Summary
Encryption and security are critical elements in data analytics and machine learning applications. We have well developed protocols and practices around data that is at rest and in motion, but security around data in use is still severely lacking. Recognizing this shortcoming and the capabilities that could be unlocked by a robust solution Rishabh Poddar helped to create Opaque Systems as an outgrowth of his PhD studies. In this episode he shares the work that he and his team have done to simplify integration of secure enclaves and trusted computing environments into analytical workflows and how you can start using it without re-engineering your existing systems.
Announcements
Hello and welcome to the Data Engineering Podcast, the show about modern data management
When you're ready to build your next pipeline, or want to test out the projects you hear about on the show, you'll need somewhere to deploy it, so check out our friends at Linode. With their new managed database service you can launch a production ready MySQL, Postgres, or MongoDB cluster in minutes, with automated backups, 40 Gbps connections from your application hosts, and high throughput SSDs. Go to
dataengineeringpodcast.com/linode (
https://www.dataengineeringpodcast.com/linode) today and get a $100 credit to launch a database, create a Kubernetes cluster, or take advantage of all of their other services. And don't forget to thank them for their continued support of this show!
Modern data teams are dealing with a lot of complexity in their data pipelines and analytical code. Monitoring data quality, tracing incidents, and testing changes can be daunting and often takes hours to days or even weeks. By the time errors have made their way into production, it’s often too late and damage is done. Datafold built automated regression testing to help data and analytics engineers deal with data quality in their pull requests. Datafold shows how a change in SQL code affects your data, both on a statistical level and down to individual rows and values before it gets merged to production. No more shipping and praying, you can now know exactly what will change in your database! Datafold integrates with all major data warehouses as well as frameworks such as Airflow & dbt and seamlessly plugs into CI workflows. Visit
dataengineeringpodcast.com/datafold (
https://www.dataengineeringpodcast.com/datafold) today to book a demo with Datafold.
RudderStack helps you build a customer data platform on your warehouse or data lake. Instead of trapping data in a black box, they enable you to easily collect customer data from the entire stack and build an identity graph on your warehouse, giving you full visibility and control. Their SDKs make event streaming from any app or website easy, and their extensive library of integrations enable you to automatically send data to hundreds of downstream tools. Sign up free at
dataengineeringpodcast.com/rudder (
https://www.dataengineeringpodcast.com/rudder)
Build Data Pipelines. Not DAGs. That’s the spirit behind Upsolver SQLake, a new self-service data pipeline platform that lets you build batch and streaming pipelines without falling into the black hole of DAG-based orchestration. All you do is write a query in SQL to declare your transformation, and SQLake will turn it into a continuous pipeline that scales to petabytes and delivers up to the minute fresh data. SQLake supports a broad set of transformations, including high-cardinality joins, aggregations, upserts and window operations. Output data can be streamed into a data lake for query engines like Presto, Trino or Spark SQL, a data warehouse like Snowflake or Redshift., or any other destination you choose. Pricing for SQLake is simple. You pay $99 per terabyte ingested into your data lake using SQLake, and run unlimited transformation pipelines for free. That way data engineers and data users can process to their heart’s content without worrying about their cloud bill. For data engineering podcast listeners, we’re offering a 30 day trial with unlimited data, so go to
dataengineeringpodcast.com/upsolver (
https://www.dataengineeringpodcast.com/upsolver) today and see for yourself how to avoid DAG hell.
Your host is Tobias Macey and today I'm interviewing Rishabh Poddar about his work at Opaque Systems to enable secure analysis and machine learning on encrypted data
Interview
Introduction
How did you get involved in the area of data management?
Can you describe what you are building at Opaque Systems and the story behind it?
What are the core problems related to security/privacy in data analytics and ML that organizations are struggling with?
What do you see as the balance of internal vs. cross-organization applications for the solutions you are creating?
comparison with homomorphic encryption
validation and ongoing testing of security/privacy guarantees
performance impact of encryption overhead and how to mitigate it
UX aspects of not being able to view the underlying data
risks of information leakage from schema/meta information
Can you describe how the Opaque Systems platform is implemented?
How have the design and scope of the product changed since you started working on it?
Can you describe a typical workflow for a team or teams building an analytical process or ML project with your platform?
What are some of the constraints in terms of data format/volume/variety that are introduced by working with it in the Opaque platform?
How are you approaching the balance of maintaining the MC2 project against the product needs of the Opaque platform?
What are the most interesting, innovative, or unexpected ways that you have seen the Opaque platform used?
What are the most interesting, unexpected, or challenging lessons that you have learned while working on Opaque Systems/MC2?
When is Opaque the wrong choice?
What do you have planned for the future of the Opaque platform?
Contact Info
LinkedIn (
https://www.linkedin.com/in/rishabh-poddar/)
Website (
https://rishabhpoddar.com/)
@Podcastinator (
https://twitter.com/podcastinator) on Twitter
Parting Question
From your perspective, what is the biggest gap in the tooling or technology for data management today?
Closing Announcements
Thank you for listening! Don't forget to check out our other shows. Podcast.__init__ () covers the Python language, its community, and the innovative ways it is being used. The Machine Learning Podcast (
https://www.themachinelearningpodcast.com) helps you go from idea to production with machine learning.
Visit the site (
https://www.dataengineeringpodcast.com) to subscribe to the show, sign up for the mailing list, and read the show notes.
If you've learned something or tried out a project from the show then tell us about it! Email
hosts@dataengineeringpodcast.com (mailto:
hosts@dataengineeringpodcast.com)) with your story.
To help other people find the show please leave a review on Apple Podcasts (
https://podcasts.apple.com/us/podcast/data-engineering-podcast/id1193040557) and tell your friends and co-workers
Links
Opaque Systems (
https://opaque.co/)
UC Berkeley RISE Lab (
https://rise.cs.berkeley.edu/)
TLS (
https://en.wikipedia.org/wiki/Transport_Layer_Security)
MC² (
project.github.io/">https://mc2-
project.github.io/)
Homomorphic Encryption (
https://en.wikipedia.org/wiki/Homomorphic_encryption)
Secure Multi-Party Computation (
https://en.wikipedia.org/wiki/Secure_multi-party_computation)
Secure Enclaves (
https://opaque.co/blog/what-are-secure-enclaves/)
Differential Privacy (
https://en.wikipedia.org/wiki/Differential_privacy)
Data Obfuscation (
https://en.wikipedia.org/wiki/Data_masking)
AES == Advanced Encryption Standard (
https://en.wikipedia.org/wiki/Advanced_Encryption_Standard)
Intel SGX (Software Guard Extensions) (
https://www.intel.com/content/www/us/en/developer/tools/software-guard-extensions/overview.html)
Intel TDX (Trust Domain Extensions) (
trust-domain-extensions.html">https://www.intel.com/content/www/us/en/developer/articles/technical/intel-
trust-domain-extensions.html)
TPC-H Benchmark (
https://www.tpc.org/tpch/)
Spark (
https://spark.apache.org/)
Trino (
https://trino.io/)
PyTorch (
https://pytorch.org/)
Tensorflow (
https://www.tensorflow.org/)
The intro and outro music is from The Hug (
http://freemusicarchive.org/music/The_Freak_Fandango_Orchestra/Love_death_and_a_drunken_monkey/04_-_The_Hug) by The Freak Fandango Orchestra (
http://freemusicarchive.org/music/The_Freak_Fandango_Orchestra/) / CC BY-SA (
http://creativecommons.org/licenses/by-sa/3.0/)