Blockchain and trusted execution create trust
SCS combined blockchain technology with trusted execution environments. This leads to confidentiality, auditability and transparency when processing sensitive data.
-
Situation
A lot has happened in terms of data protection since Edward Snowden's revelations: The majority of digital communication is now encrypted.
However, data is often processed unencrypted and without auditability, which represents a crucial weakness in the overall system. Cyber criminals like to exploit this. -
SCS solution
SCS combines blockchain technology with trusted execution environments. This ensures data protection for both B2B and B2C applications. It also creates auditable transparency about processes and the use of sensitive data.
-
Added value
The SCS solution complements current solutions for "data in transit" and "data at rest" with the protection of "data in use". For example, patients can release their health data for precisely defined analyses and can be assured that no one other than the patient themselves has read access to the data and that only the agreed analyses can be carried out.
Project insights
We have become accustomed to the fact that we have to trust our IT administrators. While these used to be employees in the same company, today they are often purchased cloud platforms or perhaps soon decentralised systems such as blockchains. Administrators can read and change all data that is processed on a machine they manage. Unfortunately, this not only applies to the administrators we trust, but also to hackers who can gain administrator privileges. No company, no matter how qualified, is immune to such attacks.
Trusted Execution Environments (TEEs) provide a remedy here. In simple terms, a TEE is a processor-within-a-processor that can manage its own keys and only executes programmes whose fingerprint matches the original unchanged. The guarantee for this is provided by the manufacturer of the processor, who ensures in hardware that nobody can access the internal keys of the TEE or read its working memory. Each TEE can be uniquely authenticated by the manufacturer, which means that every user can ensure that their program is really running on a TEE – even if the machine is physically located in a remote data centre.

One of many use cases for TEEs is e-ticketing with privacy protection: Today, there are various “check-in” apps where operators analyse the movement profile of passengers in order to charge an appropriate ticket. Thanks to TEEs, such a service could be offered, demonstrably without making the passenger’s movement profile visible to anyone but the passenger. The traveller’s app would send the movement profile in encrypted form to the TEE. There, the ticket price would be calculated within the protected enclave and transferred to the payment process. In order to gain the trust of passengers, the operator should disclose the code that is executed in the TEE for external or even public auditing.
On behalf of Integritee, the Web3 Foundation in Zug and the Polkadot Council, Supercomputing Systems is developing a framework that massively simplifies the complexity of blockchain and trusted execution for developers and users. The combination of TEE technology with blockchain makes the use of TEE traceable and verifiable for everyone and creates transparency for processes that analyse user data.
Thanks to this solution from SCS, even smaller companies can implement “security by design” without becoming dependent on a cloud platform. And global corporations can increase their credibility with regard to their handling of data because public auditability is possible together with compliance with data protection laws.


