Blockchain circle

One stop hot information platform

About us:

Blockchain circle provides the latest information about blockchain, digital currency, digital wallet, exchange, metauniverse, bitcoin, Ethereum, contract, financial management and so on, and always pays attention to the latest market...

Yao Ming, founder of insight Technology: privacy computing is the technical optimal solution for the safe release of data value

Time : 29/03/2022 Author : fyq53d Click : + -
        By data ape & amp; Selection of the list / awards of "2021 pioneer of digital intelligence transformation and upgrading of Chinese enterprises" in the large-scale theme planning activity of "digital intelligence transformation and upgrading of industry inventory season" jointly launched by Shanghai big data alliance. In April 2020, the CPC Central Committee and the State Council issued the opinions on building a more perfect system and mechanism for market-oriented allocation of factors, which for the first time included data into production factors, defined the national strategic status of data, and proposed to accelerate the cultivation of the data factor market. As a key link to release the value of data elements, the demand for opening, sharing, exchange and other circulation of data resources is increasing, and it has become an important part of the digital transformation of enterprises and the development of digital economy.
        However, in recent years, frequent data security and privacy leakage incidents have seriously threatened the healthy development of the data element market and caused widespread public concern. To this end, the state has successively promulgated laws and regulations such as the network security law, the data security law and the personal information protection law. While restricting and regulating the market, it has also intensified the concerns of enterprises about the legality and compliance of data circulation to a certain extent, and the phenomenon of data islands has become increasingly fierce. It is against such a policy and market background that privacy computing technology, represented by secure multi-party computing, federal learning and other technologies, has been highly concerned. With the core concept of "data availability and invisibility", it has become the best technical solution for the construction of data element market and the safe release of data value, and has rapidly formed a new industry service field.
        According to Gartner's prediction, by 2025, half of large enterprises will use privacy computing related technologies. Privacy computing has become one of the important scientific and technological forces driving the healthy development of the digital economy. At the national level, since 2016, the Ministry of industry and information technology, the people's Bank of China, the national development and Reform Commission, the central network information office, the national energy administration and other ministries and commissions have clearly proposed in relevant policy documents to strengthen the research and application of privacy computing related technologies. At the local level, Guangdong Province proposed to build a new data infrastructure including privacy computing in the action plan for the reform of market-oriented configuration of data elements released in July this year.
        The advance layout of the policy has laid a foundation for China to seize the forefront of privacy computing technology and explore key application fields. With the help of the policy environment, the privacy computing industry has rapidly formed and developed, and relevant technical standards and evaluation systems have been gradually established. As more and more enterprises enter the privacy computing industry, from technology research to application practice, across big data and artificial intelligence, privacy computing has become the most concerned focus in the field of data intelligence. In my opinion, the "data island" has always been an objective factor restricting the full release of data value. However, the core reason for the "data island" is that enterprises worry that once the data is circulated, it will be copied, cached and resold. This will not only generate the risk of data security and privacy leakage, but also lead to data depreciation.
        At the same time, more and more stringent laws and regulations have further aggravated the concerns of enterprises about the legal compliance and security issues involved in data circulation. Therefore, under the background of strengthening data security and privacy protection, how to solve the contradiction between data fusion application and privacy security protection is the biggest challenge to break the "data island" and promote the circulation of data elements. The full name of privacy computing is privacy preserving computing or privacy enhancing computing. Its core idea is to separate the visible specific information part of data from the invisible computing value part, so as to realize "data availability (computable) and invisibility (inaccessible)", thus eliminating the concerns of data collaborators about data security and privacy leakage, So as to effectively solve the dilemma of "data island" by technical means.
        In terms of technical principle, the essence of privacy computing is a technology of joint computing by multiple participants under the condition of security and trust. On the premise of not disclosing their original data and commercial privacy, all participants jointly calculate and analyze the data through the encryption cooperation mechanism to realize the fusion value of data and develop data intelligence from local insight to global insight. The technical implementation path of privacy computing includes three typical schemes: secure multi-party computing, federated learning, and trusted execution environment. It covers underlying cryptography technologies such as obfuscation circuit, secret sharing, inadvertent transmission, and homomorphic encryption, as well as auxiliary technologies such as zero knowledge proof and differential privacy.
