Demo: Infrastructure for Managing, Sharing, and Utilizing Sensitive Data using Hyperledger Fabric Private Chaincode Running on Microsoft Azure
Koshi Ikegawa.
Demo: Infrastructure for Managing, Sharing, and Utilizing Sensitive Data using Hyperledger Fabric Private Chaincode Running on Microsoft Azure.
Hyperledger Grobal Forum 2022 (HLGF 2022). September 12-14 2022. Dublin, Ireland.
for Managing, Sharing, and Utilizing Sensitive Data using Hyperledger Fabric Private Chaincode Running on Microsoft Azure Hitachi, Ltd. / Research and Development Group Monday, September 12, 2022. • 14:40 - 14:55 Koshi IKEGAWA #HyperledgerForum @koshi_ikegawa
Flow with Trust (DFFT) is a top priority for the new economy, according to the World Economic Forum 2019 ❚ Blockchain is expected to be used as a means to realize DFFT u A feature of blockchains is that transactions and data contents are shared and written to a ledger by all participating organizations. ❚ There are open data that can be shared by all organizations, and there are sensitive data that needs to be controlled to whom it is shared. u Such as medical data, personal information, etc... ❚ When handling sensitive data, privacy protection is required by laws u Such as “the Act on the Protection of Personal Information (Japan)”, “GDPR (EU)”, and etc... Background | Data Free Flow with Trust (DFFT)
Chaincode (FPC) enables the execution of chaincodes using Trusted Execution Environment (TEE) for Fabric ❚ protect the privacy of chaincode data and computation from potentially untrusted peers. ❚ allows to write chaincode applications where the data is encrypted on the ledger and can only be accessed in clear by authorized parties. Fabric Private Chaincode (FPC) BC Network Org 2 (Trusted) Peer TEE Encrypted Ledger Encrypted State DB Private Chaincode Org 3 (Untrusted) Peer Client TEE Encrypted Ledger Encrypted State DB Private Chaincode Org 1 (Trusted) Peer TEE Encrypted Ledger Encrypted State DB Private Chaincode Client Client Decrypt and return data if requested by a trusted organization Return only error if requested by an untrusted organization.
a security feature that prevents external attacks by executing programs in an area called an enclave that is isolated from the OS ❚ Technology to create Enclave in memory as a function of CPU u Intel Software Guard Extensions (SGX) u ARM TrustZone, etc.... ❚ Technology that makes the VMs itself an Enclave. u Intel Trusted Domain Extensions (TDX) u AMD Secure Encrypted Virtualization (SEV) u AWS NitroEnclave, etc... Fabric Private Chaincode (FPC) implementation uses Intel SGX Trusted Execution Environment (TEE)
[1] is Hardware security function enhancements in Intel CPUs ❚ Intel SGX u is an Intel CPU feature that creates an encrypted area called an Enclave in RAM u loads programs and data into Enclave, allowing programs to be executed while protecting sensitive data Intel SGX RAM Intel CPU Enclave OS Create Enclave SGX Calculation Sensitive Data This figure is based on [2]. 1. Intel® Software Guard Extensions (Intel® SGX). URL: https://www.intel.co.jp/content/www/jp/ja/architecture-and-technology/software-guard-extensions.html 2. Intel SGX入門 - SGX基礎知識編 (in Japanese). URL: https://qiita.com/Cliffford/items/2f155f40a1c3eec288cf
virtual machines created using “infrastructure as a service (IaaS)”, there is no need to prepare or manage your own hardware. ❚ Only a few IaaS offering VMs with Intel SGX that can use FPC u Microsoft Azure can create virtual machines (DCsv2 series) with Intel SGX Why use Microsoft Azure for running FPC? Azure AWS GCP IBM Cloud CPU Level TEE Intel SGX - - Intel SGX (only metal server) VM Level TEE - NitroEnclave Confidential VM -
managing, sharing, and utilizing genome data in multiple orgs ❚ Raw genome data must not be passed on to other organizations because the data is sensitive data ❚ Analyze the data on the processor of the data owner org and pass only the results to other orgs Our use case Patients Fabric BC Network Org 1 Peer User (Doctor) Data Analyzer Chaincode Client State DB Ledger Genome Data Storage Org N Org 2 Peer User (Doctor) Ledger Data Analyzer Chaincode Client State DB Genome Data Storage store load write result request result request result State DB Chaincode Ledger
