クラウド上での安全なデータ共有のためのコンフィデンシャル・コンピューティングの進化
Alternate data sources can be a possible way to enhance insurance models and provide greater insights for insurers, leading to the inclusion of data sources such as IoT streaming data or incident response databases alongside existing internal organizational data. But how do we ensure that we can share data in use securely on the cloud, and not compromise the integrity and confidentiality of sensitive data fields?
Confidential computing is a solution for secure data sharing on the cloud. Announced at Microsoft Ignite 2020, the Confidential Computing theme at Microsoft Research Cambridge conducts pioneering research in design of systems that guarantee strong security and privacy properties to cloud users. Intel describes confidential computing as an emerging industry initiative focused on helping to secure data in use. Encrypted data are processed in memory, which lowers the risk of exposing sensitive data and provides a higher degree of control and transparency for users. Organizations would have protection controls over sensitive IP and protects data in use. Intel Software Guard Extensions (SGX) provide hardware-based memory encryption for confidential computing capabilities. R3 Conclave extend SGX and provides a higher-level confidential computing platform to secure sensitive business data in use, aggregating datasets to solve shared business problems without revealing the actual data to parties in the loop.
Upcoming technology providers such as Colibrate, Verifoxx, OneHypernet, and Decentriq are developing platforms powered by confidential computing. Use case include data lineage and supply chain, identify verification and authentication, cross-border payment network, fraud detection, cyber insurance assessment, and overall data collaboration for industry benchmarking.
The next-generation insurer will embrace the trove of data residing in the industry to better understand customers, underwriting, claims process, and general risk assessment. The cultivation towards an openess to utilize data from peers and external sources would signal a stronger shift towards insights-driven decision and complement existing actuarial methods. Confidential computing can make data openness more appealing by providing a centralized platform for data sharing and consent and encouraging multi-party trust in the process. An illustration of confidential computing process can be seen at Figure 1.
-------------------------------------------------------------------------------------------------------------------------------
Figure 1: Confidential Data Enclave
Source: Celent, with reference from R3 CordaCon 2021 and Decentriq
-------------------------------------------------------------------------------------------------------------------------------
We have provided a glimpse into how the industry can benefit from confidential computing and will be diving deeper into how confidential computing can provide trusted and secured data exchange in Celent upcoming report - Securing Insurance Data: Confidential Computing and Data Lineage Use Case (published on December 2021) – and discuss at Celent’s 2022 Technology Trends Previsory Series insurance track. Stay tuned!
________________________________________________________________________________
To learn more, Celent tracks this market and has research addressing it (list of recent reports here). If you would like to find out more, please feel free to get in touch with me.
Below are related reports/blogs to this blog:
Data, MLOps, and IoT for the Next-Generation Insurance Industry