Styx: Collaborative and Private Data Processing With TEE-Enforced Sticky Policy
It addresses privacy and policy compliance for stakeholders in data-driven collaborations, though it appears incremental as it builds on existing TEE and policy concepts.
The paper tackles the challenge of protecting sensitive information in collaborative data processing like AI training by introducing Styx, a framework that integrates sticky policies with Trusted Execution Environments (TEEs) to enforce data-specific policies throughout the data lifecycle, resulting in reasonable performance overheads and scalability to distributed deployments.
Protecting sensitive information in data-driven collaborations, such as AI training, while meeting the diverse requirements of multiple mutually distrusted stakeholders, is both crucial and challenging. This paper presents Styx, a novel framework to address this challenge by integrating sticky policies with Trusted Execution Environments (TEEs). At a high level, Styx employs a hardware-TEE-protected middleware with a programming language runtime to form a sandboxed environment for both the data processing and policy enforcement. We carefully designed a data processing workflow and pipelines to enable a strong yet flexible data-specific policy enforcement throughout the entire data lifecycle and data derivation to achieve data-in-use protection, data lifecycle protection and dynamic collaboration. We implemented Styx and demonstrated its ability to make collaborative computing, such as joint AI training, more secure, privacy-preserving, and policy-compliant. Our evaluation shows the performance overheads imposed by Styx are reasonable on single-node computation with the capability to scale to a large distributed multi-node deployment.