Authored by Cybernetica
In the era of data-driven applications, safeguarding sensitive information is paramount, giving rise to privacy and confidentiality requirements in large data processing scenarios. Tackling these issues is at the forefront of the TEADAL project, which is dedicated to the development of trustworthy and privacy-aware federated data lakes. In this blog post, we explore the convergence of TEADAL and privacy enhancing technologies (PETs), highlighting their pivotal role in shaping the landscape of data privacy and security.
Privacy Enhancing Technologies (PETs): An Overview
PETs are technologies that enable using data while maintaining the privacy of data subjects. For example, PETs could minimise the data or offer means to aggregate the data without revealing the inputs. Such privacy-preserving computations can be based on various technologies. TEADAL envisions the onboarding of some of them, namely Secure Multi-Party Computation (MPC), Trusted Execution Environments (TEEs), and Zero-Knowledge Proofs (ZKPs). These technologies enable the execution of generic computations on sensitive data without compromising confidentiality. Let’s delve into each.
Secure Multi-Party Computation (MPC): Combining Data Without Compromise
MPC, a cryptographic technique, facilitates collaborative data analysis while preserving individual data privacy. Such analysis only reveals the results of the computations, but no participant, including the analyst, has access to the underlying data. In the TEADAL evidence-based medicine pilot, MPC can be used to enable multiple hospitals to collaboratively produce holistic insights from patient datasets without compromising the confidentiality of the individual patients’ records. Each hospital inputs their encrypted data and the MPC protocols compute a global combined report for clinical studies. The use of this technology enables impactful medical evaluations, without revealing individual patient data, remaining compliant with the strict regulations in the medical realm.
Trusted Execution Environments (TEEs): Ensuring Confidentiality in Data Insights
TEEs, hardware-based security technologies, create secure environments for executing sensitive code. TEEs ensure that the correct application is executing and that the data in the application is not revealed elsewhere. In the TEADAL shared financial data governance pilot, TEEs can provide a solution for producing a comprehensive view of financial regulations and due diligence insights across geographies. This ensures security, verifiability, and compliance with legal constraints while delivering actionable insights within the financial landscape.
Zero-Knowledge Proofs (ZKPs): Concealing Details, Proving Validity
ZKPs, cryptographic methods, prove the truth of a statement without revealing additional information. In the TEADAL regional planning for environmental sustainability pilot, ZKPs can help validate energy usage statistics without disclosing private customer data. For example, a smart building could prove that it fulfils some energy-efficiency certificate requirements without revealing its exact energy consumption. ZK tools can also simplify and foster the integration of privacy enhancing systems in blockchain applications, for instance, by reducing a set of private transactions into a verifiable proof to be committed to the network.
Future Directions: Integrating PETs into Data Lakes Architecture
The intersection of TEADAL and PETs presents promising avenues for enhancing trust, integrity, verifiability, and confidentiality in data lake operations. As we envision future iterations of TEADAL, the integration of MPC, TEEs, and ZKPs aims to redefine data analysis solutions, elevating the standards of privacy and security in the evolving landscape of an evidence-based data lake architecture.
Stay tuned, as TEADAL continues to pioneer advancements at the nexus of federated data lakes and privacy-preserving technologies.
For detailed insights, refer to TEADAL Consortium’s deliverables here below: