Privacy computing: escort the value of data and realize "available but not visible"
Some people say: "Data is the oil of the new era." In fact, with the vigorous development of the global digital economy, the importance of data has far surpassed that of oil.
But the ensuing chaos of big data, abuse of face recognition technology, and excessive request for permissions have made people miserable and harmed the legitimate interests of the public.
On September 1, my country's first special law on data security, the "Data Security Law," was formally implemented, becoming an important cornerstone in the field of data security assurance and the development of the digital economy.
The law clearly states that both development and security are emphasized, data application and circulation are encouraged on the basis of data security, and the research and application of related technologies are encouraged at the same time.
As a key technology that can take into account both data application and security protection, privacy computing is highly expected by the industry.
What is privacy computing?
How to protect user privacy?
How far is the application?
At the “Data Security and Privacy Computing” seminar held a few days ago, industry experts discussed the above issues in depth and made it clear that private computing can achieve the transformation and release of data value under the premise of fully protecting data and privacy security. The prospects and commercial value are huge.
Privacy computing allows data to circulate safely
Data can better release its value through circulation sharing and collaborative computing, and the blowout development of big data will also bring unprecedented value transfer.
However, regulatory requirements such as privacy protection and data compliance have caused data owners to fall into the dilemma of "unwilling to share, afraid to share, and unable to share".
Tian Tian, CEO of Beijing Ruilai Smart Technology Co., Ltd., said that the value of data and privacy and security are often in a state of duality. Massive amounts of data are scattered in many institutions and information systems, forming "information islands" and "data chimneys", which cannot be fully utilized. The economic and social value of data elements.
And privacy computing may become a breakthrough to solve this data dilemma.
What is privacy computing?
Yan Shu, deputy director of the Big Data Department of the Institute of Cloud Computing and Big Data of the China Academy of Information and Communications Technology, introduced that privacy computing is a collection of technologies that realize data analysis and calculation under the premise of protecting the data itself from external leakage.
"Compared with the traditional data collaboration method before, the privacy computing technology has opened up a brand-new model. Under the premise of ensuring that the data provider does not leak the original data, the data is analyzed and calculated, and the data is'available and not visible'." Tian Tian said.
However, although privacy computing has changed the mode and form of data interaction and fusion, and effectively protected data security in the circulation process, it still needs to cooperate with other technologies to solve the problems of ownership and application before and after data circulation.
From the perspective of technical mechanism, privacy computing mainly includes three technical schools: one is a (part of) universal multi-party interaction protocol represented by secure multi-party computing; the other is a multi-party interaction protocol oriented to machine learning applications represented by federated learning; It is a centralized execution scheme based on trusted hardware represented by the trusted execution environment.
Still in the early stage of large-scale commercial application
With the continuous improvement of Internet data related laws and regulations, the demand for corporate compliance data circulation in various industries has become increasingly strong, and the privacy computing market has also ushered in a larger period of development.
Various institutions are racing to enter the track. In addition to a number of large Internet companies and specialized entrepreneurial teams, many big data, AI, blockchain and traditional data security companies have also begun to transform into the game.
On the application side, the landing scenario of privacy computing is also gradually extending from the fields of finance, Internet, medical and government affairs with strong data requirements to more industries such as smart energy, smart terminals, and smart cities.
But overall, the private computing market is still in the early stages of large-scale commercial applications. Yan Shu also said that the current private computing technology and solutions are not mature enough, and there are still challenges in security, performance, and data interconnection. The above limits the promotion and application of privacy computing.
Tian Tian emphasized that there is no point in performing various types of privacy computing technologies at the expense of security.
Since cryptographic proof security is not equal to actual security, especially some multi-party privacy computing protocols are used in scenarios that do not meet their security assumptions, so many assumed security methods have serious security vulnerabilities in practical applications.
At the same time, in the application development environment, privacy computing will also bring about many new security problems, such as algorithm discrimination, or being "dirty data" and "poisoned data" invested by hackers, and there is a risk of "data poisoning".
Yan Shu said that the security classification standards and industry trust consensus of privacy computing technology products still need to be established.
Performance is the guarantee for the implementation of privacy computing applications.
Yan Shu introduced that the security, performance, and accuracy of privacy computing products influence and offset each other.
At present, domestic privacy computing products are basically available in specific scenarios, but in the future, when facing more data parties, larger data volumes, and more complex scenarios, performance and other indicators still need to be strengthened.
There is still a long way to go to become the core base
Under the combined effect of policy-driven and market demand, privacy computing has become a racetrack market for business and capital competition.
Gartner, an information technology research and analysis company, included privacy computing in its report as one of the nine leading trends in 2021, and pointed out that by 2024, global privacy-driven data protection and compliance technology spending will exceed $15 billion.
Although privacy computing is expected to become a key infrastructure for the construction of the data element market, there is still a long way to go to truly become the core base.
Yan Shu believes that the future development of privacy computing needs to achieve internal "interconnection", realize mutual recognition and interoperability between different platforms, break platform barriers, open up data islands while avoiding the creation of "data islands"; to fully release the value of data elements only Relying on private computing is not enough. It is also necessary to strengthen the "cross-integration" of private computing with AI, blockchain, cloud computing and other technologies.
Tian Tian also said that privacy computing is mainly to solve the problem of data "links", open data channels, and allow more data to be used, but the road to realize the value of data requires business demand traction, especially artificial intelligence demand traction.
At the same time, AI-oriented performance optimization can bring significant opportunities for the efficient implementation of private computing. On the basis of achieving cross-industry and cross-domain data fusion, deep mining and release of the maximum value of data.