The RestAssured platform aims to create a secure environment for processing highly sensitive data, with strict consent-based rules governing access to personal data, and with pro-active risk analysis and adaptation.

 

As part of IBM’s work on RestAssured, we have identified the Opaque open source technology, being developed by the UC Berkeley RISELab team, as a suitable component for performing SQL-based analytics on encrypted data inside secure hardware enclaves.

 

At this time, Opaque is in an early prototype stage, with a number of gaps related to enclave verification, data encryption, query semantics and other aspects. IBM has closed a number of major gaps by integrating Opaque with  Trust Management software, designed and developed by us for the RestAssured project. IBM is continuing to work with the Opaque team to address other gaps that limit the integration of this technology in the RestAssured architecture.

 

Dr. Gidon Gershinsky, who leads the SparkSQL-related work in RestAssured project, was invited by the UC Berkeley to attend the RISELab Retreat Event. He met the faculty members and graduate students working on Opaque, and presented the RestAssured project, its usecases and the role of Opaque technology in the architecture. We  have agreed with the RISELab team to continue the cooperation on the Opaque technology, with the goal of supporting the RestAssured requirements, and extending the collaboration to new areas in the field of secure analytics on encrypted data.