualization technologies introduced by AMD. These innovations serve as a source of inspiration for computer enthusiasts and scientists alike, encouraging them to explore and pioneer the next frontier.