Reliance Point

Reliance Point. Credit: Intel

Everybody agrees (well, most agree) that leveraging the huge data that are and are becoming available, is to everybody benefits. But leveraging those data means getting hold of a variety of data sources and potentially acquiring insights that may affect the right to privacy of people and enterprises. There are also several other issues, like who will be owing the "insights" and who is accountable for the side effects that may be generated from those insights, how can data be trusted and so on.

It is a very complex environment and the more valuable data become the more they will be subject to "malicious interest".

Intel is proposing a safe (I would call it "safer") environment where data could be shared avoiding some of the issues mentioned before.

The overall security is as good as the weakest link. What Intel is proposing is to strengthen the lower layers of the computation engine to provide a secure environment upon which data can be shared, starting from the BIOS (Basic Input/Output System) of the system. When the system is started a security chip verifies the BIOS has not been tampered with and then moves on to the higher levels. This involves a communications with a certified server that can verify the integrity of the system any time it starts operation.

Although this provides clear benefits, the overall issues remain open. You might be able to determine that data are safe in the sense of being protected, but what about the algorithm that will be used to create insight? And what about the insight itself? How much an insight is going to reveal about the original data, hence compromising their privacy?

These are really open issues and my personal feeling is that we will not come to a bulletproof solution any time soon. We will see better technology (and more important "processes") deployed to increase the security, privacy, trust, ownership but that will create more opportunities to extract/create information from ever growing volumes of data that in turn will increase their value and stimulate more sophisticated attacks in a never ending cycle.

Our Action Line at the EIT ICT LABS on Privacy Security and Trust has no end in sight, but plenty of challenges as far as /my) eye can see!

Author - Roberto Saracco

© 2010-2018 EIT Digital IVZW. All rights reserved. Legal notice