Data Trust Technology – Living in the big data era

R3 Nov 15 2022 By: Peter Li
Comments

0 Comments

Views

243 Views

R3 data trust technology
Peter Li
Peter Li Senior Developer Evangelist
Share this post:
Copied

Were you ever in a situation where you hesitated about whether to share your data with someone else? He/she could be someone you just met, but you were agreeing on a cool business idea and about to make it happen. You became unsure about the processes of collaboration that might be favoring the other side. That, my friend, is a sign of distrust in the business flows, and there is nothing wrong with it because it is a simple mechanism that we have in order to protect ourselves. But how are we going to battle that distrust? I want to work with my partners, but I need to have more data trust in the business flows!

Before we talk about Data Trust Technology, we have to look deep into where exactly the distrust resides. Under the current technological infrastructure, the distrust typically resides around utilizing, transacting, and applying these data.

One possible moment when there might be distrust is when we are handing our data to the service providers. Can we trust the service providers to properly and safely handle the data we generated for them? This is a very big topic, and people start coming up with sayings like “Not your key, not your data.” Yet, I believe we still do not have a mature and scalable solution for that. (For more on this topic, please refer to my previous blog: Blockchain, DLT, NFT, Web3.

Another possible moment when there might be distrust is when the service providers are interacting with one another. They often do that to try to come up with new business models, offer new services, or create new business values. However, when they are exchanging knowledge, they do not have a hundred percent trust in their counterparties. Shall we hand this piece of information to my partner company? And will they willingly give us the piece of data that I would like in exchange? Such questions will always come to these companies. This is due to the in-transparency of data flowing. Moreover, the worry about human factors is also a big part of distrust.

Where does distrust reside?

where does distrust reside

From the above two angles, we can see that distrust always happens around procedural steps or interactions. And it is not difficult to conclude that the distrust in this data era is most likely a procedure layer problem. We also need to be aware that the trusted technology we are about to introduce, the blockchain technology, and the confidential computing technology cannot solve any distrust caused by fraudulent data, or bad admin starting malicious attacks on the server database. The trusted technology offers solutions to treat distrust that happens during the procedures.

Data trust in a transaction

Traditionally, for a long time, business flows are executed in a single-direction pathway. Business flows are running from one department and pass to the next department and then the next one. Then pass it to the counterparty’s side then it is also one department at a time. On the large scale of business, there will be a few dozen counterparties working together. Imagine all the data transacting and business transactions are single directions, if everything goes as planned, then it is all good. But, if there is a mistake in the process, then it will be a very time-consuming process to back-trace and re-correct.

Data trust transaction

Is it possible to just have everyone work together and openly share what they know about the business flow, and share them freely, for the sake of completing the business deal? That would be ideal, but unfortunately, while it is fact that companies are always looking for new business partners, and trying out new innovative collaboration models, they are still cautious about data sharing.

So, how is R3 trying to make the procedural data distrust that happens everywhere in our life go away?

Through our research, we realize that blockchain technology or now we commonly call it distributed ledger technology can mitigate the distrust in data sharing of business flows while keeping the privacy and security of the data. We introduce the concept of what I see is what you see. We developed R3’s blockchain platform Corda, utilizing the immutability and traceability of blockchain, and automated execution of smart contracts to ensure that data can be shared across the relevant business partners when it is registered to the business flow. Doing so significantly increases data transparency and reduces the chance of rework. But again, I want to point out the important point here: the data is only shared with relevant business partners; therefore, the privacy of the business is not comprised.

No direct data exchange

Corda’s data transacting schema can be described as follows:

  1. Every business parties run its own centralized database. They are connected with your Corda platform, but Corda does not request direct database access.
  2. There will be a message bus running on your Corda platform. When a business flow is triggered, the message bus will go to the door of each centralized database run by each of the companies.
  3. The database will give whatever data the owner agreed to give when compositing the smart contract with the rest of the business partners.
  4. Steps 2 and step 3 will repeat until the bus visits all the relevant business parties of this specific business flow.
  5. Once all data are collected, the computing of the transaction will start, and broadcast the result to the relevant parties when it is done.

As a summary, we brought Corda to you to offer a way to share data in a secure and faster way while remain the privacy of these transactions, battling the distrust among business parties. The result of mitigating distrust in business flow would be a reduction of operation costs and faster execution speed. So that was R3’s first offering of our trust technology.

People might ask, the Corda message bus is still taking data from one company to another company; although we no longer worry about the hiccups that might happen when the data is moving, I still worry what if my counterparty turns back on us after the current deal. They might sell our data secretly elsewhere! Is there a way for me to protect the data in use?

Conclave – Data trust and privacy are the default for your business

Don’t worry! R3’s second product Conclave is here to help. Conclave is a confidential computing platform, where data is useable but not visible. The technology of confidential computing starts getting more attention in recent years when data privacy becomes a hot topic around the world. There are two angles of the study of confidential computing, the software way, and the hardware way. For the software way, researchers are heads down trying to design the best algorithms (ZKP alike). Whereas, at R3, we are working with Intel on the hardware approach.

Conclave

Intel developed a new technology called Intel SGX: Enclave, for which isolated memory space is allocated for a data process, and it is not accessible by the upper-level operating system such as Windows or macOS, etc. Intel calls this isolated space the Trusted Execution Environment. From the name, you can tell this is designed for battling distrust in the data processing. Most computer attacks are via software through the operating system, this approach will block most of the potential attacks via the OS. Well, If you are one of the white hat hackers who can pull off attacks via the wavelength of the chip, please email HR@r3.com. We most likely will have a position for you.

Trusted execution environment (TEE)

Back to TEE, what you can do with it is you can put an algorithm into the TEE. Then, different parties will put the data into this TEE, and the TEE will not reveal any details of the data in it. Then the algorithm will execute and spit out a result. For example:

  1. Charley, Bob, and I want to hand out candies to kids at Halloween. We each have candies that have different brands or flavors, but for some reason, we don’t want to share that information with one another because it is “sensitive” to each of us.
  2. Now, what we will do is put those candies into the TEE.
  3. The kids show up and say to the TEE “treat or trick”!
  4. The TEE will run the candies handing algorithm and give the candies to the kids.

Data is usable but not visible

Data is usable but not visible

In a summary, Charley, Bob, and I did what we wanted to do, without exchanging any data. And all the sensitive bits of information is remained private to each of us. And the kids did get the candies. 4 wins the situation!

You might wonder, hold on a second, if enclave TEE is isolated from the operating system, how do I code the algorithm and deploy data to the TEE? This is R3’s Conclave platform coming into place! Conclave takes the assembly language of Enclave and translates it into an easily useable platform that you can code from Java, and now we are experimenting with another language such as Python.

Now, let’s put together the puzzles and back to R3’s Trust Technology conversation.

  1. With Corda, we streamline the data/transaction flows in business while preserving data privacy and data security.
  2. On top of Corda, with the help of Conclave, we can use TEE to further protect the data in use, avoiding data leakage.

R3 Data Trust Technology

R3 data trust technology

R3 is open to discussing the potential project opportunities and business ideas you have. Please contact us at DevRel@r3.com.

Peter Li
Peter Li Peter Li is a Developer Evangelist at R3, an enterprise blockchain software firm working with a global ecosystem of more than 350 participants across multiple industries from both the private and public sectors to develop on Corda, its open-source blockchain platform, and Corda Enterprise, a commercial version of Corda for enterprise usage.

Leave a Reply

Subscribe to our newsletter to stay up to date on the latest developer news, tools, and articles.