Customer Stories / Financial Services / United States
Achieving Greater Security and Efficiency Using AWS Nitro Enclaves and Anjuna Seaglass with Portal
Learn how blockchain startup Portal sped up key processing by 10 times using Anjuna Seaglass to accelerate its AWS Nitro Enclaves deployment.
10x acceleration
of key processing
2.5 weeks
to create isolated compute environments
Millions
of daily transactions handled
90% reduction
in time to market
Overview
As blockchain technology progresses, companies in this space need to build secure, scalable infrastructure while keeping pace with rapid innovation. Portal, a startup that specializes in blockchain payments and infrastructure, needed to manage this delicate balance. Customers that range from large fintech corporations to seed-stage startups rely on Portal’s embedded wallet functionality for secure token management and digital money transfers.
When Portal faced bottlenecks with the cryptographic portions of its multiparty solution, it needed an approach that could accelerate the process without compromising on security. So, Portal turned to Amazon Web Services (AWS) and Anjuna Security, an AWS Partner, to develop a solution. Using AWS Nitro Enclaves, which offers an isolated, hardened, and highly constrained environment to host security-critical applications, and Anjuna Seaglass—a software platform that virtualizes, accelerates, and optimizes AWS Nitro Enclaves deployments—Portal accelerated key processes by 10 times while still maintaining stringent security requirements.
Opportunity | Using AWS Nitro Enclaves to Accelerate Transactions for Portal
San Francisco–headquartered Portal manages infrastructure to facilitate customer interactions with blockchains and to build applications on blockchains for embedded payments. To use tokens and move digital money around, each user needs a wallet. Portal offers secure, embedded wallets to facilitate digital asset transactions; its multiparty technology is central to these capabilities.
Using this technology, multiple parties can perform computations without revealing their individual inputs to each other. This helps maintain privacy and security in transactions that handle sensitive data. However, Portal’s process involves complex cryptographic operations to generate large prime numbers, which are used to create secure encryption keys. The time required to generate keys could vary, sometimes taking several seconds. Portal serves customers who have millions of users, all expecting near-instantaneous responses, so it needed to find a way to overcome this bottleneck.
After evaluating multiple solutions, Portal realized that using AWS Nitro Enclaves while working with Anjuna Security, who developed the Anjuna Seaglass software platform to simplify and accelerate the deployment of confidential computing environments, would deliver the optimal solution. “AWS Nitro Enclaves, along with Anjuna Seaglass, was the best solution to move fast, maintain our security constraints, and speed up our processes,” says Parsa Attari, cofounder of Portal.
AWS Nitro Enclaves, along with Anjuna Seaglass, was the best solution to move fast, maintain our security constraints, and speed up our processes.”
Parsa Attari
Cofounder, Portal
Solution | Implementing Secure Compute Environments with AWS Partner Anjuna Security
Portal’s operations require large prime numbers, which are computationally intensive to generate. To speed up this process, the company originally considered pregenerating these numbers and fetching them during the operation. However, because of how security-sensitive these transactions can be, Portal did not want to use traditional methods for storing these pregenerated numbers, such as databases or file systems.
By using Anjuna Seaglass, Portal avoided the complexity of custom development. Instead, the company was able to run its applications without modifications, just like with regular compute instances. As a result, in only 2.5 weeks, Portal implemented AWS Nitro Enclaves to create compute environments for its most sensitive operations. This reduced time to market by an estimated 90 percent and removed the need for Portal to hire specialists.
“Anjuna Seaglass has been instrumental in simplifying our deployment,” says Attari. “With just one command, we can create secure enclaves for our applications, maintaining data confidentiality without the need for complex configurations.”
Using this capability, the company can store these numbers in memory inside the enclave, which provides built-in security protections and greatly reduces insider threat vectors. These enclaves are completely isolated from the host and have no persistent storage, no interactive access, and no networking, which means that even internal teams cannot access the sensitive data that they process. Within these secure environments, Portal can quickly access the pregenerated prime numbers, removing the time-consuming generation process during each transaction while maintaining security.
Portal also adopted AWS Key Management Service (AWS KMS), a service that is used to encrypt or digitally sign data, to manage encryption keys. Using AWS KMS, Portal can create and control the cryptographic keys that are used to encrypt data within the enclaves. This integration also provides a centralized, auditable system for key management, which helps Portal maintain compliance with various regulations. Portal also uses Amazon Simple Storage Service (Amazon S3), which is built to retrieve any amount of data from anywhere, to securely store nonsensitive data and applications.
