Driven by the development of data element market and data compliance requirements, privacy computing has become the focus of capital and market attention in recent two years. With the rapid development of the industry, manufacturers of all kinds of backgrounds are pouring into the privacy computing track.
At the same time, the financial technology development plan (20222025) issued by the central bank in January this year once again clearly requires that explore the establishment of a cross entity data security sharing privacy computing platform, standardize the data sharing application on the premise of ensuring that the original data does not leave the domain, ensure the security of data interaction, compliance of use and controllable range, and realize the “availability and invisibility” of data “Data fixed value”
According to the 21st Century Business Herald reporter, at present, banks and other financial institutions have introduced privacy computing technology and deployed relevant systems, but the technical implementation principles of different service providers are different, which has the problem of “high maintenance cost and difficult cross platform data circulation” for financial institutions deploying different systems. How to realize the interconnection of different privacy computing platforms safely, legally and efficiently has become the key problem to be solved by the industry.
first year of commercialization
2021 is generally regarded as the first year of commercialization of private computing in the industry.
On the one hand, financial institution users’ personal information collection is limited , with the implementation of network security law, data security law and personal information protection law, the basic legal framework in the field of network security and data protection in China has been formed; On the other hand, the information security protection of Bancassurance institutions is more strict . This year, the CBRC issued the measures for the risk supervision of IT outsourcing of Bancassurance institutions, which puts forward comprehensive requirements for IT outsourcing of Bancassurance institutions from the aspects of IT outsourcing governance, access, monitoring and evaluation, risk management and so on.
In the context of data compliance protection, the privacy computing technology used by Google and Facebook for C-end personal data protection overseas has played an important role in China’s government data opening and financial data circulation.
Privacy computing is a technical system, involving machine learning, distributed machine learning, cryptography, secure multi-party computing, federated learning and other technologies.
“Traditional machine learning has no privacy. It needs to gather data together for centralized training and modeling. However, in the context of data legislation, the problems of data island and privacy protection are prominent. We can only establish an ecosystem through federal learning. When the data owner does not leave the domain, multi-party joint modeling can solve the problem of data island technically.” Li Yi, an associate professor at Dalian University of technology, said.
Yao Ming, CEO of insight technology, told reporters: “Before 2018, the data was in a state of savage circulation. Many private so-called credit investigation companies, as data intermediaries, physically copied and transmitted data, resulting in data retention, lax data control and leakage. Some enterprises even sold the original data subjectively and maliciously without obtaining the user’s authorization. If the data legislation restricts such gray business models at the legal level The development of privacy computing is to prevent the physical replication, caching and unauthorized trafficking of data from the technical level. “
Reporters learned that \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\, China Life Insurance Company Limited(601628) etc. have been laid out as private computing platforms.
next step, interconnection
While many privacy computing technology service providers are pouring into the track, there are great differences in the technical implementation principles of service providers of different technical schools. Instead, the “data island” that should be solved by privacy computing has evolved into a “computing island”.
In particular, financial institutions cooperate with multiple data sources in practical applications. Therefore, institutions deploying different privacy computing platforms will face the dilemma of “high cost and difficult circulation”.
“For the application side, many private computing systems may be deployed, which involves a lot of learning, management and maintenance costs, and it is also very troublesome to ensure data security in many black box systems.” Zhou Yongkai, head of the new technology team of China UnionPay Financial Technology Research Institute, said, “for technology providers, they also need to invest a lot of energy in access security testing and user training of different enterprises, which is a thankless thing.”
In order to truly realize the production and implementation of privacy computing and improve the system architecture ability of the application party, the privacy computing industry began to explore interconnection.
When building a heterogeneous technology platform, the senior executives of the insurance company should finally ensure the interoperability of different technology platforms, no matter how different they are.
In order to break the original barriers to the application of different privacy computing technologies, the Chinese Academy of information and communications has jointly prepared the overall framework of a series of standards for cross platform interoperability of privacy computing, involving communication specifications, interconnection protocols and application specifications.
according to the reporter’s understanding, at present, the interconnection of privacy computing platforms has gone from the interface of the upper management system layer to the interconnection of the middle algorithm protocol layer between heterogeneous privacy computing platforms
Different privacy computing platforms regard the core algorithm as a black box, do not define the algorithm itself, but only standardize and define the basic information, input and output of the algorithm, so that the algorithm can be published at different technical service manufacturers in the form of plug-ins, and finally realize interconnection.
At present, many technical service providers are exploring to decompose the algorithms or protocols of different privacy computing platforms into computing primitives with minimum granularity, realize the abstraction and definition of computing primitives, realize interconnection at the primitive layer, then realize the implementation of middle-level algorithms and upper-level applications based on the underlying computing primitives, and finally complete the interconnection of platforms.
\u3000\u3000 “Up to now, privacy computing technology is far from being as clear-cut as it was when it was first born, but multiple technology paths have evolved together. At this stage, MPC, tee and federal learning are three pillars of technology, and the commercialization process is leading. In the actual process of commercial implementation, people find that the mode of single path technology can not meet the market demand, and the integrated application of multiple technologies has become a trend In line with the current trend, manufacturers have also reached a technical consensus on multiple technologies to realize path parallelism. ” He Hao, CTO of insight technology, expressed his outlook to reporters. “At the level of privacy computing business ecology, we envisage that in the future, more participants should form a wider data intelligent circulation network.”