        In practical application, each technology implementation path has its own applicable scenarios and characteristics. Secure multi-party computing (MPC), for short, was founded by academician Yao Qizhi, a Turing prize winner, in 1982 by proposing and solving the millionaire problem. It is mainly developed and enriched based on cryptography technology. It involves algorithms and protocols such as homomorphic encryption, inadvertent transmission, confusion circuit and secret sharing. It is mainly applicable to conventional computing scenarios such as statistical analysis, judgment and decision-making, and basic query. Federated learning (FL), in essence, is a multi-party collaborative crypto machine learning framework. Unlike general machine learning, federated learning can meet the needs of multiple institutions to conduct model training based on global data resources on the premise of protecting data security and privacy information, and is applicable to complex iterative computing scenarios such as big data modeling and prediction analysis.
        For the data set characteristics of different training scenarios, federated learning can be divided into three categories: longitudinal federated learning, horizontal federated learning and mixed federated learning (also known as transfer learning), which respectively correspond to the supplementary feature dimension, the number of supplementary samples and the situation of simultaneous supplementation. Trusted execution environment (TEE) is used to isolate and protect data and computing through hardware execution environment restriction. The specific implementation of isolation includes interrupt isolation, RAM isolation, peripheral isolation, ram and ROM isolation inside the chip. Isolation is designed to divide a CPU physical core into a safe state and a non safe state. When the physical core is in a non safe state, it can only access non safe peripherals and memory; When the physical core is in a secure state, it can access both secure and non secure resources.
        The trusted execution environment requires the authorization of the hardware manufacturer and is suitable for application scenarios that require high computing speed but low data protection and security compliance. The Implementation Paths of these three technologies have both similarities and differences. In the application scenario, it is applicable to the joint calculation of multi-party data, but the secure multi-party calculation is not limited to machine learning modeling, and can also perform basic operations, set operations, etc; Federated learning is more focused on machine learning modeling. In the process of model training, secure multi-party computing can also be combined to further protect data security and privacy; When performing joint computing based on trusted execution environment, the original data needs to be encrypted before leaving the private domain, which is a mode based on security boundary. However, the scope of security boundary is small and only exists in the hardware chip itself. Although tee can achieve relatively faster computing capability, compared with MPC and FL, its original data is logically separated from the private domain, and there is a security dispute.
        In the past, there have been many comparisons and debates among the above three technology implementation paths in the industry, but our team has always adhered to the multi technology integration route and advocated the adaptive computing engine oriented to the computing scenario, which has also become the trend of the technology development of the entire industry. In addition to the Implementation Paths of privacy computing technologies in the three directions of secure multi-party computing, federated learning and trusted execution environment, privacy computing is often used in combination with other data security technologies such as differential privacy, data desensitization and anonymization, and blockchain technology is used as an auxiliary tool to enhance the trust between multiple parties. The year 2020 is regarded as the first year of privacy computing. Since the development of the industry for more than a year, privacy computing technology has been applied in many industries. However, I think the industry as a whole is still in the early stage of development, which depends on more extensive market education and more business scenarios.
        Accordingly, a number of technical standards related to domestic privacy computing have been released in succession, and have been expanded from basic functional standards to performance specific, security specific, and technology integration, to accelerate the construction of a more complete privacy computing standard system. In the tide of data security and privacy protection, privacy computing has gradually become a new focus of attention, attracting more and more enterprises to enter this industry. According to the company type, the enterprises in the industry can be broadly divided into specialized privacy computing companies, big data service or financial technology companies, pan blockchain companies and Internet manufacturers. According to the product function, the number of privacy computing platform products of the above-mentioned companies has shown an explosive growth trend in the past two years, from the initial few to dozens today.
        From the perspective of platform technology, it includes open source and closed source. Most of the products are based on one of Federated learning, secure multi-party computing and trusted execution environment, or some of them are integrated to provide privacy computing services. They generally have basic functions such as node management, resource management, data processing, joint computing, joint modeling and stealth query, and can meet the general needs of users. According to the business model, it is mainly divided into three types: first, the software and hardware product deployment and project construction mode charging mode; The second is data resource access. According to the original data provided by different business scenarios, the charging mode is extracted; Third, consulting services based on platform use and data value interpretation, providing different data intelligent operation service charging modes.
