Decentralized cloud and IA model protection with iEXEC
Decentralization for cloud computing is coming on strong with a multitude of advantages. In addition, companies like iEXEC not only bring a decentralized solution for cloud resources, but also use Intel SGX to secure to further protect data. AirTrace currently uses iEXEC for the ADOS AI and distributed computing algorithm.
Decentralized cloud computing
The cloud has all along provided access to processing power and storage. Allowing companies to use it for applications without a high cost of equipment, nor great difficulty in arranging or optimizing hardware. With cloud computing, companies only pay for what they use, thus avoiding overspending. Below are some of the largest cloud services, with Amazon being the largest for apps such as Netflix.
"Enterprises have spent $178 billion on cloud infrastructure services by 2021, which is a 37% increase compared to 2020"
However, as mentioned in the previous article, centralized cloud-based systems are becoming less and less convincing to society, due to the amount of user data they process and the fear of having so much information about oneself at their disposal. This is why new, more decentralized and more secure storage solutions are emerging. Decentralization brings great advantages to current systems, as it provides users with greater control over data, greater transparency in the treatment and processing of information. Decentralized cloud computing is nothing more than what AWS and Google do, but in a decentralized way, where the computation comes from different individual nodes across the network instead of centralized data centers and hardware.
iEXEC for decentralized cloud
iExec is a company that is developing a cloud computing solution in a decentralized way, to make computing power available to companies, individuals and dApss on the blockchain. In this way, decentralized applications can use iExec's decentralized cloud to run computation in a secure, simple and inexpensive way that enables high scalability, unlike Ethereum's virtual machine. iEXEC uses XtremWeb-HEP for cloud computing. iEXEC is composed of three distinct platforms. Firstly the 'dApp Store', which is a store where all dApps using iEXEC are listed. Secondly, 'The Marketplace', which allows the buying and selling of computing resources and finally the 'Data Marketplace', where companies with excess data can sell this data to any application that wants to buy it.
Why is something like iEXEC necessary for Blockchain?Blockchain technology is a very effective tool to provide decentralized solutions and a case in point is the Ethereum network. Ethereum is a pioneer and the number one for building decentralized applications (DApp). However, every time new DApp ideas and processes are emerging that require more computational load, which, the Ethereum Virtual Machine in theory can cope with, but the more computational load, the more congested the network will be (slower it will go and more resources will be needed) and also the more expensive the network will be. This is why Off-Chain solutions are born in the cloud to process heavy computation off-chain. Once processed, the information and results are returned to the Ethereum blockchain for verification. As DApp, AI, smart cities and IoT solutions grow and the Blockchain economy grows, there will be a need for a decentralized cloud service that can cope with off-chain computing.
Intel SGX and hardware enclaves
First of all, the concept of Trusted Execution Environment (TEE) must be understood. A Trusted Execution Environment (TEE) is a technology that protects sensitive devices and data from manufacturers, service providers and consumers. The TEE protects the area of the hardware where code executes in isolation and the trusted code in the TEE cannot be seen or modified. That is, a TEE is an area on a device's main processor that is separate from the system's main operating system (OS). Intel SGX is a TEE implementation.
Intel SGX (Intel Software Guard Extensions), consists of a set of security instructions built into the CPU that allow code and data from selected parts to be executed in protected areas called enclaves. Developers can divide a computer's memory into enclaves, which are private, predefined areas in memory that can better protect users' confidential information. That is, while an application is running on a host machine, SGX enclaves act as a bubble isolating and protecting the application from the host machine. In this way, no one can access and manipulate the application, nor the host machine's root administrator. In short, it is a form of hardware-based encryption that allows users to protect their most sensitive data by placing it in a highly secure environment within memory.
iEXEC for AI models
iExec also allows to provide computational power for Artificial Intelligence outside the blockchain, to finally transfer the obtained results back to the blockchain to leave them in an immutable and secure form. In other words, iExec leverages Blockchain and Intel SGX hardware enclaves to protect Artificial Intelligence models. In this way, anyone who does not own the AI models can be allowed to use the model and the model owner retains full ownership and intellectual property of the model. In this way, using iEXEC, the owner of the AI model can decide who will use it and since the AI model is an encrypted dataset, the owner can be sure that no one will be able to decrypt the dataset. In fact, iEXEC is currently being used in AirTrace for ADOS distributed computing and the Graph Neural Network algorithm.
Here is a YouTube example of how iEXEC is used for a car license plate detection AI model.