Data Con LA 2021 - Trust No One

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

okay so it's uh 12 40. i'll go ahead and just do the introduction now um so let's see here okay um hello everyone thank you for joining us from your homes all around the world to attend datacon la 2021 let's give isha shireen powers chief architect from ibm a big data connelly welcome my name is aaron your host and co-hosting with me today is chijioki ishimura we will be moderating the chat and q a for everyone that's joining a session and i would love to give a brief background of isha isha designs and develops cryptography software for ibm enterprise systems her expertise is in cryptographic key usage and management data encryption and decryption signature generation and verification key algorithms hash methods and crypto co-processor management without further ado i present to you isha and her exciting talk on trust no one take it away isha thanks so much aaron and also thanks to cj for helping the host in the background so hi everyone welcome to the session i hope you guys are having a really great conference so far um i definitely miss being there in person uh but hopefully we'll get there you know maybe next year we'll see so um as you heard my name is isha shireen powers and i am a huge crypto nerd i've been working at ibm for about 17 years now which is a little crazy i didn't didn't know i was gonna end up working there for like most of my career but i absolutely love the work that i do i love working in crypto and security and i love working on mainframe so if you haven't seen me present before um that's probably new to you is that yes mainframe still exists and yes i do work on them actively and you probably use them every day and don't know about if you've ever gone to a bank you're probably using a mainframe so it's good for you guys to know so the backdrop of some of this will be mainframe and think about enterprise computing and protecting data but hopefully this is a really cool session and you learn a lot about fully homophobic encryption how does that differ from traditional encryption and then i'm going to kind of end with a demo i'm showing you the fully homomorphic encryption toolkit which runs on linux and not just linux on z on the mainframe but it runs on linux even if it was on your you know x86 box or other systems and uh maybe you guys will play around with it get started with it and see kind of some of the benefits and value there okay okay let's get started so this is something i'm sure you guys already know which is that using encryption is really really helpful for protecting systems whether you're protecting just your laptop with things like whole disk encryption or whether you're protecting huge servers and you have your disk encryption and application encryption and network encryption and all of those things and really from a business perspective if you're working at you know really large company you're trying to protect your company you're trying to protect your clients right there's going to be you know risk and financial loss if there's a data breach right you're going to be in the news your reputation may not you know hold up as well you're going to have finds that you may have to pay depending on which regulations that you have to comply with so there's lots and lots of reasons for you to encrypt data besides the fact that you may be like me just think crypto is just really really really cool so hopefully um you love crypto and um know that it has a lot of benefit to your business and to your organization and to your company or to your personal life okay so let's first let's take a look at traditional encryption we're gonna look at two different things we're gonna look at the encryption of data in flight we look at encryption of data at rest so with traditional encryption you're thinking about you know encrypting data and flight right because you're on the internet you're on your mobile phone you need to be able to send across you know your password you know so you can authenticate to various systems how do you do that securely well you do that by establishing a secure connection before you actually even send any private or personal or secret data across and you can do a lot of this is happening behind the scenes of course you know in your browser right where you are you know you have that bro you can kind of see the example here where you know you have your browsers requesting a secure connection to a server server sends back a certificate the browser validates that certificate says yay that looks good generates a session key on your behalf and then encrypts that session key with the server's public key sends it back over to the server the server says okay now the server has can decrypt that you know session key and now you have a session key which is shared between the two you can just kind of send data back and forth and back and forth with that session key now something important to note about network encryption is that that data is secure in transit you know from that one point to the other plane any other points in between that data is secure however when it comes to your time to use that data that data is often in the clear so you have to decrypt the data before you can actually use it maybe if you're doing a sql query or if you have an application that's processing the data you have to decrypt it so you can actually do that you know whatever operation you want to perform and so that's one of the things about networking groups or just about traditional encryption in general you generally have to decrypt the data in order to use it now that same thing also applies to encryption of data at rest so let's look at data address so data at rest is is really fun too because you can think of like many different you know encryption or encrypted cryptography technologies that you can use your data encryption um oftentimes when we talk about data at rest we look at it from this pyramid perspective of different layers you know of encryption that you can do and depending on which