Thumbnail
Use Cases and Applications

BUILD.5, Confidential Computing, and the data privacy revolution. Part 2: The Edge

Song Choi & Mike Isaia
#build5#confidential_computing#edge_computing

In Part 1 of our series on Confidential Computing (CC), we explored the nature of the critical role that CC will play in public cloud security, and the role that BUILD.5 will play in its meteoric rise. If you have not read that article, we highly suggest you get up-to-date as this article will be expanding on the concepts and features introduced there.

In Part 2 of our Confidential Computing use case we will be exploring the impact of CC on another vital infrastructure technology, edge computing:

What is edge computing?

There are over 15 billion devices connected to the internet today, that’s more than 2 devices for every person on the planet, and the rate of new devices coming online isn’t slowing down, it’s accelerating exponentially. Cloud based systems are struggling under the weight of the bandwidth requirements to support this growing trend. To address the network load this informational tidal wave we are living through, networks are adopting new models for data transmission, processing, storage, and security in preparation for our imminent, immediate digital future.

Edge computing is used to describe a basket of technologies that take the processing of data closer to the source, improving security, and most importantly enabling real time, low latency decision making. That last attribute makes it especially important for mobility, IoT, AR/VR systems, and smart cities, all topics that will be extremely familiar to followers of BUILD.5 and our base layer IOTA.

The market for edge computing is projected to grow from 15.96 billion USD this year to 139.58 billion USD by 2030, an astonishing CAGR of 36.3%. (Fortune Business Insights™ Global Edge Computing Market Forecast, 2023-2030.) In this blog post, we will explore how CC and BUILD.5 will work hand in glove, to transform how industries protect private information on the edge.

BUILD.5, Red Hat, and the Edge

As covered in Part 1 of this series, Confidential Computing is a rapidly growing industry designed to protect sensitive, private data that is in use, from unauthorized access and attacks. Something that until the advent of CC has not been possible. By running computations in a secure enclave, confidential computing can enable organizations, ecosystems, and entire ledgers to protect intellectual property, prevent cyberattacks, and in some cases stop the proliferation of malware altogether.

By their very nature, edge networks will maintain a wealth of sensitive, personal privacy information, due their immediate vicinity to people, processes, and operations. This means they will generate entirely new security threat vectors, even more than in traditional cloud environments in some cases. This is due to the hundreds of thousands, in some cases millions of devices that can be stored in different edge servers at different locations.

Figure 1. The edge spans many locations and tiers to meet a variety of use cases.

Blockchain becomes an essential protective layer in this environment due to its inherent properties of data integrity through immutability and decentralized consensus, preventing unauthorized modifications or tampering which can happen both remotely and physically due to the “up close” nature of edge networks. BUILD.5 is built on the IOTA blockchain so beyond the secure native properties of DLTs, BUILD.5 has the additional attributes of its lightweight protocol designed specifically for scalability and economies of scale.

One of the most powerful attributes of the BUILD.5 platform is our ability to seamlessly integrate with Kubernetes based turnkey application platforms like Red Hat OpenShift®, which provides granular access control, auditing, logging, and monitoring capabilities for containerized workloads, providing end-to-end encryption for edge device communication. It is also compliant with robust industry recognized security frameworks and contains built-in policy and compliance capabilities, which is vital for regulated industries like healthcare and financial services.

Like in the public cloud, the BUILD.5 iDOS On Tangle Requests (OTR) can communicate through standardized rails and channels with OpenShift®. This is especially important when you consider that Gartner® estimates that “90% of global organizations will be running containerized applications in production by 2026—up from 40% in 2021.” This means that through BUILD.5 you will be able to integrate blockchain technology into any existing containerized edge or public cloud infrastructure, seamlessly through OTRs! We can now provide all of the features and benefits of IOTA L1, without the past headaches of integrating an exotic, novel technology like DLTs.

Confidential Computing: Privacy on the Edge

Edge projects can include hundreds of thousands of devices, creating massive security challenges for any organization attempting to implement the technology. Because of the “invisible” processing capability of CC enabled devices, edge automation activities can be isolated in a secure enclave, protected from unauthorized access.

Now couple that with the BUILD.5 platform’s ability to combine IOTA and L1 Smart Contracts, and we can enable a secure trusted execution layer across those same edge devices. Add the critical key commodity Mana through Mana Station (as well as proven composable BUILD.5 L1 smart contracts) and now we can ensure consistent and trusted decentralized execution of business logic.

For example, let’s take a global shipping company that is leveraging a three-node cluster topology using Red Hat OpenShift® and their Advanced Cluster Management for Kubernetes. This cluster is connected to the shipping company’s core datacenter for management and controlled by the operators coordinating the fleet.

Figure 2. Red Hat offers three edge deployment topologies to meet a variety of use cases and requirements.

Red Hat supports a remote worker node topology that consists of a physically separated control plane and remote worker nodes. For our example, let’s setup the control plane nodes, which are generally located at larger regional locations, in Germany. And then place the worker nodes out towards a smaller edge site, so in this case we will choose Hamburg.

While stable connectivity between control plane and worker nodes is needed to allow continuous management of the worker nodes, the edge devices traveling through the city and port must have the ability to function with intermittent signal capability based on the routes they travel on land and sea. To function effectively these edge devices must run computations locally and use a mathematical formula to determine inventory control and operating condition of the goods in transit. In addition, customers, everyone from large express package delivery companies to local retail operators and subcontractors have their own individual inventory systems that need to interact with the edge devices.

Through Red Hat Openshift, BUILD.5 can provide a secure trusted execution layer into this process to work across the entire topology of edge devices in operation through the Hamburg nodes and out into the supply chain’s last mile. The IOTA ledger houses the immutable record of the goods (either through the manufacturing process or simply at the point of entry into the supply chain), while BUILD.5 provides the key commodity of Mana through Mana Station as well as proven composable Build.5 L1 smart contracts, to ensure consistent and trusted decentralized execution of the various business logics. Add a secure confidential computing enclave to the devices and the information and logic cannot be seen nor corrupted by unauthorized people or programs, even if the device itself is physically compromised.

In addition, leveraging BUILD.5 and Red Hat into this Hamburg hub enables:

This intersection of open source web2 / web3 enterprise software eliminates the threat of vendor lock-in, improves security attacks from humans and programs, in an extremely complex system, plus it injects new capabilities such as tokenization, NFTs, Digital Twins, and an Immutable Audit trails through proven Red Hat edge environments.

Next we will dive even deeper into additional use cases around CC and Federated AI.

For more information about Confidential computing, BUILD.5, Node Manager, and the iDOS framework, contact us at [email protected].

Related Articles