Periodic Reporting for period 1 - TITAN (TITAN: Trusted envIronments for confidenTiAl computiNg and secure data sharing)
Periodo di rendicontazione: 2024-02-01 al 2025-07-31
TITAN’s objectives by combining a thorough understanding of the data protection legal landscape on the European Union (EU) and national level with tools from the confidential computing (CC), privacy-enhancing technologies (PETs), machine learning (ML), and distributed ledger technology domains. Emerging hardware-based computation protection technologies such as TEE-supported Confidential Computing used in TITAN’s solutions enable novel data access models where both data and applications remain confidential. Leveraging the strengths of distributed ledger technologies to access control, access management and transaction logging will allow to build by design transparency and accountability into TITAN’s solutions. Remote attestation features produce cryptographically verifiable statements about computation environments and their security guarantees. TITAN will explore a panoply of privacy-enhancing technologies for data anonymisation and network security best practices to enable solutions to separate security domains within the EOSC.
O1: Building a solution for sharing and publishing sensitive data in the EOSC Interoperability Framework requires a thorough understanding of the legal, technical, and architectural constraints.
R1.1 Architectural specification of secure data sharing platform for sensitive data, with support for publishing anonymized data in EOSC-compliant repositories;
R1.2 Assessment and categorization of solutions for anonymization
of sensitive data and metadata;
R1.3 Specification of solutions using distributed ledger technologies for transparent access control management and decentralized transaction monitoring;
R1.4 Legal framework for compliance with national and EU data protection legislation for cloud-based sensitive data processing in local, cross-regional and cross-border settings.
02: TITAN will address the challenge of effective sharing and processing of sensitive data, by defining and developing secure data storage environments and pipelines in which data processors could seamlessly work with aggregated and desensitised data
R2.1 Computation pipelines for secure data aggregation,
anonymization, and multi-party analysis for EOSC;
R2.2 Access control management and transaction logging using decentralized identities and distributed ledger technologies;
R2.3 Security & privacy policy descriptions supported;
R2.4 Zero-trust cloud topologies for secure data sharing;
R2.5 EOSC compliant mechanisms for usable, reliable, and scalable data anonymization.
O3: TITAN will build an infrastructure-as-code confidential computing platform for multi-party computation. TITAN will deliver the platform as an open-source, self-documenting orchestration script allowing easy deployment by practitioners
R3.1 EOSC blueprint for collaborative and privacy-preserving AI/ML
based on confidential computing;
R3.2 Confidential GPU support for the TITAN secure data sharing platform;
R3.3 TEE memory encryption and encrypted processing mechanisms;
R3.4 Mechanisms for secure orchestration (deployment and aggregation) of federated learning workloads.
O4: TITAN will integrate the components developed throughout the project into a confidential EOSC platform compatible with existing solutions in the EOSC ecosystem and federation frameworks, such as Gaia-X. The project will conclude with a test of data sharing in two cross-border use cases involving sensitive data
R4.1 TITAN interoperability layer aligned with EOSC IF;
R4.2 Federation interoperability with the European Cloud providers OpenNebula/OpenStack cloud infrastructure;
R4.3 Two new anonymized EOSC (meta)datasets (government and healthcare);
R4.4 Validation of TITAN solutions in cross-organizational and cross-border data-driven use cases
O5: TITAN will disseminate, exploit, and communicate the proposed solutions for data governance and stewardship through cooperation and alignment with EOSC partnership activities, integrating with the operational EOSC and engaging with public authorities and the private sector to showcase the benefits
R5.1 Website developed and online by M4;
R5.2 Social media channels created by M1;
R5.3 - Liaison with EOSC with active memberships and meeting participation;
R5.4 Publications in journals and conferences;
R5.5 Blogs, position papers and articles;
R5.6 Co-organization of events and workshops;
R5.7 Standardization recommendations and consideration of the TITAN solutions and EOSC Interoperability Framework;
R5.8 Publication of results highlighting the use of TITAN solutions for secure access to sensitive public data through EOSC
R1.1 Architectural specification of secure data sharing platform for sensitive data, with support for publishing anonymized data in EOSC-compliant repositories;
R1.2 Assessment and categorization of solutions for anonymization
of sensitive data and metadata;
R1.3 Specification of solutions using distributed ledger technologies for transparent access control management and decentralized transaction monitoring;
R1.4 Legal framework for compliance with national and EU data protection legislation for cloud-based sensitive data processing in local, cross-regional and cross-border settings.