you know depending on what's important to you what criteria matters to you you might decide to encrypt that one or more of these layers so just to break that down a little bit at the bottom of the pyramid that's the widest part of the pyramid you have things like this level encryption that's when you think of like that you think of whole disk encryption everything on that disk is protected so 100 protection which is wonderful it's usually one of the easiest forms of encryption to turn on you turn on everything's protected and it's yay it's happy um with foot disk level encryption or full disk encryption essentially it protects someone from being able to you know take your disk and try to use it you know they can try to take your hard disk and try to make use of it or they can try to steal like if you have like a huge storage device and you have you know the different devices plugged in they might try to steal one or two of those so full discussion encryption protects you from tampering or protects you from someone trying protects you from theft now that's great you know but you know if a person can log on to your system maybe it's an insider attack maybe it's someone that hacked them got through your firewall then this little encryption is not going to protect you from that type of attack right because once you've you know brought your computer system online now anyone has access to the data clear so from you know within that computing system your data is available so then you can say well okay well disc encryption is great for that one type of attack well you might layer on other types of you know encryption or crypto technologies to protect from other types of attacks so one of those might be something that we call data set level encryption which is similar to like file level encryption meaning you're you're encrypting like individual files we call data sets in the system and what that means is you can actually have more control so what notice that at this part of the pyramid it's not quite as wide as the this level but it's still pretty wide because when you think about file and database set level encryption there's gonna be some files for data sets that you probably won't be able to create things that you're using to boot up your system those might not be a good idea saying grip because you kind of need those in order to boot up your system in order to get the cryptographic key so you can do the crypto operations to decrypt the file that you needed to boot the system so there's a little bit of a chicken and egg problem there so there's going to be some data sets or some files that you encrypt and others that you don't but it does allow you to encrypt things so if someone's into your system you can control who can actually access the file or who can't now you go up a level database encryption and now we're looking at your database so this is more narrow because it's only a specific type of application that this applies to but it gives you an additional level of protection that you may not get with file or disk right because with database level encryption now you can encrypt data in memory buffers which means someone who's you know if you're trying if you have a problem with your database and uh you're a big company you have a problem you're going back to your vendor saying hey somebody fix this they're usually going to tell you hey give me a dump of that data what was the data in there so we can try to recreate the problem try to solve the issue and well what happens to be in that data well if it's a database of sensitive information i mean you're essentially handing over your sensitive information to a third party may not be so great and so in that case if you have database encryption then your data is encrypted memories when you skip that over and give that to that third party the data is encrypted so they can't see it so that's really awesome now the top of the pyramid is application encryption and this is the smallest one not because it only covers a little bit because it allows you to pretty much encrypt as little or as much as you want to you get a lot of flexibility there when it comes to encryption however it is so is the most complicated form of encryption too where you have to code the application now many of us are developers we're coders and so we're not going to shy away from you know application level encryption but it's just important to note that as you go up the pyramid not only does your um do you get more complex but you also get you know more security so it's a trade-off between complexity security and also breath how much coverage you want so that's kind of what's represented by this pyramid but the one thing that still holds true regardless of what what level of the pyramid you're looking at is that with traditional encryption the data still has to be decrypted when you want to use it when you want to use it in your application when you want to read it in the file that data has to be decrypted always any of these methods your data has to be decrypted so when you're looking at data privacy and you're trying to protect your data you're trying to protect yourself your data your company from different types of attacks and we talked about some of those in the previous slide now imagine your environment you have different roles different people with different positions they can do different things so on the right hand side you have chris who's your data center technician and he's just a person who has like physical access to your store's media to your systems because he works in the data center you know um now of course if you're working on the cloud then of course maybe some of these names you'll be like oh well there's no data center there probably is a data center you just probably don't know that they're there because and to you everything is in the cloud but there's a data center somewhere that has your data on it and there's a data center technician who is managing it installing the new computers installing the storage installing like the different adapters and all that fun