organization (Org N) can access the details of the transactions of Org 1 and Org 2. Problem Patients Fabric BC Network Org 1 Peer User (Doctor) Data Analyzer Chaincode Client State DB Ledger Genome Data Storage Org N (Unrelated) Org 2 Peer User (Doctor) Ledger Data Analyzer Chaincode Client State DB Genome Data Storage store load write result request result request result State DB Chaincode Ledger request result
and data exchange secret from unrelated orgs using Fabric Private Chaincode Motivation Patients Fabric BC Network Org 2 Peer User (Doctor) Client State DB Ledger Org 1 Peer User (Doctor) Client State DB Ledger FPC Private Chaincode FPC Private Chaincode Org N (Unrelated) State DB Private Chaincode Ledger Data Analyzer Genome Data Storage Data Analyzer Genome Data Storage
our demo system architecture u Building a demo system for data management, sharing, and utilization involving two organizations on Azure VM ❚ Explain our chaincode installed in the system and client program in the order of the following scenarios u 1. Store data in data storage and metadate in ledger u 2. Search genome data u 3. Request for permission to use genome data u 4. Approve the request u 5. Request for analysis of genome data u 6. Execute the analysis of data and write the result Overview of demonstration
DC2s Virtual Machine ❚ Location: East US (only East US location can create DC2s series VMs) ❚ Size: Standard DC2s v2 (2 vcpus, 8 GiB memory) ❚ OS: Ubuntu Server 20.04 LTS - Gen2 ❚ Disk: 128GiB Fabric BC Network Org 1 FPC Demo system architecture User (Doctor) Chaincode container Peer container Data Analyzer Data Storage Orderer Orderer container FPC logic container (e.g., ercc) Client container Chaincode Client State DB Ledger Org 2 FPC User (Doctor) Chaincode container Peer container Data Analyzer Data Storage FPC logic container (e.g., ercc) Client container Chaincode Client State DB Ledger
Network Simplified overview of the demo system Org 2 Peer User (Doctor) Data Analyzer Private Chaincode Client State DB Ledger Data Storage Org 1 Peer User (Doctor) Data Analyzer Private Chaincode Client State DB Ledger Data Storage State DB: for genome meta data catalog Key Owner Patient Consent Meta Data State DB: for data access permission management Key Request Permission State DB: for task management Key Requester Task Result Private Chaincode: • set/get genome meta data • request/approve data access permission • request/approve task execution Client Program: • Invoke/Query chaincode functions • Store genome data to storage • Order analysis of genome data
1. Store data in data storage and metadate in ledger Org 2 Peer User (Doctor) Data Analyzer Private Chaincode Client State DB Ledger Data Storage Org 1 Peer User (Doctor) Data Analyzer Private Chaincode Client State DB Ledger Data Storage ①Store raw genome data ②Invoke: set_data() Client: ① Store raw genome data to data storage ② Invoke set_data function of chaincode • Write genome meta data Chaincode: set_data() • Get owner information (MSPID) • Write MSPID, patient consent, and meta data into ledger State DB: for genome meta data catalog Key Owner Patient Consent Other Meta Data 001 Org1MSP Agree Hash Value, Other Info State DB: for data access permission management Key Request Permission State DB: for task management Key Requester Task Result
2. Search genome data Org 2 Peer User (Doctor) Data Analyzer Private Chaincode Client State DB Ledger Data Storage Org 1 Peer User (Doctor) Data Analyzer Private Chaincode Client State DB Ledger Data Storage ①Query: get_data Client: ① Query get_data function of chaincode • Search for the data you want to utilize Chaincode: get_data() • Read genome metadata • Search for the data • Returns a list of metadata to which the patients agrees State DB: for genome meta data catalog Key Owner Patient Consent Meta Data 001 Org1MSP Agree Hash Value, Other Info State DB: for data access permission management Key Request Permission State DB: for task management Key Requester Task Result
