https://s3-us-west-2.amazonaws.com/secure.notion-static.com/f5078987-3743-4a3d-96ed-dea491d46b02/logo-kara.png

Kara: A privacy-preserving data cloud for health care

Own your health data. Improve medical research.

1. Summary

Kara is a privacy-preserving tokenized data cloud for medical data. Medical data is currently locked in data silos due to regulations, policies, etc.

  1. Data providers have full access and control of their data. They can describe self-enforcing rules how and when their data can be used by data consumers.
  2. Privacy-preserving techniques can free this data by providing data analytics without exposing personal information and usher exciting applications.
  3. Distributed ledgers can then monetize this data and create private data markets.

2. Our System

Kara's data market relies upon three building blocks: Blockchain, Secure computation and Program verification

Kara's data market relies upon three building blocks: Blockchain, Secure computation and Program verification

2.1 Sterling: Privacy-preserving analytics on the blockchain

Sterling is Kara's backend and provides us with an efficient and scalable approach to train analytics models within a decentralized trustless ledger.

2.1.1 Sterling - Trusted Hardware

Sterling leverages trusted hardware to split consensus and compute - allowing confidentiality-preserving computation

Sterling leverages trusted hardware to split consensus and compute - allowing confidentiality-preserving computation

Confidential smart contracts automatically negotiate the transfer of data points. If the data consumer's contract fulfills the policies of the data providers, Sterling performs computation on this data in a confidentiality-preserving way inside a trusted hardware enclave, keeping model and data secret for both parties.

2.1.2 Sterling - Differential Privacy

Sterling leverages differential privacy, allowing us to bound any data leakage even after training the model

Sterling leverages differential privacy, allowing us to bound any data leakage even after training the model

All models are trained with a differentially private mechanism to bound any data leakage after the data consumer receives the model. In this way, the data consumer can't determine through their model, what data was being used.

Papers: