Blockchain and trusted execution create trust

High Level Software Information Security

SCS combined blockchain technology with trusted execution environments. This leads to confidentiality, auditability and transparency when processing sensitive data.

  • Situation

    A lot has happened in terms of data protection since Edward Snowden's revelations: The majority of digital communication is now encrypted.
    However, data is often processed unencrypted and without auditability, which represents a crucial weakness in the overall system. Cyber criminals like to exploit this.

  • SCS solution

    SCS combines blockchain technology with trusted execution environments. This ensures data protection for both B2B and B2C applications. It also creates auditable transparency about processes and the use of sensitive data.

  • Added value

    The SCS solution complements current solutions for "data in transit" and "data at rest" with the protection of "data in use". For example, patients can release their health data for precisely defined analyses and can be assured that no one other than the patient themselves has read access to the data and that only the agreed analyses can be carried out.

Project insights

We have become accustomed to the fact that we have to trust our IT administrators. While these used to be employees in the same company, today they are often purchased cloud platforms or perhaps soon decentralised systems such as blockchains. Administrators can read and change all data that is processed on a machine they manage. Unfortunately, this not only applies to the administrators we trust, but also to hackers who can gain administrator privileges. No company, no matter how qualified, is immune to such attacks.

Trusted Execution Environments (TEEs) provide a remedy here. In simple terms, a TEE is a processor-within-a-processor that can manage its own keys and only executes programmes whose fingerprint matches the original unchanged. The guarantee for this is provided by the manufacturer of the processor, who ensures in hardware that nobody can access the internal keys of the TEE or read its working memory. Each TEE can be uniquely authenticated by the manufacturer, which means that every user can ensure that their program is really running on a TEE – even if the machine is physically located in a remote data centre.

Overview of the Integrite and Susbratee architecture.
ntegritee is based on Polkadot. Sidechains are validated by TEEs, which greatly simplifies and accelerates the consensus process. Actions on the sidechains take place confidentially.

One of many use cases for TEEs is e-ticketing with privacy protection: Today, there are various “check-in” apps where operators analyse the movement profile of passengers in order to charge an appropriate ticket. Thanks to TEEs, such a service could be offered, demonstrably without making the passenger’s movement profile visible to anyone but the passenger. The traveller’s app would send the movement profile in encrypted form to the TEE. There, the ticket price would be calculated within the protected enclave and transferred to the payment process. In order to gain the trust of passengers, the operator should disclose the code that is executed in the TEE for external or even public auditing.

On behalf of Integritee, the Web3 Foundation in Zug and the Polkadot Council, Supercomputing Systems is developing a framework that massively simplifies the complexity of blockchain and trusted execution for developers and users. The combination of TEE technology with blockchain makes the use of TEE traceable and verifiable for everyone and creates transparency for processes that analyse user data.

Thanks to this solution from SCS, even smaller companies can implement “security by design” without becoming dependent on a cloud platform. And global corporations can increase their credibility with regard to their handling of data because public auditability is possible together with compliance with data protection laws.

The project is supported by Integritee.
The project is supported by the web3 Foundation.

Related projects

Visual inspection of railway wagons

Is the block brake worn? How thick is the pantograph contact strip? Is an incorrectly fitted screw coupling hanging down? In future, SBB's "Visual ... More

Smart Meter Toolkit

According to the Electricity Supply Ordinance, the grid operator must enable the end customer to receive real-time measurement data from the smart ... More

SRF media archive

The media archive for Swiss Radio and Television SRF enables journalists to access archive material dating back to the 1950s and send the image and ... More

IOBnet – Exchange platform for ophthalmologists

The IOBnet platform offers ophthalmologists the opportunity to exchange anonymised cases with experts at any time. By creating the platform, SCS is ... More

Cloud platform for medical measurement data

The spirometry devices from ndd Medizintechnik AG make a significant contribution to the early detection of lung diseases. Their measurement data is ... More
Show all projects
Sabine Proll Lead Blockchain How can I help you?