stuff okay now you also have eve here your storage administrator that person is the one who's kind of managing the storage who has access to this storage versus that storage what level of access do they have um they're the person that knows kind of which applications are associated with which which disk or which which files or data sets then you have your database administrator that's the person who's managing that you know database making sure that you know all the queries and all of that is going smoothly you're going to have your data owner who owns the data you're going to have your security admin who owns you know who's just securing the entire system and then you're going to have you know your laura person who's a support person who may get the dump of your data so considering these different roles that could be in your environment you're trying to protect your data the real idea is to have least privilege and you can start to control these things you can say chris hey i'm going to encrypt my data at the disk and tape level so now chris has no access to it so chris may have physical access but he can't actually make use of any data he can't view it in the clear and then let's say you want to layer on top of that data set level encryption well now that you've done data set level encryption you can make it so even though a storage admin can move data sets around rename it and allocate things they can't actually read or write or open those data sets so it sorry for eve and now think about your support person right if you turn on database level encryption now you're encrypting data in memory buffer so when you dump those memory buffers to give it to the support person so they can diagnose any problems and they can't see the encrypted data either at least not in the clear and then if you encrypt at the application level now your database administrator who normally will be able to see everything coming into and out of that database now what he gets is essentially just encrypted data so he can't see anything so let's see what you're left with and what you're trying to really get down to is the least privilege who are the least people that should have access to the data you know in your environment in our case here the data owner and the security admin now what's interesting is you can do this on your system right you know you have full control over your system you can control and you can set these things up but what happens when your data leaves your environment that is the question so you are the data controller right you are the person you own the data the data is yours and what you want to be able to do is you want you know to send your data off maybe to a cloud maybe to a micro service some cool some cool application out there is doing some machine learning it's doing some analysis it's doing some really cool stuff so what you want to do is you want to send your day to day to be processed so you can get some value from you know that processing that's being done so you're the controller sending data to a data processor but when you send that data to that data processor how do you know how if they're going to protect their your data as well as you do so you may have different layers of encryption and different security technologies and different policies and processes that you implement but you don't know what they have or if they're going to secure the environment as well as you will now you can think about the different types of data that you may be sending over there to get in that and you know analyzed it could be social security numbers it can include health care information it can include credit card numbers so these are sensitive information things that you would want to be protected and be kept private and so you always have this kind of back your head is real is the data going to be protected is there going to be a breach on this other system that i can't control and then are you at risk so let's say you are the data processor so you're the processor you have received this data from all of these different organizations they're sending you data because you have this really cool application that's processing it and giving a lot of valuable analysis and information to those different organizations so you're that processor well can you provide assurance to those organizations that you are unable to access their data that you're unable to access sensitive data so you're the one who's receiving these social security numbers healthcare information and credit card numbers what can you do so question is well what if you could unlock the value of your sensitive data while also preserving privacy it's a cool idea right like what if you could make use of you know the analysis and those algorithms machine learning and things like that without having to sacrifice privacy and security and that's the concept that we're going to try to look at today we're looking at something called fully homomorphic encryption so if only homomorphic encryption is not a new topic it's been around for many many years but it's getting more and more attention it's getting more and more you know there's more and more speed and there's also a whole bunch of new use cases that we're finding to use fully homomorphic encryption but let me go ahead and kind of explain the idea behind this so with fully homomorphic encryption the idea is that you want to keep your sensitive data encrypted at all times so as i showed you before with traditional encryption whether it's across the network or data at rest you encrypt the data you store it somewhere and move it somewhere and then when you want to use the data you have to decrypt it what if you can encrypt the data and then you can do stuff on the data and that data is encrypted the entire time the only person that has access to the data in the clear is the data controller the person who actually owns the data so let me kind of let's break down the steps and of how this works and what this looks like so step one first step you have the data controller you're going to encrypt the data right