search

yang-sec / PrivacyGuard

PrivacyGuard is a platform that combines blockchain smart contract and TEE to enable transparent enforcement of private data computation and fine-grained usage control. This repo includes prototype implementation and evaluation programs.
MIT License
27 stars 4 forks source link
data-usage privacy-protection smart-contract

readme

Dear users, we kindly note that this repo provides a proof-of-concept implementation of PrivacyGuard, not a product release. An older generation (2.0.1) of Intel SGX is used. We recommend readers to use our code as a workflow reference, rather than a product baseline. Thanks!

Entities to be run in the cloud:

Entities to be run remotely

System requirements

Deployed contracts (on Ethereum Rinkeby)

How to run

System workflow for single data usage case with 1 DO, 1 iDA, 1 CEE

  1. DO publishes its data usage policy through Ethereum smart contracts.
  2. DO remotely attests iDA's enclave.
  3. DC observes DO's contract from blockchain and parses the policy.
  4. DC invokes the smart contract by sending a transaction with the required deposit amount to call the contract's request() function.
  5. DC sends a REQUEST message to DO's iDataAgent.
  6. iDataAgent checks DC's deposit amount in the contract and then deploys CEE.
  7. iDataAgent and DC remotely attest CEE's enclave.
  8. With the secure channel establish by step 6, iDataAgent provisions DO's data decryption key K_data to CEE.
  9. CEE performs data operation.
  10. CEE securely provisions C_result, Hash(C_result), Hash(K_result) to DC; K_result to iDA. Then destructs the enclave.
  11. DC calls the contract's computationComplete() function with Hash(K_result).
  12. DO calls the contract's completeTransaction() function with K_result.

Test the Enclave Program ML Model Training Only (i.e., off-chain execution)

Publication

The paper titled "PrivacyGuard: Enforcing Private Data Usage Control with Blockchain and Attested Off-chain Contract Execution" has appeared in ESORICS 2020, Sep 14-18, 2020.