contact
Want more details? Contact us.
Fill in the form on the side, we will get back to you shortly.
Secure and privacy-preserving data processing.
Obscura is a module for efficient general-purpose computation on encrypted data, powered by a combination of privacy-enhancing technologies. Obscura enables the execution of complex algorithms over significantly large data sets by combining advanced cryptographic tools and protocols with sophisticated software engineering and clever application design.
The Problem
Virtually everything we do is somehow generating, consuming, or transforming data in a matter of seconds. Constant flows of information contribute to an unprecedented volume of data being created and processed daily. This growth and abundance of data brings a substantial increase in security and privacy challenges. Proactive adaptation to evolving regulatory frameworks and engagement with relevant authorities is now crucial. By investing in robust data safeguards, implementing privacy-by-design solutions, and collaborating with regulatory bodies, enterprises can mitigate risks, safeguard sensitive data, and avoid potential fines and reputational damage.
Obscura’s Secure Data Processing Mitigates:
Data Breaches
Security & Privacy Regulation Violations
Lack of Relevant Insights
Threats to Intellectual Property and Competitive Advantage
Data Breaches
Over 80% of data held by organizations globally is inadequately protected and stored using technical protocols from the 1990s. Over 34% of data breaches world-wide involve insiders, a 47% increase over recent years. Accidental or intentional breaches from privileged users forms the greatest risk to the data security of organizations. Data breaches take on average 228 days to detect, and 80 days to contain.
Security & Privacy Regulation Violations
While often confused for one another, data security and privacy are not synonymous. Data security focuses on safeguarding information from unauthorized access, while data privacy concerns itself with collecting and processing personal data.
Ransomware attacks grew by 105% globally in 2021, with approximately $2.5T worth of data lost to cybercrime. There are nearly 20 ransomware attempts every second.
Privacy regulations like General Data Protection Regulation (GDPR) are becoming stricter on organizations that fail to observe rules and guidelines protecting the collection and processing of personal data. Fines issued under GDPR alone until 2023 for the improper use of sensitive data exceeded one billion euros
Lack of Relevant Insights
Over 80% of organizations globally rely on data that fails to reflect their current reality. A lack of reliable and real-time intelligence from major integrated systems used by large corporations causes serious operational and financial inefficiencies.
Threats to Intellectual Property and Competitive Advantage
Data with strategic value can optimize operational efficiencies as well as enable profitable collaboration; however, there is a fear of disclosing information that can compromise IP, trade secrets, and other sensitive information used as a competitive advantage. This often prevents organizations from taking on new commercial opportunities and establishing innovative service offerings.
The Solution: Obscura Module
Obscura is a general-purpose, secure computation platform for data processing. It performs computation on protected data via a combination of four distinct security measures, including encryption. Obscura employs safeguards that prevent unlawful access and the processing of personal and sensitive data, as recommended by ISO 27001 and privacy regulations such as GDPR. Obscura is suitable for applications such as confidential computing, secure analytics, secure data transfer and machine learning over encrypted datasets, going beyond partial measures for data security and privacy by employing a unique set of data protection mechanisms at all times.
Peace of mind provided by cutting-edge technologies.
Secure Multiparty Computation (MPC)
The security of Obscura MPC protocol is provided by a multiparty computation protocol derived from threshold secret sharing where input data is shared across multiple parties, each one containing meaningless data in isolation. Only upon collection of a required number of distinct shares can the data of interest be retrieved. Security is achieved by rigorous security measures implemented to ensure that no unauthorized entity controls or corrupts this number of distinct shares.
Fully Homomorphic Encryption (FHE)
The security of Obscura FHE is provided by the hardness associated with the Ring Learning With Errors problem (RLWE) and achieved via well-known cryptographic constructions which are considered to be quantum-resistant.
M2M Identity Access Management
Obscura uses Spectra for authenticating, authorizing, and auditing communication between each component and for any communication between machines. Before the security provided by MPC and FHE takes place, Spectra protects data and transactions with standard cryptography – with the added benefit of real-time, always-on auditing.
