ARCA Trusted OS for x86 is a hardened Linux-based microdistribution designed to host containerized applications. This Operating System (OS) includes only what is required to run containers and is hardened to contain attack propagation and to avoid data compromission. ARCA Trusted OS for x86 embeds Kubernetes, Podman and Docker compose as container management tools.
ARCA Trusted OS for x86 can now be deployed into AWS EC2 instances as guest OS. This deployment is made with the activation of ARCA’s secure boot chain and the protection of keys for ARCA’s full disk encryption relying on a vTPM. These mechanisms ensure the authenticity and integrity of the guest OS at boot time and the protection of the confidentiality of data stored in ARCA’s VM image.
Furthermore, CYSEC has implemented several capabilities to facilitate the use of ARCA Trusted OS in AWS public cloud. ARCA Trusted OS for x86 has been made compatible with some of the AWS services. As an example, AWS Session Manager can be used for a simple and effective IAM access management of ARCA’s instances. CYSEC provides examples of Terraform deployment scripts for a fast and scalable deployment of ARCA’s instances on AWS public cloud.
The present ARCA Trusted OS for x86 offering for AWS cloud allows the deployment of Kubernetes nodes with a hardened OS protecting data-at-rest by-default. On top of this, CYSEC is currently working on making ARCA compatible with the AWS protection of data in-use (aka confidential computing) offering based on AMD SEV-SNP. Finally, and in order to complete its public cloud strategy, CYSEC is currently working on deploying ARCA on Azure.
If you want to try ARCA trusted OS on AWS, please go to our free trial page or send an email to firstname.lastname@example.org.