pattern-white

Introducing Prism AI

Prism AI is a cutting-edge platform meticulously engineered to empower organizations and developers in executing confidential workloads within secure enclaves known as Trusted Execution Environments (TEEs). Whether operating in private, hybrid, or public cloud settings, Prism AI excels in provisioning secure encrypted Virtual Machines (VMs).

At its core, Prism AI offers an extensive Hardware Abstraction Layer (HAL) and runtime environment within these VMs, orchestrating secure computations and vigilantly monitoring their execution. This unique combination of features sets the stage for Secure Multi-party Computation (SMPC), enabling organizations to collaborate securely on AI projects while preserving the privacy of sensitive data.

Prism AI is more than just a platform; it's a catalyst for privacy-preserving collaborative AI. It equips users with a versatile set of tools, libraries, and software components, facilitating seamless and secure data exchange. This capability enables developers to engage in collaborative AI initiatives with confidence, knowing that their data remains confidential throughout the process.

With Prism AI, secure data sharing becomes a reality. Organizations can harness the power of AI while ensuring the utmost privacy and security for their data. Collaborate, innovate, and harness the potential of AI in a confidential and protected environment with Prism AI.

Prism AI Features

Computation Definition and Management

Prism AI simplifies computation definition and management, enabling users to effortlessly define and execute secure workloads within Trusted Execution Environments (TEEs). This feature facilitates efficient orchestration of computations while maintaining data confidentiality.

Fine-Grained Access Control

Prism AI empowers users with fine-grained access control through policies and attribute-based access control (ABAC) or role-based access control (RBAC). Ensure that only authorized entities access your orichestration metadata, while AI algorithms and data are never uploaded to Prism AI - only in the private confidential enclaves previously attested by the user.

Secure VM Provisioning and Management

Prism AI excels in secure VM provisioning, management, and monitoring, ensuring the confidentiality and integrity of virtualized environments. Seamlessly deploy and maintain secure Virtual Machines for your workloads.

Hardware Abstraction Layer (HAL)

Prism AI integrates a comprehensive Hardware Abstraction Layer (HAL) and runtime environment inside secure enclaves. This enables the execution of workloads with a focus on security and confidentiality.

In-Enclave Agent

Prism AI includes an In-Enclave Agent, serving as an execution scheduler and coordinator within secure enclaves. This agent enhances the efficiency and security of your workloads.

End-to-End Encrypted Traffic

Prism AI ensures end-to-end encryption for traffic, safeguarding the confidentiality and integrity of data transmissions. Collaborate on AI projects with the assurance that your data remains secure.

Remote Attestation Mechanism

Prism AI implements a robust remote attestation mechanism, verifying the integrity of remote systems. This ensures that your workloads run in trusted environments, even in untrusted or remote settings.

Multiple Computational Backends

Prism AI supports a "bring your own backend" approach, enabling the introduction of any TEE-capable node into the infrastructure. Computational node can be enabled via open-source Cocos AI platform, enhancing flexibility and scalability.

Intuitive User Interface

Prism AI offers an intuitive user interface, simplifying the management and orchestration of secure workloads. Experience seamless control over your confidential computing environment.

Platform Logging and Instrumentation Support

Prism AI offers comprehensive platform logging and instrumentation support, including Grafana, Prometheus, and OpenTracing integration. Gain complete visibility and insight into your secure computing environment's performance.

Container-Based Deployment

Prism AI facilitates container-based deployment using Docker and Kubernetes for cloud components. Additionally, it offers a set of provisioning and configuration scripts for confidential server components. Streamline your deployment process for enhanced efficiency.

SDK and CLI

Prism AI provides a comprehensive Software Development Kit (SDK) and Command-Line Interface (CLI), simplifying development and management tasks. Accelerate your workflows and interactions with the platform.

Small Memory Footprint and Fast Execution

Prism AI boasts a small memory footprint and lightning-fast execution, ensuring optimal performance. Execute your workloads efficiently without compromising on speed.

Open Source

Core part of Prism AI - Cocos AI - is open source, published under the Apache 2.0 license, enabling transparency, rapid bug fixing, customization, and collaboration. It fosters heightened security and innovation within a thriving developer community.

