Follow Datanami:
March 10, 2014

Intel Designs Secure Data Locker

Tiffany Trader

In today’s data-driven world, security and privacy are ever-present concerns. A new initiative from Intel, codenamed Reliance Point, aims to provide a safe way for organizations to blend their databases in order to facilitate analytics, without jeopardizing confidentiality.

“There are many companies and organizations that own data, and would like to share in a way that [ensures] it is not released or stolen,” says Sridhar Iyengar, a director of security research at Intel Labs and one of the project leads. “This is a neutral environment where parties can place their data and derive an answer without revealing their data to one another.”

In order to keep information from falling into the wrong hands, many valuable data sets remain locked up behind corporate firewalls. Under Reliance Point, researchers from Intel Labs and Intel’s data center group are working to develop a secure data locker where multiple parties can collate data in order to foster insight while the raw information remains unaccessible. The organizations using the system would agree on the analysis to be performed, deposit their data in the locker and then get the results without ever seeing the other side’s raw input. Once the insights are gleaned, the locker is wiped clean.

End users and businesses alike are worried about privacy breaches. A trusted mechanism for sharing information would make users more apt to take part in data collaboration schemes, but neutrality is key.

“When we say neutral place,” states Vinay Phegade, an architect in Intel Labs, “we mean a trustworthy software environment that enables cooperation between parties with no prior trust in each other, but they do trust this environment. They need to trust this environment to perform joint computation on their private data in such a way that their respective data is shared with this neutral place, but not with each other. An algorithm that will process their data is agreed on by the parties, and the integrity of the platform is ensured through specific hardware security components.”

The Reliance Point framework takes advantage of Intel’s hardware in a mutually trustworthy environment. The data locker employs multiple security checks using Intel Trusted Execution Technology (TXT). On startup, a security chip analyzes the BIOS, the Basic Input/Output System that is fundamental for all computers, to make sure it hasn’t been compromised. The BIOS then makes its inspections before the next level of software is cleared. The safety checks proceed until the system is fully operational.

Although currently a research effort, Intel maintains that the Reliance Point framework is being evolved in close collaboration with the company’s product teams. A functional prototype runs on a single server and has been tested using mock workloads. While this solution would be suitable for small- and medium-sized businesses, Intel researchers are developing a larger version of the prototype, which they will test with real world data sets. To that end, the company is experimenting with new hardware-security primitives, analytics algorithms, and deployment models.

Big data is definitely a focus for the project as are verticals that deal in sensitive information, such as financial services, healthcare and government. The company sentiment is that as long as data remains in silos, it can’t reap the benefits of big data analytics.

“The benefit of a framework like Reliance Point for businesses is clear,” notes an article on Intel’s Adrenaline site. “At last, companies can collate their information without devitalizing their data sets. The advantages of big-data analytics will finally move from being contained within organizations to magnifying exponentially across all organizations. The value of widespread, collated data will be far greater than the sum of its parts.”

While Intel’s experience in both hardware and software puts it in a good position to develop this technology, one potential stumbling block will be finding a trusted third party to operate the “mutually trustworthy environment.” In the words of one blogger: “Reliance Point does not resolve the trust issue as much as it relocates it with a third party.” There is also the issue of deciding on what code is to be run on the combined data sets as well as verifying that the code does what it is supposed to do. Intel is addressing these challenges one step at a time as it works to propel the technology through its R&D pipeline.

Datanami