Towards Practical Privacy-preserving Data Analysis with Intel TDX-based Sharemind HI

Herman Rull
Making evidence-based decisions often requires combining data of different data owners. Due to privacy concerns, data owners may be reluctant to share their data. Sharemind HI is a platform for developing data analysis applications that protect data owners’ data throughout its lifecycle. Data-in-use protection is guaranteed by running operations involving data owners’ data in Intel SGX TEE. The problem with Sharemind HI is that developing analysis code on it was complicated due to programming language and library constraints of Intel SGX. Here we propose a Sharemind HI architecture built around Intel TDX TEE technology. The architecture demonstrates how the development limitations present in the old system could be eliminated without losing any core functionality. Additionally, we found that risks caused by Intel TDX’s lack of isolation and data sealing can be managed using technical controls. Intel TDX-related overhead in expected Sharemind HI data flows is minimal compared to running them in a regular VM.
The resulting architecture is a step towards Sharemind HI that supports a wider range of programming languages and libraries, making the life of an analysis code developer easier as he can employ tools that best suit the situation. The architecture can be used to evaluate the system further or serve as a guiding document for implementing the new system.
Graduation Thesis language
Graduation Thesis type
Master - Computer Science
Armin Daniel Kisand, Raimundas Matulevičius
Defence year