3. Request for permission to use genome data Org 2 Peer User (Doctor) Data Analyzer Client State DB Ledger Data Storage Org 1 Peer User (Doctor) Data Analyzer Client State DB Ledger Data Storage ①Invoke: request_permission Client: ① Invoke request_permission function of chaincode Chaincode: request_permission() • Get Requester information (MSPID=Org2MSP) • Write Requester MSPID into ledger State DB: for genome meta data catalog Key Owner Patient Consent Meta Data 001 Org1MSP Agree Hash Value, Other Info State DB: for data access permission management Key Request Permission 001 Org2MSP State DB: for task management Key Requester Task Result Private Chaincode Private Chaincode
4. Approve the request Org 2 Peer User (Doctor) Data Analyzer Client State DB Ledger Data Storage Org 1 Peer User (Doctor) Data Analyzer Client State DB Ledger Data Storage ①Invoke: Approve_permission Client: ① Invoke approve_permission function of chaincode Chaincode: approve_permission() • Get approver information (MSPID=Org1MSP) • Check that the approver MSPID and the data owner MSPID are equal • Approve request • Write Permission user MSPID into ledger • Remove Requester user MSPID State DB: for genome meta data catalog Key Owner Patient Consent Meta Data 001 Org1MSP Agree Hash Value, Other Info State DB: for data access permission management Key Request Permission 001 (Removed) Org2MSP State DB: for task management Key Requester Task Result Private Chaincode Private Chaincode
5. Request for analysis of genome data Org 2 Peer User (Doctor) Data Analyzer Client State DB Ledger Data Storage Org 1 Peer User (Doctor) Data Analyzer Client State DB Ledger Data Storage ①Invoke: request_task Client: ① Invoke request_task function of chaincode Chaincode: request_task() • Get Requester information (MSPID=Org2MSP) • Write Requester MSPID and Analysis conditions into ledger State DB: for genome meta data catalog Key Owner Patient Consent Meta Data 001 Org1MSP Agree Hash Value, Other Info State DB: for data access permission management Key Request Permission 001 (Empty) Org2MSP State DB: for task management Key Requester Task Result 001 Org2MSP Analysis conditions Private Chaincode Private Chaincode
6. Execute the analysis of data and write the result Org 2 Peer User (Doctor) Data Analyzer Client State DB Ledger Data Storage Org 1 Peer User (Doctor) Data Analyzer Client State DB Ledger Data Storage ④Invoke: result ③Analyze task Client: ① Query the request and order execution. ④ Invoke write_result function of chaincode Chaincode: write_result() • Get Requester information (MSPID=Org1MSP) • Check the data owner MSPID and above MSPID are equal • Write Analysis Result into ledger ②Load genome data ①Order Execution State DB: for genome meta data catalog Key Owner Patient Consent Meta Data 001 Org1MSP Agree Hash Value, Other Info State DB: for data access permission management Key Request Permission 001 (Empty) Org2MSP State DB: for task management Key Requester Task Result 001 Org2MSP Analysis conditions Analysis Result Data Analyzer: ② Load genome data ③ Analyze task Private Chaincode Private Chaincode
and Introduction u explained some background on the market needs u explained introduction that includes what we are doing with FPC ❚ Motivation u explained the motivation for this demonstration ❚ Demonstration u explained our demo system architecture u explained our chaincode and client installed in the system Summary
to... ❚ All Hyperledger Fabric Private Chaincode community members!!! u Many thanks to the following people for their advice!! l Marcus Brandenburger @mbrandenburger l Bruno Vavala @bvavala l @munapower Acknowledgement
Hyperledger Fabric, and Hyperledger logs and any related marks are trademarks of the Linux Foundation or Hyperledger Foundation ❚ Intel, Intel SGX and Intel logs and any related marks are trademarks of the Intel Corp. ❚ Other brand names and product names used in this material are trademarks, registered trademarks, or trade names of their respective holders. Trademarks