Discover how you can start sharing your data easily and securelybook a demo
Nevermined enables the sharing of data between disparate parties, whether they are internal or external to your organization, and it does so in safe and reliable manner. Built with ecosystem users in mind, Nevermined opens up endless possibilities for how data can be leveraged to create value.
The main NEvermined users are:
Organizations or individuals with data they would like to share and possibly monetize.
Organizations or individuals looking for data sets to accomplish their business objectives.
Data sharing ecosystem
The main capabilities are:
Facilitating data monetization in which Data owners can make available their data in return for rewards/benefits when others get access to it.
Providing an means for easy data publishing or data access for the users.
Providing a Decentralized Access Control mechanism where unassociated actors can feel confident that other members of the system will play honestly.
Supporting free or paid data access scenarios.
Supporting full provenance by tracking all interactions related to ecosystem assets or services (i.e. when assets are created in the system, who has access, when the access was granted, etc.).
In order for assets to be used within Nevermined, they must first be published to the network. In order to publish an asset, a unique ID is created for the asset, and that unique ID is registered on-chain. Additionally, the asset’s associated smart contract that governs the asset’s access provisions, including pricing, will be registered on-chain.
Once assets are registered, they can be discovered and consumed by ecosystem actors. Nevermined integrates with existing data catalogs to seamlessly publish registered assets to the network, thus mitigating extensive change management and catalog migration requirements. This integration leverages the metadata acquisition and discovery capabilities of a data catalog and introduces pricing for the catalog’s listed assets, as well as facilitating automated access control.
For data to be used in any environment, it must first be discoverable in a coherent and understandable format. Nevermined facilitates a number of mechanisms to enable data discovery within an ecosystem, including a simple out of the box metadata repository. This repository allows Nevermined users to search for published assets that have been registered on-chain, and resolve them against information about those assets. This information includes what the data contains, the data's structure or schema, the data's owner, and the access control parameters associated with the data (i.e. access period, access granularity, price, etc.). Leveraging this architecture pattern allows for the discovery of assets without direct exposure of the asset itself.
Nevermined gives users visibility across all assets in the ecosystem, regardless of where the assets reside. Once the ideal assets have been identified, the user can make a request to consume the asset(s).
Data Discovery is also simplified through integrations with existing data catalog technologies, including Amundsen (Open Source) and Collibra (Closed Source; *coming soon). This integration will leverage the metadata acquisition and discovery capabilities of a data catalog and introduce pricing for the catalog’s listed assets, as well as integrating automated access control. By incorporating data catalogs, Nevermined will reduce the costs associated with searching and identifying new assets that help users gain valuable insights.
Nevermined provides a decentralized engine facilitating the access and execution control of data published in the ecosystem. Industrialized data environments utilize complex identity management and access control via Domain Controllers (i.e Active Directory). These solutions permit access to authenticated and authorized users of a specific domain or network. Implementations like Active Directory enable the management of individual or group permissions within the organization assigning security policies.
At the same time, decentralized ecosystems allow for the interaction and collaboration between different users of the network with full provenancial integrity. In tandem with Domain Controlled Access, Nevermined creates a shared source of truth for data ecosystems.
In data ecosystems where different organizations are members of the same network or consortia, it’s a challenge to handle how the identity is managed within the organization (centralized) and how these different organizations can interact with each other re-using their existing Domain Controllers without moving all the existing identity management rules to a new silo or environment (centralized or decentralized).
Nevermined provides the utility for independent organizations to integrate their existing Domain Controllers in a Decentralized data ecosystem, facilitating decentralized access control without replicating the organization's existing permissions to the network.
Nevermined uses the W3C Verifiable Credentials & Decentralized Identifiers specifications as a building block in the design of the solution. A number of the terms and concepts used are based on these specifications.
The W3C actors are:
An actor possessing one or more credential(s). This user presents these credentials for identification purposes.
The actors asserting the claims about different organization subjects and creating the credentials for those claims and transmitting to the Holder.
The actors receiving credential presentations from Holders for further verification.
The actors associated with the organization's management of internal user and groups permissions.
w3c verifiable credentials actors
Nevermined facilitates the ability for data owners to allow third parties to execute a query or algorithm against their data "in-situ", or where the data currently resides.
For situations where privacy restrictions apply, like those in which the Data Owner never wants to lose control of their data, or the source data can't be accessed directly, Nevermined provides the Decentralized In-Situ Computation (DISC) solution.
The premise behind DISC is that moving data from its existing location is a liability. The data can be leaked in transit or exposed at its destination. Additionally, because of its private nature, moving data often implies regulatory challenges. In these cases, Nevermined provides a solution where the Data Owner allows the execution of an algorithm (Tensorflow, Spark, etc.) within the infrastructure where the data is situated. This results in the Data Consumer providing the algorithm to execute, the algorithm being moved to the Data Owner’s infrastructure where the data is being kept, and the Data Owner executing the algorithm on behalf of the Consumer.
Once the computation is complete, the Data Consumer receives an ephemeral result of the algorithm's execution against the data.
DecentralizeD In-Situ Computation (DISC)
The main capabilities are:
Nevermined's DISC solution is designed to support different computation or backend paradigms, including orchestration via Kubernetes containers in the Data Provider's environment, as well as via the integrated Federated Learning frameworks.
Ability to work with any framework or programming language.
The Data Consumer never gets direct access to actual data, but to an environment controlled by a Data Processor.
An ephemeral environment is created to support the computation so that the algorithm is moved to where the data resides, and the result does not persist if not necessary.
Nevermined supports the orchestration of complex computation pipelines.
All access control and execution is controlled via integration with the Nevermined's service agreements.
Nevermined can be run in the cloud or on-premise.
Nevermined permits the monitoring of a workflow’s execution.
Nevermined supports Federated Learning jobs for data belonging to Data Providers that have federated data environments. More specifically, the Client can implement a data training model using a generic Federated Learning framework, and entrust the Nevermined Compute solution to orchestrate the execution of the algorithm across all participants.
To enable Federated Learning, the Compute backend starts two independent tasks, the Coordinator and the Aggregator. The Coordinator will execute all the management of the participants as part of a federated job, while the Aggregator will perform the secure aggregation of the trained models. Both the Coordinator and Aggregator are ephemeral nodes created on demand, so the job is destroyed once a new execution request is triggered.
Federated framework integration