STRIDE - STRIDE secure transparent resilient independent distributed execution

STRIDE (secure transparent resilient independent distributed execution) aims to revolutionize confidential data analytics by developing a secure, efficient, and formally verified data processing system for cloud and edge environments. Over 82% of data breaches today involve data in cloud datacenters, with significant financial repercussions averaging over 4.4 million per incident. This project addresses the critical need for secure data analytics in an era of increasing data breaches and privacy concerns.

Building on our groundbreaking research in combining software and hardware security mechanisms, STRIDE will advance our proof-of-concept to a prototype at technology readiness level (TRL) 6. This prototype will automatically transform and execute data analytics queries using various security mechanisms while providing strong, formally verified guarantees. To achieve this, we extend our formal programming techniques to develop a novel extended security policy that assigns mechanisms to custom security levels used to label data. This policy is integrated into a query transformation pipeline that leverages formal programming languages and type systems to ensure optimal use of security mechanisms.

STRIDE thereby uniquely combines four key properties:
Securified: Data is secured end-to-end with strong, formally verified guarantees. Transparent: Data analysts can write queries without security concerns.
Independent: Execution is not tied to specific security mechanisms, enabling cross-platform compatibility.
Efficient: The system minimizes overhead by optimally combining different security mechanisms.

The project will extend our formal programming techniques to achieve comprehensive confidentiality guar
antees, prevent indirect data leakage, and provide integrity against active attackers. Our approach hinges

on a novel generalized security policy that assigns mechanisms to custom security levels used to label data, employing formal programming languages and type systems to automatically transform SparkSQL queries.

The expected outcome is a prototype that demonstrates significant performance improvements over existing solutions while providing stronger security guarantees. This will position STRIDE as a game-changer in the rapidly growing confidential analytics market, estimated to reach $5.3 billion by 2026. Our innovation will enable businesses to leverage cloud and edge computing for data analytics without compromising on security or efficiency, potentially saving millions in data breach costs and unlocking new opportunities in data-driven decision-making across various sectors.

By addressing the challenges of using complex security mechanisms in distributed environments, STRIDE aims to facilitate secure data processing for organizations that may lack expertise in cybersecurity. This project not only promises substantial economic benefits but also contributes to societal trust in digital data management practices, fostering a safer environment for sensitive information across industries such as finance, healthcare, and governance.