Recently, Impulse Online was invited to participate in the "Seminar on Privacy Computing Technology—Security and Efficiency" conference held in Shanghai by Intel (China) and Shanghai Guochuang Technology Industry Innovation and Development Center, and talked with leading technology experts in the field of privacy computing The technology and application value of privacy computing in the era of data intelligence.
Chen Haodong, co-founder & CTO of Impulse Online, delivered a speech entitled "Building a More Efficient and Safer Data Circulation Infrastructure Based on a Trusted Execution Environment" at this event, and conducted in-depth discussions on data privacy computing and circulation.
Driven by policies, the data element market is booming. However, data, as a special factor of production, faces three major challenges in the process of circulation and transactions, which need to be resolved urgently, namely, data rights are difficult to define and guarantee; user data privacy is difficult to obtain. Protection; lack of efficient incentive mechanism to drive users to actively participate in data circulation.
In order to solve the above challenges, Impulse Online has created a credible data circulation scenario based on TEE and blockchain. The overall plan includes two roles: the data demander and the data owner. If the roles of the two parts are matched, the system needs to be divided into two levels, namely the control level and the execution level, and the alliance chain provides data collaboration management services.
As the only feasible technical means to ensure the safe circulation of data, privacy computing has three technical routes: multi-party secure computing, federated learning, and trusted execution environment. In terms of technology selection, Impulse Online adheres to the basic route of the trusted execution environment. The core reason is that the trusted execution environment has great advantages in both performance and versatility.
Trusted Execution Environment TEE (Trusted Execution Environment) is a security area built by software and hardware methods on the computing platform, which can ensure that the code and data loaded in the security area are protected in terms of confidentiality and integrity. The goal of a trusted execution environment is to ensure that a task is executed as expected, to ensure the confidentiality and integrity of the initial state, and the confidentiality and integrity of the runtime state.
Trusted execution environment implementation types include memory encryption isolation, such as Intel SGX, AMD SEV, and CPU time division isolation and memory space isolation. In the TEE software ecology, it mainly includes SDK, TEEOS, LibOS, service framework and application layer ecology.
Taking the Intel SGX-based TEE technology as an example, the code and data in the trusted execution environment run in a secure area isolated in the memory, and the hardware ensures that this memory area cannot be addressed by code in other areas, so other areas Code cannot steal data in the secure enclave even with OS-level privileges. The data in the security zone can only enter and leave through the specified interface function. When persistent storage is required, it will be encrypted and written to the disk, and the key can only take effect in the security zone generated by the same application on the same physical device. Thereby ensuring data security and integrity.
Impulse Online has built a secure computing area on the data computing platform through the innovation of software and hardware technical solutions, which can ensure that the codes and data loaded inside are protected in terms of confidentiality and integrity. At the same time, using this technology, the data computing platform can obtain better processing speed, more general programming interface, and safer user experience in processing complex operators and hardware data privacy protection, so that it can adapt to more usage scenarios. Realize the credibility and security of data circulation.
Previously, Impulse Online was selected into the "Intel AI Top 100 Innovation Incentive Program" for its innovative solutions in the field of artificial intelligence and TEE. Combined with Intel SGX, it launched a federated learning + TEE solution, which improved training performance compared with traditional MPC/federated learning hundred times. In the future, Impulse Online will continue to cultivate in the field of privacy computing technology, build a data circulation platform that can adapt to a variety of privacy computing technologies, and provide customers in industries such as finance, government affairs, telecommunications, Internet, and medical care with security, privacy, trustworthiness, intelligence, and efficiency. The data circulation helps enterprises refine their data operations.