        The applicable scenarios of privacy computing technology are very wide. Currently, it is mainly concentrated in the fields of government affairs, finance and medical care, which have a large number of data use and data collaboration needs. In the field of government affairs, privacy computing can provide solutions for the integration of government data, financial data, Internet enterprises and other social data, help the directional opening of government data to the financial field, and promote the development of the real economy. And the innovative mode of bank enterprise docking service platform supported by privacy computing technology has also become a typical case of data security circulation in the field of government finance. In the financial field, privacy computing is mainly applied to the internal and external data collaboration of financial institutions, enabling them to reduce costs and increase efficiency without disclosing customer information and obtaining the original information of third parties.
        In addition, medical care is also an important area where privacy computing technology can play a role. Privacy computing can provide a secure data collaboration mechanism in medical image recognition, disease screening, AI assisted diagnosis and treatment, intelligent consultation and other scenarios. For example, multiple medical institutions can jointly build a target detection model through horizontal federated learning to assist in disease detection through medical images. In addition to the application scenarios in the fields of government affairs, finance and medical care, privacy computing technology has also begun to spread to more industries, and gradually achieved exploratory application landing in more scenarios such as smart energy, smart terminals and smart cities. In my opinion, the future digital world is built on the basis of full circulation of data elements, and as the best technical solution that can perfectly solve the problem of "both circulation and security" of data, the market potential of privacy computing is undoubtedly huge.
        However, as a new technology, privacy computing is also facing many challenges, such as:. (1) As an infrastructure technology, privacy computing is an important part of the new data infrastructure. It has high requirements on the data standardization and data quality of the participants. At present, except for government affairs, finance and a few industries, this is still a universal problem;. (2) The security compliance of privacy computing requires corresponding interpretation of data security related laws and regulations, such as how the classified data security corresponds to the technical indicators of privacy computing;. (3) As the encryption mechanism of privacy computing technology is complex and the number of interactions is large, when the amount of data to be circulated is huge or the structure is particularly complex, the performance still needs to be greatly improved;.
        (4) The essence of privacy computing is the secure computing technology under the multi-party cooperation mode, so it is necessary to enhance the trust between all participants and eliminate the trust risk problem;. (5) As a protocol layer technology for data element circulation, privacy computing will form a "computing island" after breaking the "data island" due to the differences in algorithm principles and technology implementation between different manufacturers. Therefore, the problem of cross platform interconnection must be solved. The first two points need to be jointly promoted by the privacy computing industry, regulators and other industries, while the second three points are challenges from within the privacy computing industry. For the third point, most manufacturers in the privacy computing industry are conducting targeted algorithm and computing power optimization, including algorithm innovation and hardware acceleration.
        For the third-party trust risk problem, manufacturers in the industry are conducting theoretical research and technical practice, such as studying the Federation learning algorithm without trusted third parties and introducing blockchain as a tool to enhance multi-party trust. As for the interconnection between heterogeneous privacy computing platforms, the corresponding technical standard framework has been determined, and the detailed rules are being gradually improved. We have also carried out forward-looking implementation in some specific cases, covering the interconnection from the resource layer to the algorithm layer and then to the primitive layer. This will affect how the future data intelligent network will develop from a "local area network" to a "wide area network". Looking forward to the future, under the increasingly stringent data security protection laws and regulations, more explicit privacy computing policy guidance and more perfect technical standard system construction, privacy computing will continue to evolve in terms of technology depth, product functions, performance security, application scenarios and other aspects, constantly enable enterprises to transform and upgrade digitally and intelligently, Build an interconnected global data intelligent network linked by technology trust, and truly realize the safe release of the data value of the whole society.
        Yao Ming, founder and chairman of insight technology. Former vice president and CTO of Zhongxin credit, once served as a member of the credit special committee of China Internet Finance Association, deputy director of cft50 intelligent risk control committee, special tutor of X-lab blockchain open class of Tsinghua University, special tutor of big data open class of Dalian University of technology. His career started from Bell Labs, a famous science and technology palace. He is the first practitioner of China's big data credit industry and the integration of privacy computing and blockchain technology.
Previous:Collect quickly! The most complete information of the second digital China Construction Summit is here!
Next:No more

Related articles:

© 2005-2032 | Blockchain Circle & & All Rights Reserved    Sitemap1 Sitemap2 If there is infringement, please contact us at: