Secure data sharing and distributed processing with Mahiru

Secure and privacy-aware data sharing is currently a hot topic in research as well as in industry. Many solutions are being proposed, ranging from centralised data warehouses to plain data exchange, compute-to-data, trusted third party, federated machine learning, secure multiparty computation and homomorphic encryption. Each of these has its advantages and disadvantages, and ideally, one or more of these options will be chosen on a case-by-case basis, depending on the data user's goals as well as the security, privacy and trust concerns related to the data, software and parties involved. To support this, a flexible infrastructure that can support all these cases is needed.

Mahiru is a system for data exchange and distributed data processing which supports most of the applications above. A Mahiru data exchange consists of a group of independent organisations operating a federation of sites. Parties control their own data, software and systems, but data and software may be transferred and executed throughout the system as policies allow, and measures are taken to reduce the risks involved in doing so. There is no central control, and the system can be fully decentralised if desired. A proof-of-concept implementation is currently in development, and is available as Open Source software. This presentation covers the overall architecture of the system as well as the policy mechanism and how it governs distributed execution of data processing workflows.