Prism AI Architecture

Prism AI, the pinnacle of secure collaborative AI, boasts an intricately designed architecture tailored to meet the complex demands of confidential computing and collaborative artificial intelligence. This architecture empowers developers and organizations with a robust foundation for secure, scalable, and innovative AI applications.

Prism AI Architecture

1. Cloud Services: Prism AI leverages a microservices-based architecture, with each service containerized using Docker and orchestrated by Kubernetes. These cloud services include the Computations service, responsible for managing confidential multi-party computations deployed within secure enclaves, Users service, that offers user and organization management, Authorization service, ensuring robust authentication and policy-based authorization, and an intuitive user interface (UI).

2. TEE Manager: The Trusted Execution Environment (TEE) Manager is a critical microservice running on host hardware equipped with TEE hardware. Its role is to dynamically deploy and configure TEEs required for confidential multi-party computations. Once a computation is deployed within a newly-created TEE, the Manager actively monitors its execution and health. After the computation is complete and the result is extracted from the enclave, the Manager ensures the secure destruction of the TEE and nullifies all associated data, maintaining confidentiality.

3. In-Enclave Agent: The In-enclave Agent is an open-source, lightweight component running within the enclave. It serves as a coordinator for algorithm execution, establishing TLS-encrypted channels over which clients (Data Providers and Algorithm Providers) can securely upload AI algorithms and datasets. Additionally, the In-enclave Agent provides remote attestation for the TEE, ensuring the integrity of the execution environment.

Open-source Core with Cocos AI

The core components of Prism AI, including the TEE Manager and In-enclave Agent, are part of the open-source Cocos AI project. This integration ensures that every computational node, whether located in the cloud or in a private data center, benefits from the robust features provided by Cocos AI.

Cocos AI runs on every node equipped with TEE hardware, providing essential functionality for TEE creation, management, and computation orchestration. By leveraging Cocos AI, Prism AI inherits advanced capabilities such as secure enclave management, confidential VM orchestration, and remote attestation procedures.

This open-source approach fosters transparency and community-driven development, ensuring that Prism AI remains at the cutting edge of privacy-preserving collaborative AI. Users can rely on Cocos AI’s established and tested features to support their secure computing needs, while benefiting from the continuous innovation and improvements contributed by the open-source community.

Open-source Core with Cocos AI

How Prism AI Works

Step 1

User creates a Computation, defines characteristics, and participants. A secure VM (TEE) is provisioned and prepared for use.

Step 2

Program and Data Providers upload programs and datasets into the enclave using secure CLI and remote attestation.

Step 3

Programs are executed over combined datasets, coordinated by an in-enclave Agent, following the Computation manifest.

Step 4

Results are sent to the Result Consumer user as the algorithm completes execution inside the enclave.

Intuitive User Interface in Prism AI

Intuitive User Interface

Prism AI features an intuitive user interface designed to simplify the management and orchestration of confidential workloads. The UI is crafted to enhance user experience, providing seamless navigation, easy configuration, and real-time monitoring of computational tasks.

With a user-centric design, Prism AI's interface offers comprehensive controls and visual aids, enabling users to effortlessly set up, monitor, and manage secure computations. This ensures that even complex workflows are straightforward to handle, reducing the learning curve and boosting productivity.

The intuitive UI is integrated with powerful features such as visualization tools, real-time logs, and status updates, providing users with clear insights into the health and performance of their computational tasks. This enhances decision-making and operational efficiency, making Prism AI a user-friendly platform for secure AI and data processing.

Multi-tenant And Strong Security in Prism AI

Multi-tenant And Strong Security

Prism AI is built with multi-tenancy and robust security in mind, ensuring that each tenant's data and computations remain isolated and protected. This design supports the deployment of multiple users or organizations on a single platform without compromising privacy or security.

With advanced security features such as fine-grained access control, encryption at rest and in transit, and rigorous authentication mechanisms, Prism AI guarantees the confidentiality and integrity of all data and computations. The platform’s multi-tenant architecture is designed to handle diverse workloads while maintaining high security standards.