if this is your sensitive data it could be financial information it could be health information it could be personal information you're going to encrypt it first so on your system you're encrypting that data unreadable to anyone else and then you say hey i heard about this really cool program out there and it can do analysis of data and it supports fully homophobic encryption so he said awesome so what you do is you send your encrypted data over to that program it could be in a cloud it could be some a rest api some service that you're invoking but you're not sending it clear data you're not sending it your keys you're only sending it the encrypted data and you're saying here process it just as is as it is encrypted and because that application supports fully homomorphic encryption it's going to do its operation it's gonna it's machine learning models and everything is all expecting encrypted data and it can handle that encrypted data and so it's doing all of its analysis and everything on encrypted data and when it's done it's going to send that data back to you and that data is still encrypted so it's operating on encrypted data and it's sending you back encrypted data and guess who's the only person who actually can decrypt the data it's you you never gave your key to that organization so they can say yeah they operated on it but all the data was encrypted they didn't have the key they couldn't see any of the data in the clear you get the data back and now you can decrypt it with your key and now you can actually make use of the results so essentially what you've done is you've kind of offloaded you know send some of your you know data over to this environment to have them work on it and get it back and insured or assured that essentially that data remained encrypted all the way through so that's really really awesome so like let's say like you know and you think about why would you want to send your data off and come back there's different scenarios there's a couple of examples that i have here um financial fraud and there's really cool algorithms to figure out like whether or not there's fraud going on there's co-authors around dna and health there's a lot of cool things that you can do um you know if you want to work with third parties and you want to kind of take advantage of different analysis and machine learning so there's a lot that you can do and the idea is that you want to be able to do those things without having to compromise security or privacy so let's take a closer look so i kind of talked about this you know where the data controller side but then you also have the data processor side so on the data controller side this is where you have your data in plain text it's in the clear on your system and you have the full homomorphic encryption engine and so since you have that engine running like in your environment you're the person that goes and actually encrypts that data and then so your data is encrypted you know in your system then what you do is you push that data over to the data processor and say hey here's some encrypted data you can kind of see the little ciphertext looking text there um and you push that data over to the data processor the data processor is going to do computation on that encrypted data and then it's going to send the results back to you and then on the data controller side now you have received this data back and now you can actually decrypt it and process the results so at no point in time was the data processor able to see the data in the clear so this is good for the data controller because you have assurance that you know your data hasn't been modified or viewed and even if even if somebody had gone and there was a breach at the data processor you're still good because you only sent them encrypted data and then you as a data processor let's say you're on the other side of it you know you have insurance and you can say to your clients hey hey we we only got encrypted data from you we couldn't that doesn't matter you know we it hopefully they don't have a breach or anything like that either but even if such things should happen they don't have to worry about it because hey the data was encrypted the entire way through and they can say to all of those organizations and companies that they're trying to do business with hey it's it's you know definitely send your data to us send it fully encrypted and we can operate on it we can send it back to you encrypted and that's kind of a unique value that you may be able to offer to your clients to say that they don't have to be concerned about the security on your platform on your systems because the data is always encrypted even as it's being operated on so here are some use cases you've heard me talk about machine learning a lot that's definitely a big use case um other use cases will be encrypted search um of course i talked about analytics encrypted ai biometrics there's a lot of different use cases that you can use for full homework encryption i will say the one use case that you probably won't see on these charts it's not really like used for transactional type operations so it's not used like when you're you know going into your bank account or you're doing like things that you would normally do like encryption and transit or things where you're like you know opening a database and you're trying to encrypt the data that's going in and going out as it's going through its transactions um so it's really used for things that are kind of like bigger like those you know machine learning type applications a ai type of application those things types of things is what it's used for now eventually of course you could get to the point where we can do more transactional things as it gets faster but there's a lot of really strong use cases especially for those who are looking at machine learning ai analytics biometrics a lot of really great use cases to make sure data stays protected just pretty much even as it leaves your environment so question is who is the intended audience for hopefully homomorphic encryption it is