Dappworks provides TEE platform for weTrusta to ensure medical data confidentiality

Yusin Hu, DIGITIMES Asia, Taipei 0

Credit: Cottonbro Studio

Dappworks Technology, a cybersecurity solution provider based in Richmond, Canada is working with a team in Taiwan, known as weTrusta, to promote multi-party data-sharing in a trusted execution environment (TEE) and to widen the adoption of TEE in medical data exchange.

WeTrusta said it will be signing a memorandum of understating (MoU) this year with a healthcare group in Taipei, Taiwan. It is also working with data security companies to add a service layer into security packages, exploring applications beyond medical systems.

Trusted execution environment (TEE) is a black box on the CPU where confidential computing takes place. Ben Huang, head of business development of weTrusta, said that sharing sensitive data requires frivolous paperwork and conventional safety measures in the hospital; however, such procedure does not prevent data from being decrypted or illegally saved by a third-party, and decryption of medical data is what keeps hospitals or medical institutions from collaborating or sharing database.

Sharing data can help deepen the hospital's research work in analyzing patients' conditions or diagnosing diseases.

Data stays encrypted when stored in the server and when in transit from end to end. Decrypting data endangers confidentiality, Huang said. Data-in-use exposes the data to leaking and illegal saving. Once data gets revealed in public, even to a limited, allowed number of staff, the hospital risks confidentiality.

To solve this problem and to perform confidential computing for a broader range of use cases, Dappworks has developed a platform that helps smoothen the process of confidential computing in TEE. Users will not need to alter encrypted data codes or algorithms and will not be able to download or see the process of data computing but the output.

Take AI-assisted medical modeling for example, researchers will only get the output as algorithms or calculation results and will not have access to other resources such as medical photographs or radiographs. In this sense, the researchers will need to come back to the data holder, usually the hospital, for verification of the research, which ensures that the hospital or the institution still withholds the rights of the data and that the data is genuinely protected from end-to-end.

Huang added that his goal is to maximize the value of utilizing the public healthcare system and provides more precise and valuable analysis based on such large-scale database while observing laws that command the data should remain private and confidential.

WeTrusta now focuses on introducing the platform to medical institutions and hospitals in Taiwan. Dappworks is the service provider building the TEE technology and plans to establish a joint venture in Taiwan with the weTrusta team. The platform, according to Michael Zhou, senior engineer at weTrusta, could be implemented for any applications that need end-to-end protection or to perform multi-party confidential computing.

Ben Huang, head of business development at weTrusta Credit: weTrusta

Ben Huang, head of business development at weTrusta Credit: weTrusta