02: TITAN will address the challenge of effective sharing and processing of sensitive data, by defining and developing secure data storage environments and pipelines in which data processors could seamlessly work with aggregated and desensitised data
R2.1 Computation pipelines for secure data aggregation,
anonymization, and multi-party analysis for EOSC;
R2.2 Access control management and transaction logging using decentralized identities and distributed ledger technologies;
R2.3 Security & privacy policy descriptions supported;
R2.4 Zero-trust cloud topologies for secure data sharing;
R2.5 EOSC compliant mechanisms for usable, reliable, and scalable data anonymization.
O3: TITAN will build an infrastructure-as-code confidential computing platform for multi-party computation. TITAN will deliver the platform as an open-source, self-documenting orchestration script allowing easy deployment by practitioners
R3.1 EOSC blueprint for collaborative and privacy-preserving AI/ML
based on confidential computing;
R3.2 Confidential GPU support for the TITAN secure data sharing platform;
R3.3 TEE memory encryption and encrypted processing mechanisms;
R3.4 Mechanisms for secure orchestration (deployment and aggregation) of federated learning workloads.
O4: TITAN will integrate the components developed throughout the project into a confidential EOSC platform compatible with existing solutions in the EOSC ecosystem and federation frameworks, such as Gaia-X. The project will conclude with a test of data sharing in two cross-border use cases involving sensitive data
R4.1 TITAN interoperability layer aligned with EOSC IF;
R4.2 Federation interoperability with the European Cloud providers OpenNebula/OpenStack cloud infrastructure;
R4.3 Two new anonymized EOSC (meta)datasets (government and healthcare);
R4.4 Validation of TITAN solutions in cross-organizational and cross-border data-driven use cases
O5: TITAN will disseminate, exploit, and communicate the proposed solutions for data governance and stewardship through cooperation and alignment with EOSC partnership activities, integrating with the operational EOSC and engaging with public authorities and the private sector to showcase the benefits
R5.1 Website developed and online by M4;
R5.2 Social media channels created by M1;
R5.3 - Liaison with EOSC with active memberships and meeting participation;
R5.4 Publications in journals and conferences;
R5.5 Blogs, position papers and articles;
R5.6 Co-organization of events and workshops;
R5.7 Standardization recommendations and consideration of the TITAN solutions and EOSC Interoperability Framework;
R5.8 Publication of results highlighting the use of TITAN solutions for secure access to sensitive public data through EOSC
The goal of the TITAN (Trusted envIronments for confidenTiAl computiNg and secure data sharing) is to achieve tangible progress towards secure data sharing. To do so, TITAN will provide a platform as a modular set of integrated interoperable components for confidential data collaboration and secure and privacy-preserving data processing. The solution will leverage the Confidential Computing technology supported by hardware-accelerated protection of data in process using TEEs . The goal is to enable practical access and sharing of sensitive datasets from public entities and government agencies. Nevertheless, TITAN is targeting all domains that require processing of sensitive data, and where operations on such datasets pose technical and interoperability obstacles, as well as legal, and ethical challenges for cross-institutional and cross-border data exchange. To ensure interoperability with the EOSC IF, TITAN will be compliant with the technical, semantic, organisational, and legal layers of the EOSC IF. This will be achieved by respecting relevant standards and specifications that the platform can interoperate with other services and applications in the EOSC ecosystem . The effectiveness of the TITAN platform will be evaluated in several vertical cross-border scenarios, including public administration and healthcare. We will demonstrate the practical benefits of the platform in these scenarios and solicit feedback from stakeholders to further refine and improve the platform.