data scientist application developers i say on here no cryptography extras but that's not really true um crypto experts needs two but the point is that you don't have to be a crypto expert to use fully homework encryption i'm going to kind of show you a little bit of that but you do not have to be a cryptocurrency third time you don't have to be a crypto expert to use the legal morphic encryption um really the audience for this is is you we want you to use you know these tools the idea is to make it simple enough for application developers data scientists anyone to use this very very easily and if you have feedback we would love to hear from you back on your use of flipping encryption so what i'm going to do for the next eight minutes or so is i'm going to take you through short demo we'll see if it works of course you know whenever we do a live demo you never know how it's going to go but i would like to kind of show you this toolkit and there's a link if it's not in the presentation that you download because i just added this i can also send that to you or maybe i'll paste it in the chat but if you go out to github you can look up fhe ibm and you can get to the information on the fhe tool because it's out there it's available for you guys to use so i'll just give you a quick demo so you can see it so let me escape out of here and this is uh something to reconnect because i had disconnected it earlier i stopped it because i wanted to be able to start it so you guys can see so let me show the desktop clear this away so there's less color here and so i want to do my system here this is just an ubuntu system and in here i'm going to start the toolkit so i have a little cheat sheet of commands that i'll use for this system so let me do that but just to kind of explain the steps so at this point in the linux so what i have done is i have actually gone out to the page so i've gone out to do not that one like that one here's one so if you go out to github and you go to the linux you can go and see the fh okay here you can see all the different files here if you scroll down um you'll see more information about the toolkit and then you also get step-by-step instructions on how to run the toolkit now the version that i'm doing now is i'm doing the i guess the advanced document playing around with that so the stuff that i actually did before what you're seeing now is i did the git clone so i cloned the repository and now i'm in the fht toolkit linux folder i already built the docker images and instead of using centos here of course i use ubuntu um i can look at the docker images and see them there but what i'm going to do now is i'm actually going to do a run so i'm actually going to do this option but i'm going to do it with ubuntu so let me go ahead and i'm going to run and we're going to see if it actually will do what i want it to do let me go here facial development is open for business so it looks like i am good to go there so i'm going to go back here here where it was kind of spinning for a while i'm going to reconnect and yeah this is not private because this is a self-signed certificate so that's why you see that it's not just an fyi it's just for the demo purposes it's a self-signed certificate which means the browser is not happy because it can't go to a ca and verify it okay so i'm waiting for some stuff to load here okay there's my prompt so i'm going to use this build here and that is for s390 is for the ibm z mainframe and so i'm going to use that version for the build and we're just going to let that run okay so that is good so now i'm gonna go ahead so now that i've run that it's pull it in the compiler let me do the build and what is this doing essentially like building my workspace and environment and everything and i'll show you kind of what's it there what you'll see you're going to start to see some of the examples privacy preserving key value search credit card fraud detection inferencing so in this environment here it's like essentially an ide so you have to actually go here you can see the bill and all the c make you can also go here examples which is really nice and you can actually see the code for the examples um so here one of the things we're going to run we're going to do a search on countries it's a country look up we're essentially doing an encrypted search so we're going to do that and you can see some of the code here which is written in c you also have there's another one for country packed country database blah blah blah that's for that oh there we go credit card fraud so there's also the credit card fraud you can see those details here so essentially all this is code that you can go you can look at you can run um that's kind of what's meant by this toolkit it's meant to be something really you know hands-on something you can really see and understand fully homomorphic encryption so let's actually do one of the demos because that's always fun to just see it working so let's do the country one first so um first thing i will do is we built the workspace i'm gonna move this little thing out of the way so i can see and i want to play and i want to play privacy preserving key value search and basically what this is going to do is i want it's going to ask me you know select a country and it's going to tell me what the capital is that i count you but it's all doing it on encrypted data so it's not your typical up so if i put in like a country like germany and i hit enter what it's going to do is it's going to go through and it's going to look up the capital of germany and i can put in other um i can put in other countries as well oh thanks aaron for putting that the link out there for me as you see that now in the chat so it just found um berlin i've played around with the different countries um i think i've done like france oh wait let's see if we do careers i'll actually have to play it again and then cut friends okay there we go i think i did at some point find like some country that it didn't like have in here but generally speaking you get the ideas that it can actually do