Visa’s LucidiTEE claims to be the first system to enable multiple parties to jointly compute on large-scale private data while guaranteeing policy-compliance even when the input providers are offline and allows fairness to all output recipients. The project, from the research arm of Visa – aims to take on growing concerns related to misuse of sensitive user data when shared with third-parties.
It is a system they claim provides transparency and control to users by:
- Enforcing agreed-upon policies on what functions can be evaluated over private data (even when the users are offline).
- Enforcing the set of parties with whom the results are shared. For this level of control, the system must ensure policy compliance, and they demonstrate, using modern applications, the need for history-based policies, where any decision to compute on users’ data depends on prior use of that data. Moreover, the system must algorithmically ensure fairness: if any party gets the output, then so do all honest parties. It is an open research challenge to construct a system that ensures these properties in a malicious setting.
From the dense, lengthy paper called LucidiTEE: Policy-based Fair Computing at Scale:
“In light of the widespread misuse of personal data, we enable users to control the sharing and use of their data, even when offline, by binding that data to policies. A policy specifies the allowed function, conditions guarding the execution (based on the history of all prior computations on that data), and identities of the input providers and output recipients. For this level of control, we aim for a computer system that ensures policy compliance to the input providers, and fairness (i.e., either all or no party gets the output) to the output recipients, without requiring these parties to trust each other or the compute host. Recently, trusted execution environments (TEEs), such as Intel SGX and Sanctum enclaves, are finding applications in outsourced computing on sensitive data. However, since TEEs are at the mercy of an untrusted host for storage and network communication, they are incapable of enforcing history-dependent policies or fairness.”
“For instance, against a user’s wish that only an aggregate function over her entire data is revealed, an adversarial host can repeatedly evaluate that aggregate function on different subsets of her dataset, and learn the individual records. The adversary may also collude and deliver the output only to a subset of the output recipients, thus violating fairness. This paper presents LucidiTEE, the first system to enable multiple parties to jointly compute on large-scale private data while guaranteeing that the aforementioned policies are enforced even when the input providers are offline and guaranteeing fairness to all output recipients. To that end, LucidiTEE develops a set of novel protocols between a network of TEEs and a shared, append-only ledger. LucidiTEE uses the ledger only to enforce policies; it does not store inputs, outputs, or state on the ledger, nor does it duplicate execution amongst the participants, which allows it to scale to large data and a large number of parties. We demonstrate several policy-based applications including personal finance, federated machine learning, fair n-party information exchange, and private set intersection for medical records.”
According to the paper, LucidiTEE was trialled on Hyperledger Fabric and Tendermint – but it appears it can also be used on forkless public blockchains that use a proof-of-stake consensus system.
The paper concludes that LucidiTEE enables parties to jointly compute on private data, using protocols (between TEEs and a shared ledger) to ensure that all computations provide fairness and comply with history-based policies, even when any subset of parties act maliciously. The ledger is only used to enforce policies (i.e., it does not store inputs, outputs, or state), letting them scale to a large number of parties and large data.