Technical Name OverCloud: Cloud-based Trusted Computing Platform for Data Analytics
Project Operator National Center for High-performance Computing, National Applied Research Laboratories
Project Host 林錫慶
The data provider (owner) has the responsibility to protect the integrity, confidentiality and privacy of its own data.
Data analysts (users) expect that the designed analysis process can be verified with real data or obtained after artificial intelligence training.
Through the cloud platform and encryption technology, it provides a trusted fingerprint mechanism with evidence of the use of computing resources (computational fingerprint), and establishes trusted access to sensitive data. Trust the cloud platform, according to the calculation process, there is evidence of usage
The data is stored in a protected data cluster, which is encrypted through the acquisition process and can be audited.
The user cannot directly read the original data, and the data will be provided randomly (out of order).
Compared with the "data not leaving the department" mechanism, "data does not fall to the ground" makes smart data more "close to use" under reasonable control!
Scientific Breakthrough
This patent design mainly solves the premise of how to ensure the integrity of the data during the calculation process. Except for the use of data analysts, the content of the data itself cannot be downloaded or peeped to improve the close use of Sensitive Data under reasonable and legal authorization Accessibility. Unlike Prior Art CN102075542B[2] and GB2533098A [3], this patent focuses on the role and importance of the user's role (data provider and data division) in the confidentiality of the data. Existing cloud platform services, such as Asylo (GCP), Open Enclave SDK (Intel), and Enarx (Redhat), only provide TEE (Trusted Execution Environments), but there are no special rights and benefits for the two roles of users.
Industrial Applicability
When facing the use of public and private sectors, cloud platform industry's biggest challenge is data security [1], which is the main problem solved by this patent.
In terms of data providers, a complete and encrypted data flow and data storage area mechanism ensure data integrity (Data Integrity).
In addition to the data provider's consent to access the data, the third-party identity verification is also required to ensure that the data is not used by the authorized data analyst. The entire process of encryption will not be obtained by the cloud platform maintenance personnel. This process also Complete information confidentiality (Confidentiality).
Keyword cloud computing trust computing platform analyzing confidential dataset
  • Contact
other people also saw