Portal worked with Anjuna Seaglass to adapt its existing application to a continuous integration/continuous deployment (CI/CD) pipeline that is compatible with AWS Nitro Enclaves. “We use AWS KMS policies and key store alongside Amazon S3 to securely store AWS Nitro Enclaves information files for deployments,” says Domnick Eger, field chief technology officer and principal architect at Anjuna Security. “This approach aligns seamlessly with CI/CD processes; Portal has a standardized format to follow, so they do not have to start from scratch each time they deploy a new application.”
The solution also uses Amazon Elastic Kubernetes Service (Amazon EKS), which is the most trusted way to start, run, and scale Kubernetes. Using Amazon EKS, Portal can scale its application based on demand so that it can efficiently handle fluctuations in user activity. Portal’s prime number generation and key creation processes are now distributed across multiple AWS Nitro Enclaves that are managed by Amazon EKS, helping Portal maintain high performance and strong security as its user base grows.
Outcome | Achieving Improved Performance While Maintaining Strong Security
After implementing AWS Nitro Enclaves using Anjuna Seaglass, Portal accelerated key processing by 10 times, which has vastly improved the user experience. With isolated compute environments, Portal has also enhanced its security posture so that it can maintain compliance with the stringent security and auditability demands of the financial industry.
Portal also switched from manual deployments to automated, one-click processes, which has improved its operational efficiency. These gains, coupled with the automatic scaling capabilities of Amazon EKS, empower Portal to handle millions of daily transactions with robust performance.
Looking to the future, Portal is exploring new possibilities using AWS Nitro Enclaves, with a particular focus on peer-to-peer payments using blockchain. “It’s difficult for me to envision how we could accomplish certain tasks without AWS Nitro Enclaves,” says Attari. “While it might be possible to hire a team of exceptional engineers to build a system with the same level of security, it’s hard to see that as a realistic option. AWS Nitro Enclaves are truly unique in providing these capabilities.”
About Portal
Portal is a company that specializes in Web3 and blockchain payments. It manages infrastructure to facilitate customer interactions with blockchains and to build applications on blockchains with embedded payments.
About AWS Partner Anjuna Security
Anjuna Confidential Cloud software effortlessly enables enterprises to safely run even their most sensitive workloads in the public cloud. Unlike complex perimeter security solutions easily breached by insiders and malicious code, Anjuna leverages the strongest secure computing technologies available to make the public cloud the most secure computing resource anywhere.
AWS Services Used
AWS Nitro Enclaves
AWS Nitro Enclaves enables customers to create isolated compute environments to further protect and securely process highly sensitive data such as personally identifiable information (PII), healthcare, financial, and intellectual property data within their Amazon EC2 instances.
AWS Key Management Service
AWS Key Management Service (AWS KMS) encrypts data across your AWS workloads, digitally sign data, encrypt within your applications using AWS Encryption SDK, and generate and verify message authentication codes (MACs).
Learn more »
Amazon S3
Amazon Simple Storage Service (Amazon S3) is an object storage service offering industry-leading scalability, data availability, security, and performance. Millions of customers of all sizes and industries store, manage, analyze, and protect any amount of data for virtually any use case, such as data lakes, cloud-native applications, and mobile apps.
Learn more »
Amazon Elastic Kubernetes Service
Amazon Elastic Kubernetes Service (Amazon EKS) is a managed Kubernetes service to run Kubernetes in the AWS cloud and on-premises data centers.
More Financial Services Stories
Total results: 489
no items found
-
Denmark
Danske Bank Halves Large-Scale Migration Timeline with Hyperautomation on AWS
Danske Bank collaborates with AWS to streamline the migration of 16,600 servers to the cloud, minimizing costs and human-error risks with hyperautomation. -
Vietnam
VPBank Fuels Digital Transformation and Enhances Cloud Skills with AWS
In collaboration with AWS, VPBank drives cloud transformation, enabling improved performance, scalability, cost-effectiveness, and resilience, unlocking new opportunities for growth and innovation. -
Switzerland
Boosting Customer Service and Developer Productivity Using Generative AI on AWS with BPC
Global payments solutions provider BPC uses generative AI on AWS to quickly debug application logic issues and develop an intelligent chatbot that can provide relevant, rich responses to its employees and customers. -
United States
Zeta Powers Population-Scale Digital Banking and Saves Millions of Dollars in Capital Costs Using AWS
Learn how Zeta streamlines end-of-day processing, supports real-time transactions, and saves millions in capital costs on AWS.
Get Started
Organizations of all sizes across all industries are transforming their businesses and delivering on their missions every day using AWS. Contact our experts and start your own AWS journey today.