Prism AI's security model is complemented by continuous monitoring and automated threat detection, ensuring that potential vulnerabilities are identified and mitigated promptly. This proactive approach to security helps maintain a secure and compliant environment, making Prism AI an ideal choice for organizations requiring stringent security and multi-tenancy support.

BYO Backend in Prism AI

Bring Your Own Compuational Backend

Prism AI is designed with a flexible architecture that supports multiple computational backends, adhering to a "bring your own backend" approach. This flexibility allows the integration of any TEE-capable node into the infrastructure, enhancing scalability and adaptability.

Through seamless integration with the open-source Hardware Abstraction Layer (HAL) provided by the Cocos AI platform, Prism AI enables efficient and secure execution of confidential workloads across various environments. This ensures that organizations can leverage their existing hardware investments while maintaining high standards of security and performance.

By supporting multiple computational backends, Prism AI empowers organizations to deploy secure multi-party computations in diverse settings, from private data centers to public clouds, ensuring the confidentiality and integrity of sensitive data throughout the process.

Multiple Workload Runtime Support

Prism AI is designed to support a wide range of computational workloads within secure enclaves, enhancing its versatility and adaptability. This support is essential for meeting diverse computational requirements and advancing the capabilities of the platform.

Users can seamlessly execute:

  • Python AI Algorithms: Leverage Python’s extensive ecosystem for machine learning and data science, utilizing the necessary libraries and tools.
  • Docker Containers: Deploy containerized applications with all dependencies included, ensuring consistency and scalability across different environments.
  • WebAssembly (Wasm) Workloads: Execute lightweight, high-performance code efficiently, enhancing the platform’s capability to handle a variety of computational tasks.
  • ELF Binaries: Run executable Linux binaries, expanding the range of supported workloads to include various custom applications and utilities.

With Prism AI's comprehensive support for these workload types, users can confidently develop, deploy, and manage a broad spectrum of computational tasks within a secure, privacy-preserving environment. This capability drives innovation and efficiency in confidential computing, enabling groundbreaking developments in various fields.

Multiple Workload Runtime Support in Prism AI
Enclave Monitoring in Prism AI

Enclave Monitoring, Events, and Logs

Prism AI offers comprehensive monitoring, event tracking, and logging capabilities to ensure the security and integrity of computations within secure enclaves. This feature is crucial for maintaining transparency, detecting anomalies, and ensuring reliable operations.

The platform continuously monitors the health and performance of enclaves, providing real-time insights into the execution of confidential workloads. This proactive monitoring helps in identifying and addressing potential issues promptly.

Additionally, Prism AI generates detailed event logs, capturing significant activities and events within the enclaves. These logs are essential for audit purposes, compliance, and forensic analysis, ensuring that all actions are traceable and verifiable.

The logging system is designed to securely store and manage logs, preserving their integrity and confidentiality. This ensures that sensitive information is protected while enabling thorough analysis and troubleshooting.

With Prism AI's robust enclave monitoring, event tracking, and logging capabilities, organizations can maintain high standards of security and operational excellence, fostering trust and reliability in their confidential computing initiatives.

Where Prism AI is Used

Healthcare

In the healthcare sector, Prism AI brings the power of confidential computing and secure multi-party computation (SMPC) to protect sensitive patient data and enable collaborative research. Healthcare organizations can securely share and analyze patient records, conduct research on medical data, and develop AI-driven healthcare solutions while maintaining data privacy and compliance with regulations.

Finance

In the finance sector, Prism AI enhances data security and privacy for financial institutions and organizations. It enables secure data sharing and collaborative financial analysis while protecting sensitive financial data. Financial organizations can securely exchange financial information, perform risk assessments, and develop AI-driven financial models, all within confidential computing environments.

Government

In government agencies and institutions, Prism AI ensures data security and privacy for critical government operations. It enables secure multi-party computation (SMPC) for collaborative data analysis, secure data sharing between government departments, and confidential computing for sensitive government applications. Government entities can leverage Prism AI to protect classified information, enhance cybersecurity, and drive data-driven policy decisions.

Subscribe to Our Newsletter

Stay updated with the latest news, updates, and announcements.