Federated Secure Computing enables multiple data owners to collaborate without sharing their proprietary data.
- Federated: connects their different servers on-premises and in the cloud
- Secure: encrypts all communication in their private peer-to-peer network
- Computing: acts as a middleware to let them run joint analysis on their data
The motivation, architecture, design, and implementation choices are explained in a detailed 25-page technical whitepaper. The whitepaper has been published in a peer-reviewed open access journal. Read it here.
For non-technical background information, see the project's landing page at www.federatedsecure.com.
Support is available at [email protected].
The project is hosted by LMU Munich and funded by Stifterverband.
In this simple tutorial, we are going to compute a secure sum between three parties.
Python 3.x is all you need to follow along.
In the Federated Secure Computing architecture, every party runs their own server. The server holds the private data of each party. Computations happen in an encrypted peer-to-peer network between the servers. Only the result of the computation is then revealed to all servers.
In the following example, we are running three servers on the same machine. In reality, they could be all over the world and on very different types of machines.
Let us begin by installing the base server and SIMON, a propaedeutic protocol for 'SImple Multiparty computatiON', so we can actually do some secure calculations:
pip install federatedsecure-server
pip install federatedsecure-simon
Federated Secure Computing is provided through an OpenAPI 3.0 definition. You can easily generate server stubs for your favourite webserver. We premade a Connexion/Flask app served by Uvicorn:
pip install connexion[flask,uvicorn,swagger-ui]
git clone https://github.com/federatedsecure/webserver-connexion
For this example, we are running three servers on localhost on ports 55501 through 55503. Feel free to use any other ports:
cd webserver-connexion/src
python __main__.py port=55501 &
python __main__.py port=55502 &
python __main__.py port=55503 &
You may want to check if the servers are running by browsing to http://127.0.0.1:55501/representations.
Done! Your system is now running a functional Federated Secure Computing cluster.
Federated Secure Computing works with clients in any programming language. For the following, we stick to Python. Install the Federated Secure Client wrapper with
pip install federatedsecure-client
Now copy the following client code to secure_sum.py
:
import sys
import federatedsecure.client
# The three servers we started form a peer-to-peer network. Their adresses and ports need to be known to each other:
SHARED_NODES = ['http://127.0.0.1:55501', 'http://127.0.0.1:55502', 'http://127.0.0.1:55503']
# every calculation in Federated Secure Computation is identified by a unique identifier. This UUID is shared by all three servers:
SHARED_UUID = "387a7282-c380-44c9-aede-08da7e931931"
if __name__ == "__main__":
MY_INDEX = int(sys.argv[1]) # first command line argument identifies the node and must be 0, 1, or 2
MY_NODE = SHARED_NODES[MY_INDEX]
MY_NETWORK = {'nodes': SHARED_NODES, 'uuid': SHARED_UUID, 'myself': MY_INDEX}
MY_SECRET = int(sys.argv[2]) # second command line argument is the secret input
api = federatedsecure.client.Api(MY_NODE) # connect to the server
microservice = api.create(protocol="Simon") # request the SImple Mulitparty computatiON protocol
result = microservice.compute(microprotocol="SecureSum", data=MY_SECRET, network=MY_NETWORK) # and do the calculation
print(api.download(result)) # receive the result of the computation.
That is all.
We now let the three clients run in parallel:
python secure_sum.py 0 19 &
python secure_sum.py 1 5 &
python secure_sum.py 2 61
The result reads:
{
'inputs': 3,
'result': { 'sum': 85.0 }
}
Did it compute? Congratulations, you have successfully computed a secure sum.
repository | license | CodeQL | rating | issues | pull requests |
whitepaper | |||||
api | |||||
client-javascript | |||||
client-python | |||||
client-r | |||||
server | |||||
service-simon | |||||
webserver-connexion | |||||
webserver-django |