search on encrypted data as part of the value now let me show you the one that i think is really really cool which is the example around uh credit card fraud detection so let me play that one and this one does take a little bit of time to run so i will say that so it'll run in the background i'll kind of explain some things that you're seeing but what you're going to see is you're going to see like a client site and you're going to see like a server side and i think it has 24 of these different things that it's going through and as it goes through those different things you're going to see that the client side is actually doing the encryption of the data encrypting the model and then on the server side what it's doing is taking that encrypted data and it's processing that encrypted data and this and trying to detect whether or not there's fraud and the fraud detection is essentially based on machine learning algorithm that they're using for fraud detection but the whole point is that it's doing the actual operation itself on encrypted data rather than doing the operation on clear data and that goes back to like the value of hey you want to send your data off to some you know some data processor some you know cool tool out there you want them that you want to get the the value and the results back from that application that's being built but you don't necessarily want you know them to have access to your sensitive data you know like credit cards for example um in case there's a breach or an insider attack and so what you can do is you just send them the encrypted data and as long as that data processor supports fully homomorphic encryption then they can operate on that data without ever having to decrypt it and still send you the results back in an encrypted form so that only the um the data controller can actually access it in the clear so that's really the value here and so i think if i scroll up far enough you'll see the different batches so let's look at batch 24. that was the last one so here you can see on the client side where it's encrypting the samples it says plain samples but that means like plain text or clear samples it's saving those encrypted samples it's going to send those over to the server the server is going to load those encrypted samples do its prediction right using machine learning over those samples save the encrypted predictions send that back to the client or the client can load those predictions decrypt it and then assess the results and then of course just like any machine learning algorithm you can see you know the score the precision and things like that for the algorithm but just think this entire you know process was done in the in the in on encrypted data very nice thank you so much esha um so we do have 10 minutes left for q a um and we do have some questions here is that okay i would hate to interrupt your flow i don't know go ahead i think the only thing i was going to mention on here is that there's more information on the deck about blogs and how to join and surveys and stuff like that but i want everybody to jump in yeah definitely ask questions love it awesome so um this is a question from an attendee uh akiva uh jesselsen and they say so this tool is only for developers or data scientists is it not targeted uh to end users like finance or accounting who work on sensitive data oh absolutely i said yeah i think maybe i should maybe i should call that a little bit more application developers application developers of all sorts right it can be in the finance it can be you know you can build your own homegrown internal it doesn't mean you don't have to be a data scientist it's any any application developer i should have probably highlighted that more no problem and um let's see so i have a question for you isha um with quantum computers on the rise um and you know how it's kind of like they're cracking these cryptographic um functions or however you want to call it um how do you see the um i think you call it homomorphic encryption how do you see that in the future against you know being cracked by quantum computers so what's interesting with quantum is quantum can break different types of algorithms depending on the length of the algorithm and what type it is so right now the concern in the industry is around the asymmetric algorithm so think like rsa elliptic curve those things that we use for like key distribution and digital signatures are most at risk even your your rsa 40 96 which you think is super strong yeah that can be broken really really easily with a quantum computer elliptic curves is better um of course but but our say yeah just that's going to be out of there but you don't worry about that today fortunately because we don't have enough qubits yet to actually break it but the idea is as they increase and have more and more cubits then those asymmetric algorithms are at risk now for the symmetric algorithms those are are have less risk so essentially their key strength our cryptographic strength is kind of cut in half um when you think of quantum so you still are okay if you're using like aes 256 and those for like traditional encryption now for fully homomorphic encryption the algorithms that they're using are actually lattice-based they're using a lot of space cryptography which is quantum resistant or quantum safe so for fully homomorphic encryption it's not at least at this point it's not a concern because the algorithms that they're working with are quantum safe algorithms thank you so much and um we have another question um so from chijioki he's asking would it determine when the encryption keys are compromised without any imminent attack yet and um i'll let you answer that so would it determine if um the cryptographic keys so i can't i'm gonna ask you to repeat that again i was kind of iffy about it but i thought oh chichi okay go ahead aisha man thank you so much for the presentation i mean i didn't know so much about security versus action would he be able to determine when their encryption keys are compromised without any eminence attack yet yeah i think so that's actually one of the big challenges that i see just in crypto in general whether you're using fully homomorphic or using other encryption it's how do you know when the keys have been compromised generally you may not know a key has been compromised until you see your data on the dark web somewhere right and that's when you know your cryptographic key has been compromised however you can make it you can add layers and layers of security to prevent um the key from being or to make it hard really really hard because your goal really as a security person right is to make it as hard as possible for someone to you know breach your system you want you want to make them blow through like as much work as you can think of think of a labyrinth you want you want them jumping through hoops you don't want it to be easy your goal is to make it as difficult as possible so you can do layers of things like making sure that for your cryptographic keys some keys you can store them in different key parts and you can have different key owners or those different parts so that can help you against like things like fishing whether it's target fishing or not you can think of things like having like strong cryptographic keys i think for full morphing encryption they're already pretty strong keys so there would be you will have the risk of a brute force attack if you use really short keys right um so i will say that it's very difficult to know if the key has been compromised unless you have seen that you know unless you're kind of like post breaching you're like oh this is what happened um there are some signs to know that you are at risk of a compromise key which would be if your key was stored somewhere in the clear if you if you only have one key custodian um if you have maybe a disgruntled employee somebody's really really really bad really unhappy then you may be average so those those kind of scenarios but from my perspective and what i've seen in my years is it's really tough to know when a key has been has been compromised so what we do is we just try to protect against it and make it as difficult as possible to you know get those keys so um let's see here oh thank you for your response by the way um so akiva is following up with their question from earlier and they just want to get some clarification so this um the intended audience would more or less be for developers and not necessarily for technical users i think that everybody should i know about the concept of fully homomorphic encryption because i think whether even if you're not a developer just knowing that it exists then you can work with your development team to implement it um i don't know if there are any like um box solutions for homeowner actually there may be some i know ibm um services does tend to make services available around homeowner encryption so they might have some out-of-the-box solutions that don't require development for this particular toolkit you definitely have to be a developer um but what i can do is i can look up and see if there are some out-of-the-box solutions around photomorphic encryption i believe there may be some that are available now um that would not involve coding but will allow you to make use of it so i will have to investigate so you may have to send me an email um i have my email address i scroll back far enough on the first slide here misha us.ibm.com so if you can email me then i can go and look and see if there's anything out of the box that doesn't involve having to code very cool thank you so much um so we currently i think that exhausted um the amount of questions we have for right now um any other insight you would like to add isha um just that i hope people i hope people like this session and that um it's a really cool technology remember when i first heard about it maybe like a few years back i was like oh this is awesome and then i would hear articles and they would say oh it's too slow for this it's too slow for that and like huh it's kind of a bummer so it's great to see that now we have these really cool use cases and that also the performance is sped up so that we can use it for some really cool stuff because ai machine learning analytics that that's all like here it's now um and everybody's using it and so it's great that we have like these really strong use cases for homomorphic encryption where we can protect data and also be able to do these new and cool you know or use these new and cool technologies yeah it is really cool and i think you're on the forefront of all of that and i think ibm's doing a great job in kind of trailblazing these different technologies yeah yeah it's very cool uh let me see let me ask the audience um so would anybody have any other questions at this time before we conclude uh this presentation let me see so it looks like okay if there's no other questions um i would just like to add some concluding remarks if isha would like to do so before me so um i would just like to thank everyone for attending this session for hopefully go out there play with the toolkit look at the slides there's a bunch of links in there to tell you what you can do with homomorphic encryption um just have fun excellent thank you so much and um really thank you again isha for being here and for presenting uh this amazing topic and i think there's a lot of value um to be gained from you know your insight and the demo was pretty cool um very complex to say the least but it is very cool um and thank you again for all the attendees for your questions and your interactions during the session um i would implore the audience to contact a speaker if there's any questions specific to this topic and to us at datacon la feel free to provide your feedback any comments you may have and thank you again for joining today's presentation have a wonderful day and thank you for being a part of this year's datacon la bye

Info

Channel: Data Con LA

Views: 29

Rating: undefined out of 5

Keywords:

Id: LLCqmSTiqTQ

Channel Id: undefined

Length: 40min 11sec (2411 seconds)

Published: Thu Sep 30 2021