How Obscura Works
Obscura Data Sync (ODS) is under the customer’s control. This is the only instance where individual data points of any kind (including personal data) are unprotected and therefore readable. Obscura Data Sync is responsible for double encrypting data (inner layer encryption for secure computations using MPC or FHE) and outer layer encryption (for protecting both secure data processing as well as data at rest). Data that leaves the customer’s infrastructure is unreadable by all unintended recipients.
Double encrypted data is securely transmitted from the customer’s infrastructure to the virtual environment named Obscura Secure Execution Environment (OSEE – not to be confused with secure enclaves or any other type of hardware security) by Spectra. The payload between the ODS and the OSEE is also encrypted with a single-use, ephemeral secret key which is generated via standard key exchange protocol. Data in transit is unreadable by non-authorized parties.
In the OSEE, the outer encryption layer of the data is decrypted so secure computations can be performed. Confidential, personal, or sensitive plain text data are never exposed and therefore data being processed is also unreadable for non-authorized parties.
Once reports are securely generated, aggregated data is also securely transmitted to the Obscura Dashboard using standard cryptography. Only aggregated data that does not allow identification of individual data points that require any level of data protection is then visualized.
Throughout the entire application lifecycle, Algemetric does not have access to any data marked by the client as confidential, personal, or sensitive information.
Securely analyse large amounts of unstructured data in near-real time. Obscura consists of three components:
Obscura Data Sync (ODS): Software which remains under the client’s control, provided for accessing unencrypted databases on the client side. Once data is encrypted and shared, data is double encrypted using standard cryptography and transmitted to the Obscura Secure Execution Environment.
Obscura Secure Execution Environment (OSEE): In the virtual trusted execution environment data is kept encrypted with standard symmetric cryptography. Once computation of a particular algorithm is required, the external layer of the double encryption is decrypted, which enables computation on the inner layer of the doubled encrypted data. Plain data is never exposed throughout this process.
Obscura API (OA): The component responsible for requesting, receiving, and processing results from the OSEE. The OA only sees requests for execution of predefined algorithms and the result of these algorithms. Communication between these three components is always protected by Spectra.
Monetize Your Data: Reconcile data utility, security, and privacy, and enable strategic data intelligence in a secure and privacy-preserving way. Open new revenue streams from subscription-based and on-demand services.
Move Towards Regulatory Compliance: Obscura goes beyond partial data security and privacy measures by exclusively working with encrypted data at all times. Move towards data security and privacy compliance with regulations such as GDPR, CCPA and others.
Fortify Corporate Sovereignty: Obscura helps organizations to protect their control, exclusivity, ownership, and advantages by enabling collaborations in which only aggregated data is used.
Your Data Breach Shield: Data breaches can occur for a variety of reasons including product or service malfunction, unaddressed system and architecture vulnerabilities, human error, and malicious behavior. In all cases with Obscura, if a data breach occurs, only encrypted data will be exposed, giving no advantage to unauthorized parties or malicious actors.
Encrypted Data Only: Not all data is sensitive and therefore not everything must be encrypted for allowing computation on encrypted data. Obscura works well with hybrid scenarios in which different data with different purposes might be protected with distinct cryptographic tools. However, Obscura only possesses and processes encrypted data for a significant data breach risk reduction.
On-Database Computation: Obscura allows for overriding some native operations in databases for better performance and less development complexity.
Efficient Built-in Data Encoder: Most of the data handled by Obscura is fractional data (from applications in finance, statistics, machine learning, etc.). Obscura uses a fractional encoder with better efficiency than typical high-precision techniques.
Data Synchronization: ODS is deployed at the customer’s infrastructure under their control and is responsible for automatic or on-demand synchronization between the unencrypted and encrypted database on an iterative and incremental basis.
Algorithm Execution: The OSEE receives algorithmic instructions from the OA for execution. These algorithms are pre-approved by the customer under the scope of each particular application.
Integration with Prisma: Once results are available, Obscura can be easily integrated with Prisma for a number of data visualization options. Once data is integrated with Prisma, it can also be exported to external visualizations tools.