In the Data Era, How to Ensure Data Security?
In the big data era, data is the most important thing. From a personal point of view, clothing, food, shelter and transportation all generate data, including the most basic personal information, historical consumption records and so on. If stolen, there could be property damage or even more serious consequences. From the perspective of enterprises, data is a key part of market competition, and the protection of user data security is the most basic responsibility, related to the development and credibility of enterprises. Therefore, no matter from which point of view, data security protection must be done.

The data security we often talk about can be understood from two aspects:
(1) Data cannot be tampered with.
(2) Data privacy security.
Decentralized distributed system ensure that data cannot be tampered with, deleted or falsified at will, and that individuals can view their and other’s transaction records at any time, which is the first point to guarantee the data security. On the other hand, the privacy of data cannot be guaranteed. Data security and privacy are like that people cannot have the cake and eat it, but some people want to eat it before having it.
For example, in order to ensure safety, Ethereum has sacrificed its speed, so its TPS is relatively low. However, as a public chain, since it really wants to be more in-depth application and popularization, the key is to solve the speed of transactions. For the reason, the Ethereum team proposed to increase the speed by the sharding technology. In the case of no sharding, the whole network task is serial. The whole network with N sharding structures, can make tasks be executed in parallel and increase efficiency. However, the technology of sharding is very complex, and it is very difficult to actually land, but easy to produce ‘control attack’.

Bitcoin is also greedy. From a transaction point of view, the distributed network is secure and not easy to be tampered with. But security alone is not enough. It also wants to speed up transactions and ensure the privacy of transaction data. Therefore, bitcoin uses the lighting network to innovate the existing payment system. The lighting network can be understood as a private conversation between two users and can be traded on a point to point basis. As long as the two sides comply with the rules, there is no need to broadcast these separate transactions to a wider bitcoin network.
In order to protect data security, it has been suggested that TEE technology may be a good solution to ensure that all data runs in a trusted environment, like Apple’s ecosystem.
It can be found that Apple first uses trusted technology to tightly control the boot and load environments at the hardware level, and the hardware is designed by its own vendor. In addition, Apple uses a very centralized approach, so that all programs that log in App Store must pass Apple’s official certification and testing. In this way, they provides users with a very safe closed source ecosystem. Therefore, users will trust the operating environment provided by Apple and trust the data to be executed by the software.
TEE(Trusted Execution Environment) contains Intel SGX, Intel TXT, TPM, ARM Trustzone. TEE technology can prevent other applications from snooping and tampering with the state of protected applications and programs in trusted environments.
But recently, Intel’s SGX has been attacked, and hackers can easily get key and privacy data. If we rely solely on the consensus agreement of a single TEE technology, there will be no doubt that we will face losses. To avoid reliance on a single TEE technology, HCGraph (Heterogeneous Consensus Graph Protocol), which incorporates multiple technologies, may be a safer solution. HCGraph not only ensures that data is reliable in a trusted environment, but also ensures that it will not be tampered with, while effectively avoiding attacks against a single TEE, ensuring data security from all levels.
