5 min Analytics

Clearly smart – Opaque Systems drives confidential computing

Clearly smart – Opaque Systems drives confidential computing

Opaque Systems is clear about one thing, its technology base requires some clarification and explanation. The firm is a specialist in secure multi-party analytics and AI for what it calls ‘confidential computing’, so what does that mean?

Taking each element in turn then, multi-party analytics (sometimes also known as private multi-party analytics) is a cryptography technique designed to enable two (or more) entities or organisations to execute a data computation that makes use of both parties’ private data, but never affords either one any sight of the other’s actual data.

Where project collaboration happens between businesses, multi-party analytics can be useful in terms of allowing companies to work on shared combined initiatives drawing from more than one data ownership base, but while preserving secured individual privacy throughout.

Hence we see Opaque tell us that is also a specialist in so-called confidential computing, so what does that mean?

Confidential computing is an approach to cryptography that allows two or more parties to perform a computation utilising their private data without disclosing that data to the other party in question. Confidential computing (projected to be a $54 billion market by 2026 by the Everest Group) provides a solution using Trusted Execution Environments (TEEs) or ‘enclaves’ that encrypt data during computation, isolating it from access, exposure and threats. 

Now officially launching the Opaque platform, the company was created by the inventors of the MC2 open-source project (a secure Machine Learning platform) which was conceived in the RISELab at UC Berkeley. 

The Opaque Platform is hoped to enable data scientists within and across organizations to securely share data and perform collaborative analytics directly on encrypted data protected by Trusted Execution Environments (TEEs). 

The platform aims to accelerate confidential computing use cases by enabling data scientists to use their existing SQL and Python skills to run analytics and machine learning while working with confidential data, overcoming the data analytics challenges inherent in TEEs due to their strict protection of how data is accessed and used.

TEEs are tough

The technology’s founders say that TEEs have historically been challenging for data scientists due to the restricted access to data, lack of tools that enable data sharing and collaborative analytics and the highly specialised skills needed to work with data encrypted in TEEs. 

The Opaque Platform overcomes these challenges by providing the first multi-party confidential analytics and AI solution that makes it possible to run frictionless analytics on encrypted data within TEEs, enable secure data sharing and for the first time, enable multiple parties to perform collaborative analytics while ensuring each party only has access to the data they own. 

“Traditional approaches for protecting data and managing data privacy leave data exposed and at risk when being processed by applications, analytics and machine learning (ML) models,” said Rishabh Poddar, co-founder & CEO, Opaque Systems. “The Opaque Confidential AI and Analytics Platform solves this challenge by enabling data scientists and analysts to perform scalable, secure analytics and machine learning directly on encrypted data within enclaves to unlock Confidential Computing use cases.” 

The Opaque platform is designed to specifically ensure that both code and data within enclaves are inaccessible to other users or processes that are collocated on the system. 

Organisations can encrypt their confidential data on-premises, accelerate the transition of sensitive workloads to enclaves in confidential computing clouds and analyse encrypted data while ensuring it is never unencrypted during the lifecycle of the computation. 

Joint analysis of collective data

Key capabilities and advancements include secure multi-party collaborative analytics. This means multiple data owners can pool their encrypted data together in the cloud and jointly analyse the collective data without compromising confidentiality. Policy enforcement capabilities ensure the data owned by each party is never exposed to other data owners.

Teams across departments and across organisations can securely share data protected in TEEs while adhering to regulatory and compliance policies. Use cases requiring confidential data sharing include financial crime, drug research, ad targeting monetisation etc.

Also here we find multi-tiered security, policy enforcement and governance – this function leverages multiple layers of security, including Intel Software Guard Extensions, secure enclaves, advanced cryptography and policy enforcement to provide defence in depth, ensuring code integrity, data and side-channel attack protection.

Confidential Computing is supported by all major cloud vendors including Microsoft Azure, Google Cloud and Amazon Web Services and major chip manufacturers including Intel and AMD.

Clean data, a solid trend

This whole topic is burgeoning i.e. let’s all use all the data that we all have, in all places and across all entities, but let’s do it securely and within the guardrails of regulatory compliance, but more importantly within the confines of a secured privacy zone – hence the term enclave.

Not one million miles away from the concept of data clean rooms now being championed by AWS and others, these are the types of techniques organisations need when they want to protect sensitive user or system information, but still perform computations and analytics upon it with third parties.

There’s a perhaps comforting moment when you look at a technology vendor, make the effort to understand what it does, then remind yourself what its brand name is and not have to ask why the founders named the company xyz systems or whatever – Opaque is one of those companies, right?

Image source: Opaque Systems