Blockchain and trusted execution create trust

High Level Software

SCS combined blockchain technology with trusted execution environments. This leads to confidentiality, auditability and transparency in the processing of sensitive data.

  • Situation

    Since the revelations by Edward Snowden, a lot has happened in terms of data protection: Today, the majority of digital communication is encrypted.
    However, data is often processed unencrypted and without auditability, which is a crucial weakness in the overall system. Cyber criminals like to exploit this.

  • Solution SCS

    SCS combines blockchain technology with trusted execution environments. This ensures data protection for both B2B and B2C applications. In addition, it creates auditable transparency about processes and the use of sensitive data.

  • Added value

    The SCS solution complements current solutions for "data in transit" and "data at rest" with the protection of "data in use". For example, patients can release their health data for precisely defined analyses and can be assured that no one but the patient himself has read access to the data and that only the agreed analyses can be carried out.

Project insights

We have become accustomed to the fact that we have to trust our IT administrators. Whereas in the past these were employees in the same company, today they are often bought-in cloud platforms or perhaps soon decentralised systems such as blockchains. Administrators can read and modify any data processed on a machine they manage. Unfortunately, this applies not only to the administrators we trust, but also to hackers who can gain administrator privileges. No company, no matter how qualified, is immune to such attacks.

Trusted Execution Environments (TEEs) provide a remedy here. In simple terms, a TEE is a processor-within-a-processor that can manage its own keys and only executes programmes whose fingerprint corresponds unchanged to the original. The guarantee for this is provided by the manufacturer of the processor, who ensures in hardware that no one has access to the internal keys of the TEE and that no one can read its working memory. Each TEE can be uniquely authenticated by the manufacturer, which means that every user can ensure that their Programis really running on a TEE - even if the machine is physically located in a remote data centre.

Overview of Integrite and Susbratee architecture.
ntegritee builds on Polkadot. Sidechains are validated by TEEs, which greatly simplifies and accelerates the consensus process. Actions on the sidechains take place confidentially.

One of many use cases for TEEs is e-ticketing with privacy protection: Today, various "check-in" apps exist where operators analyse the movement profile of passengers in order to charge an appropriate ticket. Thanks to TEEs, such a service could be offered, demonstrably without making the passenger's movement profile visible to anyone but the passenger. The passenger's app would send the movement profile in encrypted form to the TEE. There, the ticket price would be calculated within the protected enclave and transferred to the payment process. To gain the trust of passengers, the operator should disclose the code executed in the TEE for external or even public auditing.

On behalf of Integritee, the Web3 Foundation in Zug and the Polkadot Council, Supercomputing Systems is developing a framework that massively simplifies the complexity of blockchain and trusted execution for developers and users. The combination of TEE technology with blockchain makes the use of TEE traceable and provable for everyone and creates transparency for processes that analyse user data.

Thanks to this solution from SCS, even smaller companies can implement "security by design" without becoming dependent on a cloud platform. And global corporations can increase their credibility in terms of data handling by enabling public auditability along with compliance with data protection laws.

The project is supported by the Integritee.
The project is supported by the web3 Foundation.

Related projects

IOBnet - Exchange platform for ophthalmologists

The IOBnet platform offers ophthalmologists the possibility to exchange anonymized cases with experts at any time. With the creation ... learn more

Cloud platform for medical measurement data

The spirometry devices from ndd Medizintechnik AG make a significant contribution to the early detection of lung diseases. Their measurement data are always ... learn more

SDAT data hub for the Swiss electricity industry

The data hub simplifies and standardises market communication. For the company Swisseldex AG, an amalgamation of various ... learn more

Secure communication thanks to the V-ZUG PKI from SCS

Digitalisation enables new business opportunities. These new opportunities also bring new challenges. The devices are the ... learn more

Planning and calculation software for Burckhardt Compression

Burckhardt Compression is the global market leader in the field of reciprocating compressor systems. The compressors are manufactured with over 2300 employees in ... learn more
Show all projects
Alain Brenzikofer Decentralized Systems How can I help you?