Honest Computing: Achieving demonstrable data lineage and provenance for driving data and process-sensitive policies

TL;DR

Honest Computing proposes a framework for auditable, transparent data provenance and policy-driven processing by combining confidential computing with trustless, distributed ledgers. It defines data provenance and lineage, uses Technology Readiness Levels to anchor a practical architecture, and relies on cryptographic attestations and deterministic execution to enable verifiable honesty. The paper details threat modelling, reference specifications for confidential computing, multi-level consensus, and distributed ledger technologies, and discusses benefits and challenges such as data revocation, right-to-forget constraints, data volume, and cross-system communication. Its significance lies in offering a technically concrete path for regulators and organizations to enforce privacy, accountability, and ethics in data-driven decision processes, across domains like healthcare, finance, and supply chain.

Abstract

Data is the foundation of any scientific, industrial or commercial process. Its journey typically flows from collection to transport, storage, management and processing. While best practices and regulations guide data management and protection, recent events have underscored its vulnerability. Academic research and commercial data handling have been marred by scandals, revealing the brittleness of data management. Data, despite its importance, is susceptible to undue disclosures, leaks, losses, manipulation, or fabrication. These incidents often occur without visibility or accountability, necessitating a systematic structure for safe, honest, and auditable data management. In this paper, we introduce the concept of Honest Computing as the practice and approach that emphasizes transparency, integrity, and ethical behaviour within the realm of computing and technology. It ensures that computer systems and software operate honestly and reliably without hidden agendas, biases, or unethical practices. It enables privacy and confidentiality of data and code by design and by default. We also introduce a reference framework to achieve demonstrable data lineage and provenance, contrasting it with Secure Computing, a related but differently-orientated form of computing. At its core, Honest Computing leverages Trustless Computing, Confidential Computing, Distributed Computing, Cryptography and AAA security concepts. Honest Computing opens new ways of creating technology-based processes and workflows which permit the migration of regulatory frameworks for data protection from principle-based approaches to rule-based ones. Addressing use cases in many fields, from AI model protection and ethical layering to digital currency formation for finance and banking, trading, and healthcare, this foundational layer approach can help define new standards for appropriate data custody and processing.